A lot of people are still using old versions of software to power their sites. A recent customer had an osCommerce version prior to November 2005 and I found this document that might be useful to a few of you who like getting your hands dirty:
osCommerce 2.2 Milestone 2 Update 051113
Update Package 13th November 2005
Table of Contents
Update 051113
customer_country_id in addressbook
Update 051112
Cannot re-assign $this
limit -20, 20
Database Input Enhancement
Adding Non-Existing Products To Cart
Session ID XSS Issue
Validate Session ID
File Manager Problem
HTTP Header Injection
E-Mail Header Injection
Contact Us Form XSS Issue
Open Redirector
Extra Slashes In New Products
Order Status Filtering
MySQL 5.0 Compatibility
customer_country_id in addressbook
http://www.oscommerce.com/community/bugs,1662
Problem:
When the customer updates their address in the My Account page, their country value is being stored in an incorrect variable that can cause an incorrect tax rate value being used in product prices.
Solution:
The following lines must be replaced in catalog/address_book_process.php:
Line 150, from:
$customer_country_id = $country_id;
to:
$customer_country_id = $country;
Line 171, from:
$customer_country_id = $country_id;
to:
$customer_country_id = $country;
Cannot re-assign $this
http://www.oscommerce.com/community/bugs,1650
Problem:
Fatal error: Cannot re-assign $this in /path/to/catalog/admin/includes/classes/upload.php on line 31
Solution:
Lines 27-34 in catalog/admin/includes/classes/upload.php must be changed from:
if ( ($this->parse() == true) && ($this->save() == true) ) {
return true;
} else {
// self destruct
$this = null;
return false;
}
to:
if ( ($this->parse() == true) && ($this->save() == true) ) {
return true;
} else {
return false;
}
limit -20, 20
http://www.oscommerce.com/community/bugs,1605
Problem:
1064 – You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘-20, 20’ at line 1
Solution:
Line 67 in catalog/includes/classes/split_page_results.php must be changed from:
$this->sql_query .= ” limit ” . $offset . “, ” . $this->number_of_rows_per_page;
to:
$this->sql_query .= ” limit ” . max($offset, 0) . “, ” . $this->number_of_rows_per_page;
Line 38 in catalog/admin/includes/classes/split_page_results.php must be changed from:
$sql_query .= ” limit ” . $offset . “, ” . $max_rows_per_page;
to:
$sql_query .= ” limit ” . max($offset, 0) . “, ” . $max_rows_per_page;
Database Input Enhancement
Problem:
Native MySQL functions should be used in preference to the addslashes() function, to properly protect the SQL queries being executed on the database server.
Solution:
The following function must be replaced in catalog/includes/functions/database.php.
Lines 126-128, from:
function tep_db_input($string) {
return addslashes($string);
}
to:
function tep_db_input($string, $link = ‘db_link’) {
global $$link;
if (function_exists(‘mysql_real_escape_string’)) {
return mysql_real_escape_string($string, $$link);
} elseif (function_exists(‘mysql_escape_string’)) {
return mysql_escape_string($string);
}
return addslashes($string);
}
The following function must be replaced in catalog/admin/includes/functions/database.php.
Lines 130-132, from:
function tep_db_input($string) {
return addslashes($string);
}
to:
function tep_db_input($string, $link = ‘db_link’) {
global $$link;
if (function_exists(‘mysql_real_escape_string’)) {
return mysql_real_escape_string($string, $$link);
} elseif (function_exists(‘mysql_escape_string’)) {
return mysql_escape_string($string);
}
return addslashes($string);
}
Adding Non-Existing Products To Cart
http://www.oscommerce.com/community/bugs,1617
Problem:
It is possible to add non-existing products into the shopping cart which may prevent customers from removing the products from their cart.
Solution:
The following functions must be replaced in catalog/includes/functions/general.php.
