osCommerce Online Merchant v2.3.3

osCommerce Online Merchant v2.3.3 is a general maintenance release improving over 30 features.

This release also introduces new Robot NoIndex and Canonical Header Tag Modules, and Google+ +1, Google+ Share, and Pinterest Social Bookmark Modules.

Code Changes

The following changes have been applied:

Title Description Bug Severity
Administration Tool -> Tools -> Send E-Mail (1 file) Convert HTML e-mail to plain-text if HTML E-Mails is disabled. 309 Low
tep_redirect() (2 files) Fix URL encoding by replacing '&' with '&'. 314 Medium
Administration Tool -> Tools -> Define Languages (1 file) Keep the selected language in the language selection pull down menu. 289 Low
Checkout Process (1 file) Improve checking of shopping cart product attributes. 246 Low
Shopping Cart (2 files) Replace hardcoded text with new TEXT_OR and TEXT_REMOVE language definitions. 204 Low
Product Info (3 files) Redirect to store index if no product ID exists in the request URL. 202 Low
Administration Tool Dashboard Modules (3 files) Properly close HTML links. 223 Low
New Products Module (1 file) Fix check on new products existing. 214 Low
Administration Tool -> Catalog -> Reviews (1 file) Fix typo in table width. 178 Low
tep_image() (2 files) Remove extra space in image title. 148 Low
Administration Tool -> Tools -> Action Recorder (1 file) Fix paging of action recorder listing. 336 Low
Administration Tool -> Catalog -> Categories/Products (1 file) Fix casing of onkeyup HTML attribute. 343 Low
Administration Tool -> Catalog -> Categories/Products (1 file) Remove legacy product preview code. 221 Low
Checkout Confirmation (1 file) Improve checking of order comments. 245 Low
Shopping Cart (1 file) Remove legacy TABLE_HEADING_REMOVE, TABLE_HEADING_QUANTITY, TABLE_HEADING_MODEL, and TABLE_HEADING_TOTAL language definitions. 157 Low
Manufacturers (1 file) Improve filtering of manufacturers. 195 Low
Product Information (1 file) Fix the total number of product reviews to count only the reviews in the selected language. 138 Low
Sessions - tep_session_register() (2 files) Also reference and keep track of null variables in the session. This general bug fix also addresses a compatibility issue with PHP 5.4.0. Medium
Sessions - tep_session_recreate() (1 file) Replace internal logic to use session_regenerate_id() for PHP 5.1+ servers. If $SID is defined, also update its value with the new session ID. 465 Medium
Product Information (1 file) Prevent the session ID being added to product images. 445 Low
Payment Class (1 file) Remove legacy PHP 3 code. 377 Low
GZIP Compression (1 file) Automatically disable if PHP 5.4.0 to PHP 5.4.5 is used due to PHP bug #55544. 468 Low
Checkout Shipping (2 files) Improve checking of the shopping cart ID. 473 High
Time Zone Compatibility (2 files) Improve PHP 5.2 Time Zone compatibility by setting the time zone to CFG_TIME_ZONE or to the default time zone if it is not defined. 447 Low
General (6 files) Typecast remaining variables used in SQL queries. Medium
Administration Tool -> Modules (1 file) Fix edit button link containing the module code. 475 Low
Administration Tool -> Tools -> Banner Manager (1 file) Properly delete banner image when the banner is being deleted. 477 Low
Social Bookmark Modules (4 files) Replace hardcoded 'images/' path with DIR_WS_IMAGES. 476 Low
Version Update (1 file) Update version to v2.3.3.

New Modules

The following modules have been added:

Title Description
Robot NoIndex Header Tag Module Adds a noindex meta tag to specified pages.
Google+ +1 Button and Google+ Share Social Bookmark Modules Adds Google+ +1 and Google+ Share buttons to the product information page.
Canonical Header Tag Module Adds canonical meta links to the product information and category listing pages.
Pinterest Social Bookmark Module Adds Pinterest share button to the product information page.

External Library Updates

The following external libraries have been updated:

Title Description
960.gs Updated to latest version.
jQuery 1.4.2 to 1.8.0.
jQuery UI 1.8.6 to 1.8.22.
bxGallery Compatibility changes for jQuery 1.8.0.

API Changes

The following API changes have been applied:

Title Description
Time Zone Added new CFG_TIME_ZONE configuration parameter to set the default time zone to. (Active for PHP 5.2+ servers)
Sessions - tep_session_recreate() This function is now only active on PHP 5.1+ servers.

Language Definitions

The following languages definitions have been modified:

Language File Definitions Status
modules/header_tags/ht_canonical.php MODULE_HEADER_TAGS_CANONICAL_TITLE
MODULE_HEADER_TAGS_CANONICAL_DESCRIPTION
New
New
modules/header_tags/ht_robot_noindex.php MODULE_HEADER_TAGS_ROBOT_NOINDEX_TITLE
MODULE_HEADER_TAGS_ROBOT_NOINDEX_DESCRIPTION
New
New
modules/social_bookmarks/sb_google_plus_one.php MODULE_SOCIAL_BOOKMARKS_GOOGLE_PLUS_ONE_TITLE
MODULE_SOCIAL_BOOKMARKS_GOOGLE_PLUS_ONE_DESCRIPTION
MODULE_SOCIAL_BOOKMARKS_GOOGLE_PLUS_ONE_PUBLIC_TITLE
New
New
New
modules/social_bookmarks/sb_google_plus_share.php MODULE_SOCIAL_BOOKMARKS_GOOGLE_PLUS_SHARE_TITLE
MODULE_SOCIAL_BOOKMARKS_GOOGLE_PLUS_SHARE_DESCRIPTION
MODULE_SOCIAL_BOOKMARKS_GOOGLE_PLUS_SHARE_PUBLIC_TITLE
New
New
New
modules/social_bookmarks/sb_pinterest.php MODULE_SOCIAL_BOOKMARKS_PINTEREST_TITLE
MODULE_SOCIAL_BOOKMARKS_PINTEREST_DESCRIPTION
MODULE_SOCIAL_BOOKMARKS_PINTEREST_PUBLIC_TITLE
New
New
New
shopping_cart.php TEXT_OR
TEXT_REMOVE
TABLE_HEADING_REMOVE
TABLE_HEADING_QUANTITY
TABLE_HEADING_MODEL
TABLE_HEADING_TOTAL
New
New
Deleted
Deleted
Deleted
Deleted

Upgrading from v2.3.2

Modified Files

Files that have been modified in this release include:

