PDA

View Full Version : osC_Sec - osCommerce Security Addon



michael_s
02-21-2012, 08:17 AM
Whats New?
- Added extra checks in $checkfilename
- Fixed an issue where files contain extra '.'. i.e. file.name.php
- Fix phpSelfFix() function
- Fixed whitespace issue with $this->_httphost
- More additions to the dbShield() function to protect against database injection attempts
- Fixed a number of issues with dbShield() to prevent false positives
- Removed base64_decode aspect of dbShield() due to it causing errors in some configurations
- More additions to getShield() function to detect local file read attempts
- Remake of the postShield() function
- Remake of the cookieShield() function
- Fixed an error in ipTrapped()

New Install instructions: see the readme.htm, as per usual, all updates contain the complete package

Updating:
Replace the osc_sec.php file in your catalogs /includes/ directory with the one in the /includes/ directory of this zip file.

Please report any bugs to the discussion forums at http://goo.gl/dQ3jH or email [email protected]

More... (http://addons.oscommerce.com/info/8283)