Lines 912-921, from:
function tep_get_uprid($prid, $params) {
$uprid = $prid;
if ( (is_array($params)) && (!strstr($prid, ‘{‘)) ) {
while (list($option, $value) = each($params)) {
$uprid = $uprid . ‘{‘ . $option . ‘}’ . $value;
}
}
return $uprid;
}
to:
function tep_get_uprid($prid, $params) {
if (is_numeric($prid)) {
$uprid = $prid;
if (is_array($params) && (sizeof($params) > 0)) {
$attributes_check = true;
$attributes_ids = ”;
reset($params);
while (list($option, $value) = each($params)) {
if (is_numeric($option) && is_numeric($value)) {
$attributes_ids .= ‘{‘ . (int)$option . ‘}’ . (int)$value;
} else {
$attributes_check = false;
break;
}
}
if ($attributes_check == true) {
$uprid .= $attributes_ids;
}
}
} else {
$uprid = tep_get_prid($prid);
if (is_numeric($uprid)) {
if (strpos($prid, ‘{‘) !== false) {
$attributes_check = true;
$attributes_ids = ”;
// strpos()+1 to remove up to and including the first { which would create an empty array element in explode()
$attributes = explode(‘{‘, substr($prid, strpos($prid, ‘{‘)+1));
for ($i=0, $n=sizeof($attributes); $iin_cart($products_id)) {
$this->update_quantity($products_id, $qty, $attributes);
} else {
$this->contents[] = array($products_id);
$this->contents[$products_id] = array(‘qty’ => $qty);
// insert into database
if (tep_session_is_registered(‘customer_id’)) tep_db_query(“insert into ” . TABLE_CUSTOMERS_BASKET . ” (customers_id, products_id, customers_basket_quantity, customers_basket_date_added) values (‘” . (int)$customer_id . “‘, ‘” . tep_db_input($products_id) . “‘, ‘” . $qty . “‘, ‘” . date(‘Ymd’) . “‘)”);
if (is_array($attributes)) {
reset($attributes);
while (list($option, $value) = each($attributes)) {
$this->contents[$products_id][‘attributes’][$option] = $value;
// insert into database
if (tep_session_is_registered(‘customer_id’)) tep_db_query(“insert into ” . TABLE_CUSTOMERS_BASKET_ATTRIBUTES . ” (customers_id, products_id, products_options_id, products_options_value_id) values (‘” . (int)$customer_id . “‘, ‘” . tep_db_input($products_id) . “‘, ‘” . (int)$option . “‘, ‘” . (int)$value . “‘)”);
}
}
}
$this->cleanup();
// assign a temporary unique ID to the order contents to prevent hack attempts during the checkout procedure
$this->cartID = $this->generate_cart_id();
}
to:
function add_cart($products_id, $qty = ‘1’, $attributes = ”, $notify = true) {
global $new_products_id_in_cart, $customer_id;
$products_id_string = tep_get_uprid($products_id, $attributes);
$products_id = tep_get_prid($products_id_string);
if (is_numeric($products_id) && is_numeric($qty)) {
$check_product_query = tep_db_query(“select products_status from ” . TABLE_PRODUCTS . ” where products_id = ‘” . (int)$products_id . “‘”);
$check_product = tep_db_fetch_array($check_product_query);
if (($check_product !== false) && ($check_product[‘products_status’] == ‘1’)) {
if ($notify == true) {
$new_products_id_in_cart = $products_id;
tep_session_register(‘new_products_id_in_cart’);
}
if ($this->in_cart($products_id_string)) {
$this->update_quantity($products_id_string, $qty, $attributes);
} else {
$this->contents[$products_id_string] = array(‘qty’ => $qty);
// insert into database
if (tep_session_is_registered(‘customer_id’)) tep_db_query(“insert into ” . TABLE_CUSTOMERS_BASKET . ” (customers_id, products_id, customers_basket_quantity, customers_basket_date_added) values (‘” . (int)$customer_id . “‘, ‘” . tep_db_input($products_id_string) . “‘, ‘” . (int)$qty . “‘, ‘” . date(‘Ymd’) . “‘)”);
if (is_array($attributes)) {
reset($attributes);
while (list($option, $value) = each($attributes)) {
$this->contents[$products_id_string][‘attributes’][$option] = $value;
// insert into database
if (tep_session_is_registered(‘customer_id’)) tep_db_query(“insert into ” . TABLE_CUSTOMERS_BASKET_ATTRIBUTES . ” (customers_id, products_id, products_options_id, products_options_value_id) values (‘” . (int)$customer_id . “‘, ‘” . tep_db_input($products_id_string) . “‘, ‘” . (int)$option . “‘, ‘” . (int)$value . “‘)”);
}
}
}
$this->cleanup();
// assign a temporary unique ID to the order contents to prevent hack attempts during the checkout procedure
$this->cartID = $this->generate_cart_id();
}
}
}
Lines 110-127, from:
function update_quantity($products_id, $quantity = ”, $attributes = ”) {
global $customer_id;
if (empty($quantity)) return true; // nothing needs to be updated if theres no quantity, so we return true..