Modified Files
admin/action_recorder.php
admin/banner_manager.php
admin/categories.php
admin/define_language.php
admin/includes/functions/compatibility.php
admin/includes/functions/general.php
admin/includes/functions/html_output.php
admin/includes/functions/sessions.php
admin/includes/modules/dashboard/d_customers.php
admin/includes/modules/dashboard/d_orders.php
admin/includes/modules/dashboard/d_reviews.php
admin/includes/template_top.php
admin/mail.php
admin/modules.php
admin/reviews.php
checkout_confirmation.php
checkout_payment_address.php
checkout_process.php
checkout_shipping.php
download.php
includes/application_top.php
includes/classes/payment.php
includes/classes/shopping_cart.php
includes/functions/banner.php
includes/functions/compatibility.php
includes/functions/general.php
includes/functions/html_output.php
includes/functions/sessions.php
includes/functions/specials.php
includes/languages/english/shopping_cart.php
includes/modules/new_products.php
includes/modules/social_bookmarks/sb_digg.php
includes/modules/social_bookmarks/sb_email.php
includes/modules/social_bookmarks/sb_facebook.php
includes/modules/social_bookmarks/sb_twitter.php
includes/template_top.php
includes/version.php
index.php
product_info.php
product_reviews.php
product_reviews_write.php
shopping_cart.php

New Files

Files that have been added to this release include:

New Files
includes/languages/english/modules/header_tags/ht_canonical.php
includes/languages/english/modules/header_tags/ht_robot_noindex.php
includes/languages/english/modules/social_bookmarks/sb_google_plus_one.php
includes/languages/english/modules/social_bookmarks/sb_google_plus_share.php
includes/languages/english/modules/social_bookmarks/sb_pinterest.php
includes/modules/header_tags/ht_canonical.php
includes/modules/header_tags/ht_robot_noindex.php
includes/modules/social_bookmarks/sb_google_plus_one.php
includes/modules/social_bookmarks/sb_google_plus_share.php
includes/modules/social_bookmarks/sb_pinterest.php

File Changes

Administration Tool -> Tools -> Send E-Mail (1 file)

admin/mail.php

around line 44, change:

if (EMAIL_USE_HTML == 'true') {
  $mimemessage->add_html($message, $text);
} else {
  $mimemessage->add_text($message);
}

to:

if (EMAIL_USE_HTML == 'true') {
  $mimemessage->add_html($message, $text);
} else {
  $mimemessage->add_text($text);
}

View online at GitHub

tep_redirect() (2 files)

admin/includes/functions/general.php

change tep_redirect() from:

function tep_redirect($url) {
  global $logger;

  if ( (strstr($url, "\n") != false) || (strstr($url, "\r") != false) ) {
    tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'NONSSL', false));
  }

  header('Location: ' . $url);

  if (STORE_PAGE_PARSE_TIME == 'true') {
    if (!is_object($logger)) $logger = new logger;
    $logger->timer_stop();
  }

  exit;
}

to:

function tep_redirect($url) {
  global $logger;

  if ( (strstr($url, "\n") != false) || (strstr($url, "\r") != false) ) {
    tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'NONSSL', false));
  }

  if ( strpos($url, '&') !== false ) {
    $url = str_replace('&', '&', $url);
  }

  header('Location: ' . $url);

  if (STORE_PAGE_PARSE_TIME == 'true') {
    if (!is_object($logger)) $logger = new logger;
    $logger->timer_stop();
  }

  exit;
}

includes/functions/general.php

change tep_redirect() from:

function tep_redirect($url) {
  if ( (strstr($url, "\n") != false) || (strstr($url, "\r") != false) ) {
    tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'NONSSL', false));
  }

  if ( (ENABLE_SSL == true) && (getenv('HTTPS') == 'on') ) { // We are loading an SSL page
    if (substr($url, 0, strlen(HTTP_SERVER)) == HTTP_SERVER) { // NONSSL url
      $url = HTTPS_SERVER . substr($url, strlen(HTTP_SERVER)); // Change it to SSL
    }
  }

  header('Location: ' . $url);

  tep_exit();
}

to:

function tep_redirect($url) {
  if ( (strstr($url, "\n") != false) || (strstr($url, "\r") != false) ) {
    tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'NONSSL', false));
  }

  if ( (ENABLE_SSL == true) && (getenv('HTTPS') == 'on') ) { // We are loading an SSL page
    if (substr($url, 0, strlen(HTTP_SERVER)) == HTTP_SERVER) { // NONSSL url
      $url = HTTPS_SERVER . substr($url, strlen(HTTP_SERVER)); // Change it to SSL
    }
  }

  if ( strpos($url, '&') !== false ) {
    $url = str_replace('&', '&', $url);
  }

  header('Location: ' . $url);

  tep_exit();
}

View online at GitHub

Administration Tool -> Tools -> Define Languages (1 file)

admin/define_language.php

around line 97, change from:

<td class="pageHeading" align="right"><?php echo tep_draw_pull_down_menu('lngdir', $languages_array, $language, 'onchange="this.form.submit();"'); ?></td>

to:

<td class="pageHeading" align="right"><?php echo tep_draw_pull_down_menu('lngdir', $languages_array, $HTTP_GET_VARS['lngdir'], 'onchange="this.form.submit();"'); ?></td>

View online at GitHub

Checkout Process (1 file)

checkout_process.php

around line 156, change from:

// Will work with only one option for downloadable products
// otherwise, we have to build the query dynamically with a loop
$products_attributes = $order->products[$i]['attributes'];

to:

// Will work with only one option for downloadable products
// otherwise, we have to build the query dynamically with a loop
$products_attributes = (isset($order->products[$i]['attributes'])) ? $order->products[$i]['attributes'] : '';

View online at GitHub

Shopping Cart (2 files)

includes/languages/english/shopping_cart.php

add the following language definitions:

define('TEXT_OR', 'or ');
define('TEXT_REMOVE', 'remove');
Please perform the same changes to other languages you may have installed.

shopping_cart.php

around line 97, change from:

$products_name .= '<br /><br />' . tep_draw_input_field('cart_quantity[]', $products[$i]['quantity'], 'size="4"') . tep_draw_hidden_field('products_id[]', $products[$i]['id']) . tep_draw_button(IMAGE_BUTTON_UPDATE, 'refresh') . '   or <a href="' . tep_href_link(FILENAME_SHOPPING_CART, 'products_id=' . $products[$i]['id'] . '&action=remove_product') . '">remove</a>';

to:

$products_name .= '<br /><br />' . tep_draw_input_field('cart_quantity[]', $products[$i]['quantity'], 'size="4"') . tep_draw_hidden_field('products_id[]', $products[$i]['id']) . tep_draw_button(IMAGE_BUTTON_UPDATE, 'refresh') . '   ' . TEXT_OR . '<a href="' . tep_href_link(FILENAME_SHOPPING_CART, 'products_id=' . $products[$i]['id'] . '&action=remove_product') . '">' . TEXT_REMOVE . '</a>';

