Whats New?
- Removed the referer check test for $chkPostLocation which was causing issues for sites behind https
- Removed the ban aspect of $testExpiredCookie which now calls a 403 page ban and page die
- Due to session conflicts in osCommerce versions 2.2.x and the $testExpiredCookie, osC_Sec now disables $testExpiredCookie with those versions
- Optional change in the location of the require_once() include in both application_top.php files (see readme.htm for new location) for where osC_Sec is included

To update just replace the osc_sec.php file in your includes directory

Install instructions: see the readme.htm

More...