$this->contents[$products_id] = array(‘qty’ => $quantity);
// update database
if (tep_session_is_registered(‘customer_id’)) tep_db_query(“update ” . TABLE_CUSTOMERS_BASKET . ” set customers_basket_quantity = ‘” . $quantity . “‘ where customers_id = ‘” . (int)$customer_id . “‘ and products_id = ‘” . tep_db_input($products_id) . “‘”);
if (is_array($attributes)) {
reset($attributes);
while (list($option, $value) = each($attributes)) {
$this->contents[$products_id][‘attributes’][$option] = $value;
// update database
if (tep_session_is_registered(‘customer_id’)) tep_db_query(“update ” . TABLE_CUSTOMERS_BASKET_ATTRIBUTES . ” set products_options_value_id = ‘” . (int)$value . “‘ where customers_id = ‘” . (int)$customer_id . “‘ and products_id = ‘” . tep_db_input($products_id) . “‘ and products_options_id = ‘” . (int)$option . “‘”);
}
}
}
to:
function update_quantity($products_id, $quantity = ”, $attributes = ”) {
global $customer_id;
$products_id_string = tep_get_uprid($products_id, $attributes);
$products_id = tep_get_prid($products_id_string);
if (is_numeric($products_id) && isset($this->contents[$products_id_string]) && is_numeric($quantity)) {
$this->contents[$products_id_string] = array(‘qty’ => $quantity);
// update database
if (tep_session_is_registered(‘customer_id’)) tep_db_query(“update ” . TABLE_CUSTOMERS_BASKET . ” set customers_basket_quantity = ‘” . (int)$quantity . “‘ where customers_id = ‘” . (int)$customer_id . “‘ and products_id = ‘” . tep_db_input($products_id_string) . “‘”);
if (is_array($attributes)) {
reset($attributes);
while (list($option, $value) = each($attributes)) {
$this->contents[$products_id_string][‘attributes’][$option] = $value;
// update database
if (tep_session_is_registered(‘customer_id’)) tep_db_query(“update ” . TABLE_CUSTOMERS_BASKET_ATTRIBUTES . ” set products_options_value_id = ‘” . (int)$value . “‘ where customers_id = ‘” . (int)$customer_id . “‘ and products_id = ‘” . tep_db_input($products_id_string) . “‘ and products_options_id = ‘” . (int)$option . “‘”);
}
}
}
}
Session ID XSS Issue
http://www.oscommerce.com/community/bugs,1546
Problem:
A cross site scripting issue exists with malformed session IDs being used in the tep_href_link() function.
Solution:
Line 66 in catalog/includes/functions/html_output.php must be changed from:
$link .= $separator . $_sid;
to:
$link .= $separator . tep_output_string($_sid);
Validate Session ID
Problem:
Validate the session ID and redirect to the front page when an invalid session ID is requested.
Solution:
The following function must be replaced in catalog/includes/functions/sessions.php.
Lines 66-68, from:
function tep_session_start() {
return session_start();
}
to:
function tep_session_start() {
global $HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS;
$sane_session_id = true;
if (isset($HTTP_GET_VARS[tep_session_name()])) {
if (preg_match(‘/^[a-zA-Z0-9]+$/’, $HTTP_GET_VARS[tep_session_name()]) == false) {
unset($HTTP_GET_VARS[tep_session_name()]);
$sane_session_id = false;
}
} elseif (isset($HTTP_POST_VARS[tep_session_name()])) {
if (preg_match(‘/^[a-zA-Z0-9]+$/’, $HTTP_POST_VARS[tep_session_name()]) == false) {
unset($HTTP_POST_VARS[tep_session_name()]);
$sane_session_id = false;
}
} elseif (isset($HTTP_COOKIE_VARS[tep_session_name()])) {
if (preg_match(‘/^[a-zA-Z0-9]+$/’, $HTTP_COOKIE_VARS[tep_session_name()]) == false) {
$session_data = session_get_cookie_params();
setcookie(tep_session_name(), ”, time()-42000, $session_data[‘path’], $session_data[‘domain’]);
$sane_session_id = false;
}
}
if ($sane_session_id == false) {
tep_redirect(tep_href_link(FILENAME_DEFAULT, ”, ‘NONSSL’, false));
}
return session_start();
}
File Manager Problem
http://www.oscommerce.com/community/bugs,1391
Problem:
Parsing errors occur when saving edited files through the File Manager.