View online at GitHub

Product Info (3 files)

product_info.php

around line 13, change from:

require('includes/application_top.php');

require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_PRODUCT_INFO);

to:

require('includes/application_top.php');

if (!isset($HTTP_GET_VARS['products_id'])) {
  tep_redirect(tep_href_link(FILENAME_DEFAULT));
}

require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_PRODUCT_INFO);

product_reviews.php

around line 13, change from:

require('includes/application_top.php');

if (!isset($HTTP_GET_VARS['products_id']) || !is_numeric($HTTP_GET_VARS['products_id'])) {
  tep_redirect(tep_href_link(FILENAME_REVIEWS));
}

to:

require('includes/application_top.php');

if (!isset($HTTP_GET_VARS['products_id'])) {
  tep_redirect(tep_href_link(FILENAME_REVIEWS));
}

product_reviews_write.php

around line 17, change from:

if (!tep_session_is_registered('customer_id')) {
  $navigation->set_snapshot();
  tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
}

to:

if (!tep_session_is_registered('customer_id')) {
  $navigation->set_snapshot();
  tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
}

if (!isset($HTTP_GET_VARS['products_id'])) {
  tep_redirect(tep_href_link(FILENAME_PRODUCT_REVIEWS, tep_get_all_get_params(array('action'))));
}

View online at GitHub

Administration Tool Dashboard Modules (3 files)

admin/includes/modules/dashboard/d_customers.php

around line 40, change from:

' <td class="dataTableContent"><a href="' . tep_href_link(FILENAME_CUSTOMERS, 'cID=' . (int)$customers['customers_id'] . '&action=edit') . '">' . tep_output_string_protected($customers['customers_firstname'] . ' ' . $customers['customers_lastname']) . '</td>' .

to:

' <td class="dataTableContent"><a href="' . tep_href_link(FILENAME_CUSTOMERS, 'cID=' . (int)$customers['customers_id'] . '&action=edit') . '">' . tep_output_string_protected($customers['customers_firstname'] . ' ' . $customers['customers_lastname']) . '</a></td>' .

admin/includes/modules/dashboard/d_orders.php

around line 44, change from:

' <td class="dataTableContent"><a href="' . tep_href_link(FILENAME_ORDERS, 'oID=' . (int)$orders['orders_id'] . '&action=edit') . '">' . tep_output_string_protected($orders['customers_name']) . '</td>' .

to:

' <td class="dataTableContent"><a href="' . tep_href_link(FILENAME_ORDERS, 'oID=' . (int)$orders['orders_id'] . '&action=edit') . '">' . tep_output_string_protected($orders['customers_name']) . '</a></td>' .

admin/includes/modules/dashboard/d_reviews.php

around line 46, change from:

' <td class="dataTableContent"><a href="' . tep_href_link(FILENAME_REVIEWS, 'rID=' . (int)$reviews['reviews_id'] . '&action=edit') . '">' . $reviews['products_name'] . '</td>' .

to:

' <td class="dataTableContent"><a href="' . tep_href_link(FILENAME_REVIEWS, 'rID=' . (int)$reviews['reviews_id'] . '&action=edit') . '">' . $reviews['products_name'] . '</a></td>' .

View online at GitHub

New Products Module (1 file)

includes/modules/new_products.php

around line 21, change from:

if ($new_products_query > 0) {
  $counter = 0;
  $col = 0;

to:

if ($num_new_products > 0) {
  $counter = 0;
  $col = 0;

View online at GitHub

Administration Tool -> Catalog -> Reviews (1 file)

admin/reviews.php

around line 100, change from:

<td><table witdh="100%" border="0" cellspacing="0" cellpadding="0">

to:

<td><table width="100%" border="0" cellspacing="0" cellpadding="0">

around line 150, change from:

<td><table witdh="100%" border="0" cellspacing="0" cellpadding="0">

to:

<td><table width="100%" border="0" cellspacing="0" cellpadding="0">

View online at GitHub

tep_image() (2 files)

admin/includes/functions/html_output.php

in the tep_image() function, change the following code block from:

if (tep_not_null($alt)) {
  $image .= ' title=" ' . tep_output_string($alt) . ' "';
}

to:

if (tep_not_null($alt)) {
  $image .= ' title="' . tep_output_string($alt) . '"';
}

includes/functions/html_output.php

in the tep_image() function, change the following code block from:

if (tep_not_null($alt)) {
  $image .= ' title=" ' . tep_output_string($alt) . ' "';
}

to:

if (tep_not_null($alt)) {
  $image .= ' title="' . tep_output_string($alt) . '"';
}

View online at GitHub

Administration Tool -> Tools -> Action Recorder (1 file)

admin/action_recorder.php

around line 161, change from:

echo ' <tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . tep_href_link(FILENAME_ACTION_RECORDER, 'aID=' . $actions['id']) . '\'">' . "\n";

to:

echo ' <tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . tep_href_link(FILENAME_ACTION_RECORDER, tep_get_all_get_params(array('aID')) . 'aID=' . $actions['id']) . '\'">' . "\n";

around line 168, change from:

<td class="dataTableContent" align="right"><?php if ( (isset($aInfo) && is_object($aInfo)) && ($actions['id'] == $aInfo->id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '<a href="' . tep_href_link(FILENAME_ACTION_RECORDER, 'aID=' . $actions['id']) . '">' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . '</a>'; } ?> </td>

to:

<td class="dataTableContent" align="right"><?php if ( (isset($aInfo) && is_object($aInfo)) && ($actions['id'] == $aInfo->id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '<a href="' . tep_href_link(FILENAME_ACTION_RECORDER, tep_get_all_get_params(array('aID')) . 'aID=' . $actions['id']) . '">' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . '</a>'; } ?> </td>

View online at GitHub

Administration Tool -> Catalog -> Categories/Products (1 file)

admin/categories.php

around line 548, change from:

<td class="main"><?php echo tep_draw_separator('pixel_trans.gif', '24', '15') . ' ' . tep_draw_input_field('products_price', $pInfo->products_price, 'onKeyUp="updateGross()"'); ?></td>

to:

<td class="main"><?php echo tep_draw_separator('pixel_trans.gif', '24', '15') . ' ' . tep_draw_input_field('products_price', $pInfo->products_price, 'onkeyup="updateGross()"'); ?></td>

around line 552, change from:

<td class="main"><?php echo tep_draw_separator('pixel_trans.gif', '24', '15') . ' ' . tep_draw_input_field('products_price_gross', $pInfo->products_price, 'OnKeyUp="updateNet()"'); ?></td>

to:

<td class="main"><?php echo tep_draw_separator('pixel_trans.gif', '24', '15') . ' ' . tep_draw_input_field('products_price_gross', $pInfo->products_price, 'onkeyup="updateNet()"'); ?></td>

View online at GitHub

Administration Tool -> Catalog -> Categories/Products (1 file)

admin/categories.php

around line 534, change from:

<td class="main"><?php echo tep_image(DIR_WS_CATALOG_LANGUAGES . $languages[$i]['directory'] . '/images/' . $languages[$i]['image'], $languages[$i]['name']) . ' ' . tep_draw_input_field('products_name[' . $languages[$i]['id'] . ']', (isset($products_name[$languages[$i]['id']]) ? stripslashes($products_name[$languages[$i]['id']]) : tep_get_products_name($pInfo->products_id, $languages[$i]['id']))); ?></td>

to:

<td class="main"><?php echo tep_image(DIR_WS_CATALOG_LANGUAGES . $languages[$i]['directory'] . '/images/' . $languages[$i]['image'], $languages[$i]['name']) . ' ' . tep_draw_input_field('products_name[' . $languages[$i]['id'] . ']', (empty($pInfo->products_id) ? '' : tep_get_products_name($pInfo->products_id, $languages[$i]['id']))); ?></td>

around line 568, change from:

<td class="main"><?php echo tep_draw_textarea_field('products_description[' . $languages[$i]['id'] . ']', 'soft', '70', '15', (isset($products_description[$languages[$i]['id']]) ? stripslashes($products_description[$languages[$i]['id']]) : tep_get_products_description($pInfo->products_id, $languages[$i]['id']))); ?></td>

to:

<td class="main"><?php echo tep_draw_textarea_field('products_description[' . $languages[$i]['id'] . ']', 'soft', '70', '15', (empty($pInfo->products_id) ? '' : tep_get_products_description($pInfo->products_id, $languages[$i]['id']))); ?></td>

View online at GitHub

Checkout Confirmation (1 file)

checkout_confirmation.php

around line 41, change from:

if (!tep_session_is_registered('comments')) tep_session_register('comments');
if (tep_not_null($HTTP_POST_VARS['comments'])) {
  $comments = tep_db_prepare_input($HTTP_POST_VARS['comments']);
}

to:

if (!tep_session_is_registered('comments')) tep_session_register('comments');
if (isset($HTTP_POST_VARS['comments']) && tep_not_null($HTTP_POST_VARS['comments'])) {
  $comments = tep_db_prepare_input($HTTP_POST_VARS['comments']);
}

around line 241, change from:

<?php
  for ($i=0, $n=sizeof($confirmation['fields']); $i<$n; $i++) {
?>

<tr>
  <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
  <td class="main"><?php echo $confirmation['fields'][$i]['title']; ?></td>
  <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
  <td class="main"><?php echo $confirmation['fields'][$i]['field']; ?></td>
</tr>

<?php
  }
?>

to:

<?php
  if (isset($confirmation['fields'])) {
    for ($i=0, $n=sizeof($confirmation['fields']); $i<$n; $i++) {
?>

<tr>
  <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
  <td class="main"><?php echo $confirmation['fields'][$i]['title']; ?></td>
  <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
  <td class="main"><?php echo $confirmation['fields'][$i]['field']; ?></td>
</tr>

<?php
    }
  }
?>

View online at GitHub

Shopping Cart (1 file)

includes/languages/english/shopping_cart.php

remove the following language definitions:

define('TABLE_HEADING_REMOVE', 'Remove');
define('TABLE_HEADING_QUANTITY', 'Qty.');
define('TABLE_HEADING_MODEL', 'Model');
define('TABLE_HEADING_TOTAL', 'Total');
Please perform the same changes to other languages you may have installed.

View online at GitHub

Manufacturers (1 file)

index.php

around line 94, change from:

} elseif ($category_depth == 'products' || isset($HTTP_GET_VARS['manufacturers_id'])) {

to:

} elseif ($category_depth == 'products' || (isset($HTTP_GET_VARS['manufacturers_id']) && !empty($HTTP_GET_VARS['manufacturers_id']))) {

around line 139, change from:

if (isset($HTTP_GET_VARS['manufacturers_id'])) {

to:

if (isset($HTTP_GET_VARS['manufacturers_id']) && !empty($HTTP_GET_VARS['manufacturers_id'])) {

around line 196, change from:

if (isset($HTTP_GET_VARS['manufacturers_id'])) {

to:

if (isset($HTTP_GET_VARS['manufacturers_id']) && !empty($HTTP_GET_VARS['manufacturers_id'])) {

around line 214, change from:

if (isset($HTTP_GET_VARS['manufacturers_id'])) {

to:

if (isset($HTTP_GET_VARS['manufacturers_id']) && !empty($HTTP_GET_VARS['manufacturers_id'])) {

around line 222, change from:

if (isset($HTTP_GET_VARS['manufacturers_id'])) {

to:

if (isset($HTTP_GET_VARS['manufacturers_id']) && !empty($HTTP_GET_VARS['manufacturers_id'])) {

View online at GitHub

Product Information (1 file)

product_info.php

around line 193, change from:

$reviews_query = tep_db_query("select count(*) as count from " . TABLE_REVIEWS . " where products_id = '" . (int)$HTTP_GET_VARS['products_id'] . "' and reviews_status = 1");

to:

$reviews_query = tep_db_query("select count(*) as count from " . TABLE_REVIEWS . " r, " . TABLE_REVIEWS_DESCRIPTION . " rd where r.products_id = '" . (int)$HTTP_GET_VARS['products_id'] . "' and r.reviews_id = rd.reviews_id and rd.languages_id = '" . (int)$languages_id . "' and reviews_status = 1");

View online at GitHub

Sessions - tep_session_register() (2 files)

admin/includes/functions/sessions.php

in tep_session_register(), change from:

function tep_session_register($variable) {
  if (PHP_VERSION < 4.3) {
    return session_register($variable);
  } else {
    if (isset($GLOBALS[$variable])) {
      $_SESSION[$variable] =& $GLOBALS[$variable];
    } else {
      $_SESSION[$variable] = null;
    }
  }

  return false;
}

to:

function tep_session_register($variable) {
  if (PHP_VERSION < 4.3) {
    return session_register($variable);
  } else {
    if (!isset($GLOBALS[$variable])) {
      $GLOBALS[$variable] = null;
    }

    $_SESSION[$variable] =& $GLOBALS[$variable];
  }

  return false;
}

includes/functions/sessions.php

in tep_session_register(), change from:

function tep_session_register($variable) {
  global $session_started;

  if ($session_started == true) {
    if (PHP_VERSION < 4.3) {
      return session_register($variable);
    } else {
      if (isset($GLOBALS[$variable])) {
        $_SESSION[$variable] =& $GLOBALS[$variable];
      } else {
        $_SESSION[$variable] = null;
      }
    }
  }

  return false;
}

to:

function tep_session_register($variable) {
  global $session_started;

  if ($session_started == true) {
    if (PHP_VERSION < 4.3) {
      return session_register($variable);
    } else {
      if (!isset($GLOBALS[$variable])) {
        $GLOBALS[$variable] = null;
      }

      $_SESSION[$variable] =& $GLOBALS[$variable];
    }
  }

  return false;
}

View online at GitHub

Sessions - tep_session_recreate() (1 file)

includes/functions/sessions.php

in tep_session_recreate(), change from:

function tep_session_recreate() {
  if (PHP_VERSION >= 4.1) {
    $session_backup = $_SESSION;

    unset($_COOKIE[tep_session_name()]);

    tep_session_destroy();

    if (STORE_SESSIONS == 'mysql') {
      session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', '_sess_destroy', '_sess_gc');
    }

    tep_session_start();

