Zencart v1.3.9h when the background product is edited, the product name, product description, and product model information are not read.
Symptoms:
A) using PHP version lower than 5.2.3 (and 5.2.3 is less than 5.2.13, for example. ie: 3 is less than 13)
B) Zen cart v1.3.9h
C) on admin "home" page you notice that your list of MERs shows only dates, not names.
D) on admin product-edit screen you notice that the product name, description, and model number are empty when editing a product.
Note: If you're using such an old version of PHP, then your site is certainly not PCI-compliant, and is thus likely to contain known security problems in PHP, and you shoshould be upgrading your hosting to a newer version of PHP.
The following is only a workaround for the symptoms mentioned above, and is not needed if you're using a current version of PHP.
Solution:
Strictly speaking, this is only necessary if you're using a PHP version lower than PhP 5.2.3
1./admin/utilities des/functions/General. php
Line 39, change from:
Code:
Return htmlspecialchars ($ string, ent_compat, charset, false);:
Code:
Return htmlspecialchars ($ string, ent_compat, charset); 2./admin/Des/modules/product/collect_info.php
(And if you use the other product types too, then * those * collect_info.php files as well. See below for the list of filenames .)
Action: You have two choices:
Either:
A) revert these files back to v1.3.9g versions (recommended, since it's simpler)
Or
B) make similar edits in 3 places in each file, removing the ", true" in each of these sections of code:
Approx line 299:
Code:
<TD class = "Main"> <? PHP echo zen_image (dir_ws_catalog_ages. $ ages [$ I] ['directory']. '/images /'. $ ages [$ I] ['image'], $ ages [$ I] ['name']). '& nbsp ;'. zen_draw_input_field ('products _ name ['. $ ages [$ I] ['id']. ']', (isset ($ products_name [$ ages [$ I] ['id'])? Htmlspecialchars (stripslashes ($ products_name [$ ages [$ I] ['id']), ent_compat, charset, true): htmlspecialchars (zen_get_products_name ($ pinfo-> products_id, $ ages [$ I] ['id']), ent_compat, charset, true), zen_set_field_length (table_products_description, 'products _ name');?> </TD> approx line 412:
Code:
Echo zen_draw_textarea_field ('products _ description ['. $ ages [$ I] ['id']. ']', 'soft ', '000000', '30', (isset ($ products_description [$ ages [$ I] ['id'])? Htmlspecialchars (stripslashes ($ products_description [$ ages [$ I] ['id']), ent_compat, charset, true): htmlspecialchars (zen_get_products_description ($ pinfo-> products_id, $ ages [$ I] ['id']), ent_compat, charset, true); //, 'Id = "'. 'products _ description '. $ ages [$ I] ['id']. '"'); approx line 433:
Code:
<TD class = "Main"> <? PHP echo zen_draw_separator('pixel_trans.gif ', '24', '15 '). '& nbsp ;'. values ('products _ model', htmlspecialchars (stripslashes ($ pinfo-> products_model), ent_compat, charset, true), zen_set_field_length (table_products, 'products _ model');?> </TD> (Note: Line-numbers will vary depending on which product-type file you're editing .)
These are the additional product-type files which you may or may not be using:
-/Admin/Includes/modules/document_general/collect_info.php
-/Admin/Includes/modules/document_product/collect_info.php
-/Admin/Includes/modules/product_free_shipping/collect_info.php
-/Admin/Includes/modules/product_music/collect_info.php
3. receivdes/modules/pages/shopping_cart/header_php.php
Line 111, remove the ", true ":
Code:
$ Attr_value = htmlspecialchars ($ products [$ I] ['tes butes _ values'] [$ option], E
Code:
$ Attr_value = htmlspecialchars ($ products [$ I] ['tes butes _ values '] [$ option], ent_compat, charset, true );
If the product name still does not exist
Zen_get_products_name ($ pinfo-> products_id, $ ages [$ I] ['id']), directly change to the product name variable $ pinfo-> products_name
$ Products_name [$ ages [$ I] ['id']) is directly replaced with the product name variable $ pinfo-> products_name
Other similar