Solution:
Line 148 in catalog/admin/file_manager.php must be changed from:
$file_contents = htmlspecialchars(implode(”, $file_array));
to:
$file_contents = addslashes(implode(”, $file_array));
Note: This update also requires the Contact Us Form XSS Issue update in order to function correctly.
HTTP Header Injection
Problem:
By using malicious data it is possible to inject headers into HTTP requests.
Solution:
The following function must be replaced in catalog/includes/functions/general.php.
Lines 22-32, from:
function tep_redirect($url) {
if ( (ENABLE_SSL == true) && (getenv(‘HTTPS’) == ‘on’) ) { // We are loading an SSL page
if (substr($url, 0, strlen(HTTP_SERVER)) == HTTP_SERVER) { // NONSSL url
$url = HTTPS_SERVER . substr($url, strlen(HTTP_SERVER)); // Change it to SSL
}
}
header(‘Location: ‘ . $url);
tep_exit();
}
to:
function tep_redirect($url) {
if ( (strstr($url, “\n”) != false) || (strstr($url, “\r”) != false) ) {
tep_redirect(tep_href_link(FILENAME_DEFAULT, ”, ‘NONSSL’, false));
}
if ( (ENABLE_SSL == true) && (getenv(‘HTTPS’) == ‘on’) ) { // We are loading an SSL page
if (substr($url, 0, strlen(HTTP_SERVER)) == HTTP_SERVER) { // NONSSL url
$url = HTTPS_SERVER . substr($url, strlen(HTTP_SERVER)); // Change it to SSL
}
}
header(‘Location: ‘ . $url);
tep_exit();
}
The following function must be replaced in catalog/admin/includes/functions/general.php.
Lines 15-26, from:
function tep_redirect($url) {
global $logger;
header(‘Location: ‘ . $url);
if (STORE_PAGE_PARSE_TIME == ‘true’) {
if (!is_object($logger)) $logger = new logger;
$logger->timer_stop();
}
exit;
}
to:
function tep_redirect($url) {
global $logger;
if ( (strstr($url, “\n”) != false) || (strstr($url, “\r”) != false) ) {
tep_redirect(tep_href_link(FILENAME_DEFAULT, ”, ‘NONSSL’, false));
}
header(‘Location: ‘ . $url);
if (STORE_PAGE_PARSE_TIME == ‘true’) {
if (!is_object($logger)) $logger = new logger;
$logger->timer_stop();
}
exit;
}
E-Mail Header Injection
http://www.oscommerce.com/community/bugs,2488
Problem:
By using malicious data it is possible to inject headers into emails the online store sends.
Solution:
The following function must be replaced in catalog/includes/classes/email.php and catalog/admin/includes/classes/email.php.
Lines 473-504, from:
function send($to_name, $to_addr, $from_name, $from_addr, $subject = ”, $headers = ”) {
$to = (($to_name != ”) ? ‘”‘ . $to_name . ‘”
$from = (($from_name != ”) ? ‘”‘ . $from_name . ‘”
if (is_string($headers)) {
$headers = explode($this->lf, trim($headers));
}
for ($i=0; $i
if (is_array($headers[$i])) {
for ($j=0; $joutput, ‘From: ‘ . $from . $this->lf . ‘To: ‘ . $to . $this->lf . implode($this->lf, $this->headers) . $this->lf . implode($this->lf, $xtra_headers));
} else {
return mail($to, $subject, $this->output, ‘From: ‘.$from.$this->lf.implode($this->lf, $this->headers).$this->lf.implode($this->lf, $xtra_headers));
}
}
to:
function send($to_name, $to_addr, $from_name, $from_addr, $subject = ”, $headers = ”) {
if ((strstr($to_name, “\n”) != false) || (strstr($to_name, “\r”) != false)) {
return false;
}
if ((strstr($to_addr, “\n”) != false) || (strstr($to_addr, “\r”) != false)) {
return false;
}
if ((strstr($subject, “\n”) != false) || (strstr($subject, “\r”) != false)) {
return false;
}
if ((strstr($from_name, “\n”) != false) || (strstr($from_name, “\r”) != false)) {
return false;
}
if ((strstr($from_addr, “\n”) != false) || (strstr($from_addr, “\r”) != false)) {
return false;
}
$to = (($to_name != ”) ? ‘”‘ . $to_name . ‘”
$from = (($from_name != ”) ? ‘”‘ . $from_name . ‘”
if (is_string($headers)) {
$headers = explode($this->lf, trim($headers));
}
for ($i=0; $i
if (is_array($headers[$i])) {
for ($j=0; $joutput, ‘From: ‘ . $from . $this->lf . ‘To: ‘ . $to . $this->lf . implode($this->lf, $this->headers) . $this->lf . implode($this->lf, $xtra_headers));
} else {
return mail($to, $subject, $this->output, ‘From: ‘.$from.$this->lf.implode($this->lf, $this->headers).$this->lf.implode($this->lf, $xtra_headers));
}
}
Contact Us Form XSS Issue
http://www.oscommerce.com/community/bugs,2422
Problem:
By using malicious data it is possible to inject HTML into the page.