    $_SESSION = $session_backup;
    unset($session_backup);
  }
}

to:

function tep_session_recreate() {
  global $SID;

  if (PHP_VERSION >= 5.1) {
    session_regenerate_id(true);

    if (!empty($SID)) {
      $SID = tep_session_name() . '=' . tep_session_id();
    }
  }
}

View online at GitHub

Product Information (1 file)

product_info.php

around line 89, change from:

$pi_entry .= tep_href_link(DIR_WS_IMAGES . $pi['image']);

to:

$pi_entry .= tep_href_link(DIR_WS_IMAGES . $pi['image'], '', 'NONSSL', false);

around line 122, change from:

<?php echo '<a href="' . tep_href_link(DIR_WS_IMAGES . $product_info['products_image']) . '" target="_blank" rel="fancybox">' . tep_image(DIR_WS_IMAGES . $product_info['products_image'], addslashes($product_info['products_name']), null, null, 'hspace="5" vspace="5"') . '</a>'; ?>

to:

<?php echo '<a href="' . tep_href_link(DIR_WS_IMAGES . $product_info['products_image'], '', 'NONSSL', false) . '" target="_blank" rel="fancybox">' . tep_image(DIR_WS_IMAGES . $product_info['products_image'], addslashes($product_info['products_name']), null, null, 'hspace="5" vspace="5"') . '</a>'; ?>

View online at GitHub

Payment Class (1 file)

includes/classes/payment.php

change update_status() from:

function update_status() {
  if (is_array($this->modules)) {
    if (is_object($GLOBALS[$this->selected_module])) {
      if (function_exists('method_exists')) {
        if (method_exists($GLOBALS[$this->selected_module], 'update_status')) {
          $GLOBALS[$this->selected_module]->update_status();
        }
      } else { // PHP3 compatibility
        @call_user_method('update_status', $GLOBALS[$this->selected_module]);
      }
    }
  }
}

to:

function update_status() {
  if (is_array($this->modules)) {
    if (is_object($GLOBALS[$this->selected_module])) {
      if (method_exists($GLOBALS[$this->selected_module], 'update_status')) {
        $GLOBALS[$this->selected_module]->update_status();
      }
    }
  }
}

View online at GitHub

GZIP Compression (1 file)

includes/application_top.php

around line 74, change from:

if ( (GZIP_COMPRESSION == 'true') && ($ext_zlib_loaded = extension_loaded('zlib')) && (PHP_VERSION >= '4') ) {
  if (($ini_zlib_output_compression = (int)ini_get('zlib.output_compression')) < 1) {
    if (PHP_VERSION >= '4.0.4') {
      ob_start('ob_gzhandler');
    } else {
      include(DIR_WS_FUNCTIONS . 'gzip_compression.php');
      ob_start();
      ob_implicit_flush();
    }
  } else {
    ini_set('zlib.output_compression_level', GZIP_LEVEL);
  }
}

to:

if ( (GZIP_COMPRESSION == 'true') && ($ext_zlib_loaded = extension_loaded('zlib')) && !headers_sent() ) {
  if (($ini_zlib_output_compression = (int)ini_get('zlib.output_compression')) < 1) {
    if (PHP_VERSION < '5.4' || PHP_VERSION > '5.4.5') { // see PHP bug 55544
      if (PHP_VERSION >= '4.0.4') {
        ob_start('ob_gzhandler');
      } elseif (PHP_VERSION >= '4.0.1') {
        include(DIR_WS_FUNCTIONS . 'gzip_compression.php');
        ob_start();
        ob_implicit_flush();
      }
    }
  } elseif (function_exists('ini_set')) {
    ini_set('zlib.output_compression_level', GZIP_LEVEL);
  }
}

View online at GitHub

Checkout Shipping (2 files)

checkout_shipping.php

around line 49, change from:

if (!tep_session_is_registered('cartID')) tep_session_register('cartID');
$cartID = $cart->cartID;

to:

if (!tep_session_is_registered('cartID')) {
  tep_session_register('cartID');
} elseif (($cartID != $cart->cartID) && tep_session_is_registered('shipping')) {
  tep_session_unregister('shipping');
}

$cartID = $cart->cartID = $cart->generate_cart_id();

includes/classes/shopping_cart.php

change update_quantity() from:

function update_quantity($products_id, $quantity = '', $attributes = '') {
  global $customer_id;

  $products_id_string = tep_get_uprid($products_id, $attributes);
  $products_id = tep_get_prid($products_id_string);

  if (defined('MAX_QTY_IN_CART') && (MAX_QTY_IN_CART > 0) && ((int)$quantity > MAX_QTY_IN_CART)) {
    $quantity = MAX_QTY_IN_CART;
  }

  $attributes_pass_check = true;

  if (is_array($attributes)) {
    reset($attributes);
    while (list($option, $value) = each($attributes)) {
      if (!is_numeric($option) || !is_numeric($value)) {
        $attributes_pass_check = false;
        break;
      }
    }
  }

  if (is_numeric($products_id) && isset($this->contents[$products_id_string]) && is_numeric($quantity) && ($attributes_pass_check == true)) {
    $this->contents[$products_id_string] = array('qty' => (int)$quantity);
// update database
    if (tep_session_is_registered('customer_id')) tep_db_query("update " . TABLE_CUSTOMERS_BASKET . " set customers_basket_quantity = '" . (int)$quantity . "' where customers_id = '" . (int)$customer_id . "' and products_id = '" . tep_db_input($products_id_string) . "'");

    if (is_array($attributes)) {
      reset($attributes);
      while (list($option, $value) = each($attributes)) {
        $this->contents[$products_id_string]['attributes'][$option] = $value;
// update database
        if (tep_session_is_registered('customer_id')) tep_db_query("update " . TABLE_CUSTOMERS_BASKET_ATTRIBUTES . " set products_options_value_id = '" . (int)$value . "' where customers_id = '" . (int)$customer_id . "' and products_id = '" . tep_db_input($products_id_string) . "' and products_options_id = '" . (int)$option . "'");
      }
    }
  }
}

to:

function update_quantity($products_id, $quantity = '', $attributes = '') {
  global $customer_id;

  $products_id_string = tep_get_uprid($products_id, $attributes);
  $products_id = tep_get_prid($products_id_string);

  if (defined('MAX_QTY_IN_CART') && (MAX_QTY_IN_CART > 0) && ((int)$quantity > MAX_QTY_IN_CART)) {
    $quantity = MAX_QTY_IN_CART;
  }

