Post by RuslanBrest » Wed Jan 07, 2015 5:58 am

Where: Opencart, admin backend, `catalog/download/add`

There is 3 security check (file extension, mime type, and "<?php" inside the file). The last one fails uploading safe zip files. You can check this - try to make downloadable "" in fresh oc2011 install.

I have found that zip includes short PHP files into archive as is, without packing.
The "" contains lot of "<?php" inside it - it have several short language files (1-3 lines length).

Tried to zip with maximum compresion level (zip -9) - no luck. Default is "-6".

Any ideas on how to solve the problem without removing such security check?

OCJ: (lang: ru)

New member


Sat Nov 12, 2011 3:19 pm

Who is online

Users browsing this forum: No registered users and 9 guests