Solution:
Lines 221-225 in catalog/includes/functions/html_output.php must be changed from:
if ( (isset($GLOBALS[$name])) && ($reinsert_value == true) ) {
$field .= stripslashes($GLOBALS[$name]);
} elseif (tep_not_null($text)) {
$field .= $text;
}
to:
if ( (isset($GLOBALS[$name])) && ($reinsert_value == true) ) {
$field .= tep_output_string_protected(stripslashes($GLOBALS[$name]));
} elseif (tep_not_null($text)) {
$field .= tep_output_string_protected($text);
}
Lines 244-248 in catalog/admin/includes/functions/html_output.php must be changed from:
if ( (isset($GLOBALS[$name])) && ($reinsert_value == true) ) {
$field .= stripslashes($GLOBALS[$name]);
} elseif (tep_not_null($text)) {
$field .= $text;
}
to:
if ( (isset($GLOBALS[$name])) && ($reinsert_value == true) ) {
$field .= tep_output_string_protected(stripslashes($GLOBALS[$name]));
} elseif (tep_not_null($text)) {
$field .= tep_output_string_protected($text);
}
Open Redirector
http://www.oscommerce.com/community/bugs,2970
Problem:
There is no URL checking being performed on the redirection page, and allows external sources to use the page as an open redirect relay.
Solution:
Lines 27-29 in catalog/redirect.php must be changed from:
if (isset($HTTP_GET_VARS[‘goto’]) && tep_not_null($HTTP_GET_VARS[‘goto’])) {
tep_redirect(‘http://’ . $HTTP_GET_VARS[‘goto’]);
}
to:
if (isset($HTTP_GET_VARS[‘goto’]) && tep_not_null($HTTP_GET_VARS[‘goto’])) {
$check_query = tep_db_query(“select products_url from ” . TABLE_PRODUCTS_DESCRIPTION . ” where products_url = ‘” . tep_db_input($HTTP_GET_VARS[‘goto’]) . “‘ limit 1”);
if (tep_db_num_rows($check_query)) {
tep_redirect(‘http://’ . $HTTP_GET_VARS[‘goto’]);
}
}
Extra Slashes In New Products
Problem:
When new products are entered and previewed, hitting the back button to edit the product data again adds extra slashes to apostrophes in the products name and description.
Solution:
The following lines must be replaced in catalog/admin/categories.php:
Line 504, from:
to:
Line 538, from:
to:
Line 574, from:
to:
Order Status Filtering
http://www.oscommerce.com/community/bugs,1543
Problem:
After changing the order status filtering on the Administration Tool -> Customers -> Orders page, selecting “All Orders” would show an empty listing of orders.
Solution:
Line 357 in catalog/admin/orders.php must be changed from:
} elseif (isset($HTTP_GET_VARS[‘status’])) {
to:
} elseif (isset($HTTP_GET_VARS[‘status’]) && is_numeric($HTTP_GET_VARS[‘status’]) && ($HTTP_GET_VARS[‘status’] > 0)) {
MySQL 5.0 Compatibility
Problem:
MySQL 5.0 introduces Server SQL modes as part of its SQL 2003 standards support, and uses a more stricter approach to executing SQL queries. This is performed by default with setting STRICT_TRANS_TABLES as a Server SQL mode.
Due to this new setting, MySQL fails on certain SQL queries and produces error messages on the screen.