  $attributes_pass_check = true;

  if (is_array($attributes)) {
    reset($attributes);
    while (list($option, $value) = each($attributes)) {
      if (!is_numeric($option) || !is_numeric($value)) {
        $attributes_pass_check = false;
        break;
      }
    }
  }

  if (is_numeric($products_id) && isset($this->contents[$products_id_string]) && is_numeric($quantity) && ($attributes_pass_check == true)) {
    $this->contents[$products_id_string] = array('qty' => (int)$quantity);
// update database
    if (tep_session_is_registered('customer_id')) tep_db_query("update " . TABLE_CUSTOMERS_BASKET . " set customers_basket_quantity = '" . (int)$quantity . "' where customers_id = '" . (int)$customer_id . "' and products_id = '" . tep_db_input($products_id_string) . "'");

    if (is_array($attributes)) {
      reset($attributes);
      while (list($option, $value) = each($attributes)) {
        $this->contents[$products_id_string]['attributes'][$option] = $value;
// update database
        if (tep_session_is_registered('customer_id')) tep_db_query("update " . TABLE_CUSTOMERS_BASKET_ATTRIBUTES . " set products_options_value_id = '" . (int)$value . "' where customers_id = '" . (int)$customer_id . "' and products_id = '" . tep_db_input($products_id_string) . "' and products_options_id = '" . (int)$option . "'");
      }
    }

// assign a temporary unique ID to the order contents to prevent hack attempts during the checkout procedure
    $this->cartID = $this->generate_cart_id();
  }
}

View online at GitHub

Time Zone Compatibility (2 files)

admin/includes/functions/compatibility.php

around line 53, change from:

if ((strlen(ini_get('date.timezone')) < 1) && function_exists('date_default_timezone_set')) {
  date_default_timezone_set(@date_default_timezone_get());
}

to:

if (PHP_VERSION >= '5.2') {
  date_default_timezone_set(defined('CFG_TIME_ZONE') ? CFG_TIME_ZONE : date_default_timezone_get());
}

includes/functions/compatibility.php

around line 53, change from:

if ((strlen(ini_get('date.timezone')) < 1) && function_exists('date_default_timezone_set')) {
  date_default_timezone_set(@date_default_timezone_get());
}

to:

if (PHP_VERSION >= '5.2') {
  date_default_timezone_set(defined('CFG_TIME_ZONE') ? CFG_TIME_ZONE : date_default_timezone_get());
}

If you would like to set the correct time zone on your server and your PHP version is 5.2+, add the following parameter to admin/includes/configure.php and includes/configure.php with the correct time zone setting:

define('CFG_TIME_ZONE', 'Europe/Berlin');

A list of PHP time zones can be viewed at:

http://php.net/manual/en/timezones.php

View online at GitHub

General (6 files)

checkout_payment_address.php

around line 300, change from:

$addresses_query = tep_db_query("select address_book_id, entry_firstname as firstname, entry_lastname as lastname, entry_company as company, entry_street_address as street_address, entry_suburb as suburb, entry_city as city, entry_postcode as postcode, entry_state as state, entry_zone_id as zone_id, entry_country_id as country_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . $customer_id . "'");

to:

$addresses_query = tep_db_query("select address_book_id, entry_firstname as firstname, entry_lastname as lastname, entry_company as company, entry_street_address as street_address, entry_suburb as suburb, entry_city as city, entry_postcode as postcode, entry_state as state, entry_zone_id as zone_id, entry_country_id as country_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int)$customer_id . "'");

checkout_process.php

around line 160, change from:

$stock_query_raw .= " AND pa.options_id = '" . $products_attributes[0]['option_id'] . "' AND pa.options_values_id = '" . $products_attributes[0]['value_id'] . "'";

to:

$stock_query_raw .= " AND pa.options_id = '" . (int)$products_attributes[0]['option_id'] . "' AND pa.options_values_id = '" . (int)$products_attributes[0]['value_id'] . "'";

around line 174, change from:

tep_db_query("update " . TABLE_PRODUCTS . " set products_quantity = '" . $stock_left . "' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");

to:

tep_db_query("update " . TABLE_PRODUCTS . " set products_quantity = '" . (int)$stock_left . "' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");

around line 202, change from:

$attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename
                     from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa
                     left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad
                     on pa.products_attributes_id=pad.products_attributes_id
                     where pa.products_id = '" . $order->products[$i]['id'] . "'
                     and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'
                     and pa.options_id = popt.products_options_id
                     and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'
                     and pa.options_values_id = poval.products_options_values_id
                     and popt.language_id = '" . $languages_id . "'
                     and poval.language_id = '" . $languages_id . "'";

to:

$attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename
                     from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa
                     left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad
                     on pa.products_attributes_id=pad.products_attributes_id
                     where pa.products_id = '" . (int)$order->products[$i]['id'] . "'
                     and pa.options_id = '" . (int)$order->products[$i]['attributes'][$j]['option_id'] . "'
                     and pa.options_id = popt.products_options_id
                     and pa.options_values_id = '" . (int)$order->products[$i]['attributes'][$j]['value_id'] . "'
                     and pa.options_values_id = poval.products_options_values_id
                     and popt.language_id = '" . (int)$languages_id . "'
                     and poval.language_id = '" . (int)$languages_id . "'";

around line 215, change from:

$attributes = tep_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $languages_id . "' and poval.language_id = '" . $languages_id . "'");

to:

$attributes = tep_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . (int)$order->products[$i]['id'] . "' and pa.options_id = '" . (int)$order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . (int)$order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . (int)$languages_id . "' and poval.language_id = '" . (int)$languages_id . "'");

download.php

around line 23, change from:

$downloads_query = tep_db_query("select date_format(o.date_purchased, '%Y-%m-%d') as date_purchased_day, opd.download_maxdays, opd.download_count, opd.download_maxdays, opd.orders_products_filename from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_PRODUCTS . " op, " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " opd, " . TABLE_ORDERS_STATUS . " os where o.customers_id = '" . $customer_id . "' and o.orders_id = '" . (int)$HTTP_GET_VARS['order'] . "' and o.orders_id = op.orders_id and op.orders_products_id = opd.orders_products_id and opd.orders_products_download_id = '" . (int)$HTTP_GET_VARS['id'] . "' and opd.orders_products_filename != '' and o.orders_status = os.orders_status_id and os.downloads_flag = '1' and os.language_id = '" . (int)$languages_id . "'");

to:

$downloads_query = tep_db_query("select date_format(o.date_purchased, '%Y-%m-%d') as date_purchased_day, opd.download_maxdays, opd.download_count, opd.download_maxdays, opd.orders_products_filename from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_PRODUCTS . " op, " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " opd, " . TABLE_ORDERS_STATUS . " os where o.customers_id = '" . (int)$customer_id . "' and o.orders_id = '" . (int)$HTTP_GET_VARS['order'] . "' and o.orders_id = op.orders_id and op.orders_products_id = opd.orders_products_id and opd.orders_products_download_id = '" . (int)$HTTP_GET_VARS['id'] . "' and opd.orders_products_filename != '' and o.orders_status = os.orders_status_id and os.downloads_flag = '1' and os.language_id = '" . (int)$languages_id . "'");

includes/application_top.php

around line 369, change from:

$check_query = tep_db_query("select count(*) as count from " . TABLE_PRODUCTS_NOTIFICATIONS . " where products_id = '" . $notify[$i] . "' and customers_id = '" . $customer_id . "'");

to:

$check_query = tep_db_query("select count(*) as count from " . TABLE_PRODUCTS_NOTIFICATIONS . " where products_id = '" . (int)$notify[$i] . "' and customers_id = '" . (int)$customer_id . "'");

around line 372, change from:

tep_db_query("insert into " . TABLE_PRODUCTS_NOTIFICATIONS . " (products_id, customers_id, date_added) values ('" . $notify[$i] . "', '" . $customer_id . "', now())");

to:

tep_db_query("insert into " . TABLE_PRODUCTS_NOTIFICATIONS . " (products_id, customers_id, date_added) values ('" . (int)$notify[$i] . "', '" . (int)$customer_id . "', now())");

around line 382, change from:

$check_query = tep_db_query("select count(*) as count from " . TABLE_PRODUCTS_NOTIFICATIONS . " where products_id = '" . $HTTP_GET_VARS['products_id'] . "' and customers_id = '" . $customer_id . "'");

to:

$check_query = tep_db_query("select count(*) as count from " . TABLE_PRODUCTS_NOTIFICATIONS . " where products_id = '" . (int)$HTTP_GET_VARS['products_id'] . "' and customers_id = '" . (int)$customer_id . "'");

around line 385, change from:

tep_db_query("delete from " . TABLE_PRODUCTS_NOTIFICATIONS . " where products_id = '" . $HTTP_GET_VARS['products_id'] . "' and customers_id = '" . $customer_id . "'");

to:

tep_db_query("delete from " . TABLE_PRODUCTS_NOTIFICATIONS . " where products_id = '" . (int)$HTTP_GET_VARS['products_id'] . "' and customers_id = '" . (int)$customer_id . "'");

includes/functions/banner.php

around line 61, change from:

$banners_query = tep_db_query("select count(*) as count from " . TABLE_BANNERS . " where status = '1' and banners_group = '" . $identifier . "'");

to:

$banners_query = tep_db_query("select count(*) as count from " . TABLE_BANNERS . " where status = '1' and banners_group = '" . tep_db_input($identifier) . "'");

around line 64, change from:

$banner = tep_random_select("select banners_id, banners_title, banners_image, banners_html_text from " . TABLE_BANNERS . " where status = '1' and banners_group = '" . $identifier . "'");

to:

$banner = tep_random_select("select banners_id, banners_title, banners_image, banners_html_text from " . TABLE_BANNERS . " where status = '1' and banners_group = '" . tep_db_input($identifier) . "'");

around line 98, change from:

return tep_random_select("select banners_id, banners_title, banners_image, banners_html_text from " . TABLE_BANNERS . " where status = '1' and banners_group = '" . $identifier . "'");

to:

return tep_random_select("select banners_id, banners_title, banners_image, banners_html_text from " . TABLE_BANNERS . " where status = '1' and banners_group = '" . tep_db_input($identifier) . "'");

includes/functions/specials.php

around line 16, change from:

return tep_db_query("update " . TABLE_SPECIALS . " set status = '" . $status . "', date_status_change = now() where specials_id = '" . (int)$specials_id . "'");

to:

return tep_db_query("update " . TABLE_SPECIALS . " set status = '" . (int)$status . "', date_status_change = now() where specials_id = '" . (int)$specials_id . "'");

View online at GitHub

Administration Tool -> Modules (1 file)

admin/modules.php

around line 273, change from:

$contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_MODULES, 'set=' . $set . (isset($HTTP_GET_VARS['module']) ? '&module=' . $HTTP_GET_VARS['module'] : '') . '&action=edit')) . tep_draw_button(IMAGE_MODULE_REMOVE, 'minus', tep_href_link(FILENAME_MODULES, 'set=' . $set . '&module=' . $mInfo->code . '&action=remove')));

to:

$contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_MODULES, 'set=' . $set . '&module=' . $mInfo->code . '&action=edit')) . tep_draw_button(IMAGE_MODULE_REMOVE, 'minus', tep_href_link(FILENAME_MODULES, 'set=' . $set . '&module=' . $mInfo->code . '&action=remove')));

View online at GitHub

Administration Tool -> Tools -> Banner Manager (1 file)

admin/banner_manager.php

around line 136, change from:

if (function_exists('imagecreate') && tep_not_null($banner_extensio)) {

to:

if (function_exists('imagecreate') && tep_not_null($banner_extension)) {

View online at GitHub

Social Bookmark Modules (4 files)

includes/modules/social_bookmarks/sb_digg.php

around line 35, change from:

return '<a href="http://digg.com/submit?url=' . urlencode(tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $HTTP_GET_VARS['products_id'], 'NONSSL', false)) . '" target="_blank"><img src="images/social_bookmarks/' . $this->icon . '" border="0" title="' . tep_output_string_protected($this->public_title) . '" alt="' . tep_output_string_protected($this->public_title) . '"/></a>';

to:

return '<a href="http://digg.com/submit?url=' . urlencode(tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $HTTP_GET_VARS['products_id'], 'NONSSL', false)) . '" target="_blank"><img src="' . DIR_WS_IMAGES . 'social_bookmarks/' . $this->icon . '" border="0" title="' . tep_output_string_protected($this->public_title) . '" alt="' . tep_output_string_protected($this->public_title) . '"/></a>';

includes/modules/social_bookmarks/sb_email.php

around line 35, change from:

return '<a href="' . tep_href_link(FILENAME_TELL_A_FRIEND, 'products_id=' . $HTTP_GET_VARS['products_id']) . '"><img src="images/social_bookmarks/' . $this->icon . '" border="0" title="' . tep_output_string_protected($this->public_title) . '" alt="' . tep_output_string_protected($this->public_title) . '" /></a>';

to:

return '<a href="' . tep_href_link(FILENAME_TELL_A_FRIEND, 'products_id=' . $HTTP_GET_VARS['products_id']) . '"><img src="' . DIR_WS_IMAGES . 'social_bookmarks/' . $this->icon . '" border="0" title="' . tep_output_string_protected($this->public_title) . '" alt="' . tep_output_string_protected($this->public_title) . '" /></a>';

includes/modules/social_bookmarks/sb_facebook.php

around line 35, change from:

return '<a href="http://www.facebook.com/share.php?u=' . urlencode(tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $HTTP_GET_VARS['products_id'], 'NONSSL', false)) . '" target="_blank"><img src="images/social_bookmarks/' . $this->icon . '" border="0" title="' . tep_output_string_protected($this->public_title) . '" alt="' . tep_output_string_protected($this->public_title) . '" /></a>';

to:

return '<a href="http://www.facebook.com/share.php?u=' . urlencode(tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $HTTP_GET_VARS['products_id'], 'NONSSL', false)) . '" target="_blank"><img src="' . DIR_WS_IMAGES . 'social_bookmarks/' . $this->icon . '" border="0" title="' . tep_output_string_protected($this->public_title) . '" alt="' . tep_output_string_protected($this->public_title) . '" /></a>';

includes/modules/social_bookmarks/sb_twitter.php

around line 35, change from:

return '<a href="http://twitter.com/home?status=' . urlencode(tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $HTTP_GET_VARS['products_id'], 'NONSSL', false)) . '" target="_blank"><img src="images/social_bookmarks/' . $this->icon . '" border="0" title="' . tep_output_string_protected($this->public_title) . '" alt="' . tep_output_string_protected($this->public_title) . '" /></a>';

to:

return '<a href="http://twitter.com/home?status=' . urlencode(tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $HTTP_GET_VARS['products_id'], 'NONSSL', false)) . '" target="_blank"><img src="' . DIR_WS_IMAGES . 'social_bookmarks/' . $this->icon . '" border="0" title="' . tep_output_string_protected($this->public_title) . '" alt="' . tep_output_string_protected($this->public_title) . '" /></a>';

View online at GitHub

Version Update (1 file)

includes/version.php

change line 1 from:

2.3.2

to:

2.3.3

View online at GitHub

Robot NoIndex Header Tag Module

Copy the following files to their respective directories:

includes/languages/english/modules/header_tags/ht_robot_noindex.php
includes/modules/header_tags/ht_robot_noindex.php

The module can be enabled at the Administration Tool -> Modules -> Header Tags -> Install Modules page.
Please also copy and update the language definition file to the other languages you have installed.

View online at GitHub

Google+ +1 Button and Google+ Share Social Bookmark Modules

Copy the following files to their respective directories:

includes/languages/english/modules/social_bookmarks/sb_google_plus_one.php
includes/languages/english/modules/social_bookmarks/sb_google_plus_share.php
includes/modules/social_bookmarks/sb_google_plus_one.php
includes/modules/social_bookmarks/sb_google_plus_share.php

The modules can be enabled at the Administration Tool -> Modules -> Social Bookmarks -> Install Modules page.
Please also copy and update the language definition file to the other languages you have installed.

View online at GitHub

Canonical Header Tag Module

Copy the following files to their respective directories:

includes/languages/english/modules/header_tags/ht_canonical.php
includes/modules/header_tags/ht_canonical.php

The module can be enabled at the Administration Tool -> Modules -> Header Tags -> Install Modules page.
Please also copy and update the language definition file to the other languages you have installed.

View online at GitHub

Pinterest Social Bookmark Module

Copy the following files to their respective directories:

includes/languages/english/modules/social_bookmarks/sb_pinterest.php
includes/modules/social_bookmarks/sb_pinterest.php

The modules can be enabled at the Administration Tool -> Modules -> Social Bookmarks -> Install Modules page.
Please also copy and update the language definition file to the other languages you have installed.

View online at GitHub

960.gs

Replace the following files in its respective directory:

ext/960gs/960.css
ext/960gs/960_24_col.css
ext/960gs/rtl_960.css
ext/960gs/rtl_960_24_col.css

View online at GitHub

jQuery

Delete the following file:

ext/jquery/jquery-1.4.2.min.js

Copy the following file to its respective directory:

ext/jquery/jquery-1.8.0.min.js

In:

admin/includes/template_top.php

around line 22, change from:

<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/jquery/jquery-1.4.2.min.js'); ?>"></script>

to:

<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/jquery/jquery-1.8.0.min.js'); ?>"></script>

includes/template_top.php

around line 30, change from:

<script type="text/javascript" src="ext/jquery/jquery-1.4.2.min.js"></script>

to:

<script type="text/javascript" src="ext/jquery/jquery-1.8.0.min.js"></script>

View online at GitHub

jQuery UI

Delete the following directories and files:

ext/jquery/ui/i18n
ext/jquery/ui/jquery-ui-1.8.6.min.js
ext/jquery/ui/redmond

Copy the following directories and files to their respective directory:

ext/jquery/ui/i18n
ext/jquery/ui/jquery-ui-1.8.22.min.js
ext/jquery/ui/redmond

In:

admin/includes/template_top.php

around line 21, change from:

<link rel="stylesheet" type="text/css" href="<?php echo tep_catalog_href_link('ext/jquery/ui/redmond/jquery-ui-1.8.6.css'); ?>">

to:

<link rel="stylesheet" type="text/css" href="<?php echo tep_catalog_href_link('ext/jquery/ui/redmond/jquery-ui-1.8.22.css'); ?>">

around line 23, change from:

<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/jquery/ui/jquery-ui-1.8.6.min.js'); ?>"></script>

to:

<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/jquery/ui/jquery-ui-1.8.22.min.js'); ?>"></script>

<script type="text/javascript">
// fix jQuery 1.8.0 and jQuery UI 1.8.22 bug with dialog buttons; http://bugs.jqueryui.com/ticket/8484
if ( $.attrFn ) { $.attrFn.text = true; }
</script>

includes/template_top.php

around line 29, change from:

<link rel="stylesheet" type="text/css" href="ext/jquery/ui/redmond/jquery-ui-1.8.6.css" />

to:

<link rel="stylesheet" type="text/css" href="ext/jquery/ui/redmond/jquery-ui-1.8.22.css" />

around line 31, change from:

<script type="text/javascript" src="ext/jquery/ui/jquery-ui-1.8.6.min.js"></script>

to:

<script type="text/javascript" src="ext/jquery/ui/jquery-ui-1.8.22.min.js"></script>
<script type="text/javascript">
// fix jQuery 1.8.0 and jQuery UI 1.8.22 bug with dialog buttons; http://bugs.jqueryui.com/ticket/8484
if ( $.attrFn ) { $.attrFn.text = true; }
</script>

View online at GitHub

bxGallery

Replace the following file in its respective directory:

ext/jquery/bxGallery/jquery.bxGallery.1.1.min.js

View online at GitHub

Thank You!

We'd like to thank the community for their feedback on our releases. In addition, we thank the following people who participated in the development of this release.

Code Contributors
acidvertigo (acidvertigo) bxGallery fix for jQuery 1.6.0.
burt (gburton) Canonical Header Tag for manufacturer listings
Pinterest Social Bookmark Module
FWR Media (FwrMedia) GZIP Compression PHP 5.4 Compatibility
Bug Reporters
bruyndoncx
burt
cannuck1964
Denre
eXcaliburN
faaliyet
foxp2
francois01
FWR Media
Gergely
HanV
Juto
Ken44
Matjaz
multimixer
pdcelec
peter3
wrwrwr
www-in-no
yansfung

Reference

A full list of source code changes can be seen at:

https://github.com/osCommerce/oscommerce2/compare/v2.3.2...upgrade233