Solution:
Lines 213-223 in catalog/advanced_search_result.php must be changed from:
$from_str = “from ” . TABLE_PRODUCTS . ” p left join ” . TABLE_MANUFACTURERS . ” m using(manufacturers_id) left join ” . TABLE_SPECIALS . ” s on p.products_id = s.products_id, ” . TABLE_PRODUCTS_DESCRIPTION . ” pd, ” . TABLE_CATEGORIES . ” c, ” . TABLE_PRODUCTS_TO_CATEGORIES . ” p2c”;
if ( (DISPLAY_PRICE_WITH_TAX == ‘true’) && (tep_not_null($pfrom) || tep_not_null($pto)) ) {
if (!tep_session_is_registered(‘customer_country_id’)) {
$customer_country_id = STORE_COUNTRY;
$customer_zone_id = STORE_ZONE;
}
$from_str .= ” left join ” . TABLE_TAX_RATES . ” tr on p.products_tax_class_id = tr.tax_class_id left join ” . TABLE_ZONES_TO_GEO_ZONES . ” gz on tr.tax_zone_id = gz.geo_zone_id and (gz.zone_country_id is null or gz.zone_country_id = ‘0’ or gz.zone_country_id = ‘” . (int)$customer_country_id . “‘) and (gz.zone_id is null or gz.zone_id = ‘0’ or gz.zone_id = ‘” . (int)$customer_zone_id . “‘)”;
}
$where_str = ” where p.products_status = ‘1’ and p.products_id = pd.products_id and pd.language_id = ‘” . (int)$languages_id . “‘ and p.products_id = p2c.products_id and p2c.categories_id = c.categories_id “;
to:
$from_str = “from ” . TABLE_PRODUCTS . ” p left join ” . TABLE_MANUFACTURERS . ” m using(manufacturers_id) left join ” . TABLE_SPECIALS . ” s on p.products_id = s.products_id”;
if ( (DISPLAY_PRICE_WITH_TAX == ‘true’) && (tep_not_null($pfrom) || tep_not_null($pto)) ) {
if (!tep_session_is_registered(‘customer_country_id’)) {
$customer_country_id = STORE_COUNTRY;
$customer_zone_id = STORE_ZONE;
}
$from_str .= ” left join ” . TABLE_TAX_RATES . ” tr on p.products_tax_class_id = tr.tax_class_id left join ” . TABLE_ZONES_TO_GEO_ZONES . ” gz on tr.tax_zone_id = gz.geo_zone_id and (gz.zone_country_id is null or gz.zone_country_id = ‘0’ or gz.zone_country_id = ‘” . (int)$customer_country_id . “‘) and (gz.zone_id is null or gz.zone_id = ‘0’ or gz.zone_id = ‘” . (int)$customer_zone_id . “‘)”;
}
$from_str .= “, ” . TABLE_PRODUCTS_DESCRIPTION . ” pd, ” . TABLE_CATEGORIES . ” c, ” . TABLE_PRODUCTS_TO_CATEGORIES . ” p2c”;
$where_str = ” where p.products_status = ‘1’ and p.products_id = pd.products_id and pd.language_id = ‘” . (int)$languages_id . “‘ and p.products_id = p2c.products_id and p2c.categories_id = c.categories_id “;
The following lines must be replaced in catalog/index.php:
Line 175, from:
$listing_sql = “select ” . $select_column_list . ” p.products_id, p.manufacturers_id, p.products_price, p.products_tax_class_id, IF(s.status, s.specials_new_products_price, NULL) as specials_new_products_price, IF(s.status, s.specials_new_products_price, p.products_price) as final_price from ” . TABLE_PRODUCTS . ” p, ” . TABLE_PRODUCTS_DESCRIPTION . ” pd, ” . TABLE_MANUFACTURERS . ” m, ” . TABLE_PRODUCTS_TO_CATEGORIES . ” p2c left join ” . TABLE_SPECIALS . ” s on p.products_id = s.products_id where p.products_status = ‘1’ and p.manufacturers_id = m.manufacturers_id and m.manufacturers_id = ‘” . (int)$HTTP_GET_VARS[‘manufacturers_id’] . “‘ and p.products_id = p2c.products_id and pd.products_id = p2c.products_id and pd.language_id = ‘” . (int)$languages_id . “‘ and p2c.categories_id = ‘” . (int)$HTTP_GET_VARS[‘filter_id’] . “‘”;
to:
$listing_sql = “select ” . $select_column_list . ” p.products_id, p.manufacturers_id, p.products_price, p.products_tax_class_id, IF(s.status, s.specials_new_products_price, NULL) as specials_new_products_price, IF(s.status, s.specials_new_products_price, p.products_price) as final_price from ” . TABLE_PRODUCTS . ” p left join ” . TABLE_SPECIALS . ” s on p.products_id = s.products_id, ” . TABLE_PRODUCTS_DESCRIPTION . ” pd, ” . TABLE_MANUFACTURERS . ” m, ” . TABLE_PRODUCTS_TO_CATEGORIES . ” p2c where p.products_status = ‘1’ and p.manufacturers_id = m.manufacturers_id and m.manufacturers_id = ‘” . (int)$HTTP_GET_VARS[‘manufacturers_id’] . “‘ and p.products_id = p2c.products_id and pd.products_id = p2c.products_id and pd.language_id = ‘” . (int)$languages_id . “‘ and p2c.categories_id = ‘” . (int)$HTTP_GET_VARS[‘filter_id’] . “‘”;
Line 178, from:
$listing_sql = “select ” . $select_column_list . ” p.products_id, p.manufacturers_id, p.products_price, p.products_tax_class_id, IF(s.status, s.specials_new_products_price, NULL) as specials_new_products_price, IF(s.status, s.specials_new_products_price, p.products_price) as final_price from ” . TABLE_PRODUCTS . ” p, ” . TABLE_PRODUCTS_DESCRIPTION . ” pd, ” . TABLE_MANUFACTURERS . ” m left join ” . TABLE_SPECIALS . ” s on p.products_id = s.products_id where p.products_status = ‘1’ and pd.products_id = p.products_id and pd.language_id = ‘” . (int)$languages_id . “‘ and p.manufacturers_id = m.manufacturers_id and m.manufacturers_id = ‘” . (int)$HTTP_GET_VARS[‘manufacturers_id’] . “‘”;
to:
$listing_sql = “select ” . $select_column_list . ” p.products_id, p.manufacturers_id, p.products_price, p.products_tax_class_id, IF(s.status, s.specials_new_products_price, NULL) as specials_new_products_price, IF(s.status, s.specials_new_products_price, p.products_price) as final_price from ” . TABLE_PRODUCTS . ” p left join ” . TABLE_SPECIALS . ” s on p.products_id = s.products_id, ” . TABLE_PRODUCTS_DESCRIPTION . ” pd, ” . TABLE_MANUFACTURERS . ” m where p.products_status = ‘1’ and pd.products_id = p.products_id and pd.language_id = ‘” . (int)$languages_id . “‘ and p.manufacturers_id = m.manufacturers_id and m.manufacturers_id = ‘” . (int)$HTTP_GET_VARS[‘manufacturers_id’] . “‘”;
Line 184, from:
$listing_sql = “select ” . $select_column_list . ” p.products_id, p.manufacturers_id, p.products_price, p.products_tax_class_id, IF(s.status, s.specials_new_products_price, NULL) as specials_new_products_price, IF(s.status, s.specials_new_products_price, p.products_price) as final_price from ” . TABLE_PRODUCTS . ” p, ” . TABLE_PRODUCTS_DESCRIPTION . ” pd, ” . TABLE_MANUFACTURERS . ” m, ” . TABLE_PRODUCTS_TO_CATEGORIES . ” p2c left join ” . TABLE_SPECIALS . ” s on p.products_id = s.products_id where p.products_status = ‘1’ and p.manufacturers_id = m.manufacturers_id and m.manufacturers_id = ‘” . (int)$HTTP_GET_VARS[‘filter_id’] . “‘ and p.products_id = p2c.products_id and pd.products_id = p2c.products_id and pd.language_id = ‘” . (int)$languages_id . “‘ and p2c.categories_id = ‘” . (int)$current_category_id . “‘”;
to:
$listing_sql = “select ” . $select_column_list . ” p.products_id, p.manufacturers_id, p.products_price, p.products_tax_class_id, IF(s.status, s.specials_new_products_price, NULL) as specials_new_products_price, IF(s.status, s.specials_new_products_price, p.products_price) as final_price from ” . TABLE_PRODUCTS . ” p left join ” . TABLE_SPECIALS . ” s on p.products_id = s.products_id, ” . TABLE_PRODUCTS_DESCRIPTION . ” pd, ” . TABLE_MANUFACTURERS . ” m, ” . TABLE_PRODUCTS_TO_CATEGORIES . ” p2c where p.products_status = ‘1’ and p.manufacturers_id = m.manufacturers_id and m.manufacturers_id = ‘” . (int)$HTTP_GET_VARS[‘filter_id’] . “‘ and p.products_id = p2c.products_id and pd.products_id = p2c.products_id and pd.language_id = ‘” . (int)$languages_id . “‘ and p2c.categories_id = ‘” . (int)$current_category_id . “‘”;
Line 187, from:
$listing_sql = “select ” . $select_column_list . ” p.products_id, p.manufacturers_id, p.products_price, p.products_tax_class_id, IF(s.status, s.specials_new_products_price, NULL) as specials_new_products_price, IF(s.status, s.specials_new_products_price, p.products_price) as final_price from ” . TABLE_PRODUCTS_DESCRIPTION . ” pd, ” . TABLE_PRODUCTS . ” p left join ” . TABLE_MANUFACTURERS . ” m on p.manufacturers_id = m.manufacturers_id, ” . TABLE_PRODUCTS_TO_CATEGORIES . ” p2c left join ” . TABLE_SPECIALS . ” s on p.products_id = s.products_id where p.products_status = ‘1’ and p.products_id = p2c.products_id and pd.products_id = p2c.products_id and pd.language_id = ‘” . (int)$languages_id . “‘ and p2c.categories_id = ‘” . (int)$current_category_id . “‘”;
to:
$listing_sql = “select ” . $select_column_list . ” p.products_id, p.manufacturers_id, p.products_price, p.products_tax_class_id, IF(s.status, s.specials_new_products_price, NULL) as specials_new_products_price, IF(s.status, s.specials_new_products_price, p.products_price) as final_price from ” . TABLE_PRODUCTS_DESCRIPTION . ” pd, ” . TABLE_PRODUCTS . ” p left join ” . TABLE_MANUFACTURERS . ” m on p.manufacturers_id = m.manufacturers_id left join ” . TABLE_SPECIALS . ” s on p.products_id = s.products_id, ” . TABLE_PRODUCTS_TO_CATEGORIES . ” p2c where p.products_status = ‘1’ and p.products_id = p2c.products_id and pd.products_id = p2c.products_id and pd.language_id = ‘” . (int)$languages_id . “‘ and p2c.categories_id = ‘” . (int)$current_category_id . “‘”;
Line 292 in catalog/admin/categories.php must be changed from:
tep_db_query(“insert into ” . TABLE_PRODUCTS . ” (products_quantity, products_model,products_image, products_price, products_date_added, products_date_available, products_weight, products_status, products_tax_class_id, manufacturers_id) values (‘” . tep_db_input($product[‘products_quantity’]) . “‘, ‘” . tep_db_input($product[‘products_model’]) . “‘, ‘” . tep_db_input($product[‘products_image’]) . “‘, ‘” . tep_db_input($product[‘products_price’]) . “‘, now(), ‘” . tep_db_input($product[‘products_date_available’]) . “‘, ‘” . tep_db_input($product[‘products_weight’]) . “‘, ‘0’, ‘” . (int)$product[‘products_tax_class_id’] . “‘, ‘” . (int)$product[‘manufacturers_id’] . “‘)”);
to:
tep_db_query(“insert into ” . TABLE_PRODUCTS . ” (products_quantity, products_model,products_image, products_price, products_date_added, products_date_available, products_weight, products_status, products_tax_class_id, manufacturers_id) values (‘” . tep_db_input($product[‘products_quantity’]) . “‘, ‘” . tep_db_input($product[‘products_model’]) . “‘, ‘” . tep_db_input($product[‘products_image’]) . “‘, ‘” . tep_db_input($product[‘products_price’]) . “‘, now(), ” . (empty($product[‘products_date_available’]) ? “null” : “‘” . tep_db_input($product[‘products_date_available’]) . “‘”) . “, ‘” . tep_db_input($product[‘products_weight’]) . “‘, ‘0’, ‘” . (int)$product[‘products_tax_class_id’] . “‘, ‘” . (int)$product[‘manufacturers_id’] . “‘)”);
The following SQL queries need to be performed:
ALTER TABLE whos_online MODIFY COLUMN last_page_url VARCHAR(255) NOT NULL;
ALTER TABLE customers MODIFY COLUMN customers_default_address_id INTEGER;
ALTER TABLE customers_basket MODIFY COLUMN final_price DECIMAL(15,4);
