Post by uksitebuilder » Tue Sep 13, 2011 1:34 am

Try again Madlime

After upload, delete all files except index.html in system/cache folder

ImageImageImageImage

For Friendly Professional Support - Click Here


User avatar
Guru Member

Posts

Joined
Thu Jun 09, 2011 11:37 pm
Location - United Kindgom

Post by okmarket » Tue Sep 13, 2011 12:49 pm

hi sometimes i get warning as per att'd file, so how can I do it? thank you.

Attachments

cache.JPG

cache.JPG (34.44 KiB) Viewed 9157 times


China Wholesaler
http://www.okmarket.com
Image

David Wei


User avatar
New member

Posts

Joined
Sat Jul 09, 2011 11:47 pm
Location - Guangzhou,China

Post by Xsecrets » Tue Sep 13, 2011 2:26 pm

that's a race condition that's been in there forever. I don't think anyone has figured out how to completely eliminate it yet.

OpenCart commercial mods and development http://spotonsolutions.net
Layered Navigation
Shipment Tracking
Vehicle Year/Make/Model Filter


Guru Member

Posts

Joined
Sun Oct 25, 2009 3:51 am
Location - FL US

Post by okmarket » Tue Sep 13, 2011 5:01 pm

Hi

so do you mean is this a problem ? or i just refresh it.

thank you for your help.

China Wholesaler
http://www.okmarket.com
Image

David Wei


User avatar
New member

Posts

Joined
Sat Jul 09, 2011 11:47 pm
Location - Guangzhou,China

Post by JAY6390 » Tue Sep 13, 2011 5:45 pm

It's a known issue. The only way to prevent it from being seen by your users is to suppress the error, either by putting an @ before the unlink command in the cache file, or turning display errors off for php

Image


User avatar
Guru Member

Posts

Joined
Wed May 26, 2010 11:47 pm
Location - United Kingdom

Post by okmarket » Tue Sep 13, 2011 5:58 pm

Hi

thank you for your reply.

i found if the website speed is slowly, so it will happen it. but it's not too many times.

China Wholesaler
http://www.okmarket.com
Image

David Wei


User avatar
New member

Posts

Joined
Sat Jul 09, 2011 11:47 pm
Location - Guangzhou,China

Post by JAY6390 » Tue Sep 13, 2011 6:06 pm

It's not really to do with the website speed to be honest, it happens when its trying to delete the same file at the same time

Image


User avatar
Guru Member

Posts

Joined
Wed May 26, 2010 11:47 pm
Location - United Kingdom

Post by tech.cnsb » Thu Sep 22, 2011 1:55 pm

Daniel wrote:its also php version related. not all version of php allow this hack.

php 5.3+ does not have this problem but 5.2.9 has.
I test with php 5.2.13, it works.

with php 5.3.4,
after execute the link, It will generate demo.php.1316673254
so would not overwrite the original file.

I think this is very critical.

Newbie

Posts

Joined
Wed Jan 12, 2011 11:44 am

Post by adi_555 » Thu Sep 22, 2011 3:47 pm

Ever since I updated this file, our site shows blank page on random basis. I looked up on server logs and this is what I found:


- PHP Warning: file_get_contents(/public_html/system/cache/cache.category.137.1.0.1316378837) [<a href='function.file-get-contents'>function.file-get-contents</a>]: failed to open stream: No such file or directory in /public_html/system/library/cache.php on line 25
PHP Warning: unlink(/public_html/system/cache/cache.category.739.1.0.1316381972) [<a href='function.unlink'>function.unlink</a>]: No such file or directory in /public_html/system/library/cache.php on line 48
PHP Warning: file_get_contents(/public_html/system/cache/cache.category.905.1.0.1316635395) [<a href='function.file-get-contents'>function.file-get-contents</a>]: failed to open stream: No such file or directory in /public_html/system/library/cache.php on line 25


One moe thing, when the page is blank if we type the url without "www" it loads the page just fine !

We are on 1.4.9

Active Member

Posts

Joined
Mon Nov 08, 2010 6:21 pm

Post by Johnathan » Sat Sep 24, 2011 9:42 pm

ash_in99 wrote:Guys, suggest...update the cache file in 1.4.9.x or not?
Yes, the fixed cache.php file needs to added.

Image
Image Image Image Image


User avatar
Global Moderator

Posts

Joined
Fri Dec 18, 2009 3:08 am


Post by annelim » Sun Oct 30, 2011 12:09 am

hi developer,
i using version 1.5.1.3, do i need update this?
what happen if not update this issue? does my page will be hack?>?
what kind of security issue is all about this?
please help. appreciate it

Active Member

Posts

Joined
Fri Oct 28, 2011 5:13 pm

Post by Johnathan » Sun Oct 30, 2011 1:53 am

All OpenCart versions later than 1.5.1.1 will have the fix included in them (including 1.5.1.3).

Image
Image Image Image Image


User avatar
Global Moderator

Posts

Joined
Fri Dec 18, 2009 3:08 am


Post by annelim » Mon Oct 31, 2011 10:27 pm

->All OpenCart versions later than 1.5.1.1 will have the fix included in them (including 1.5.1.3).
what does it mean? sorry for my poor english. is it mean later than 1.5.1.1 have to update the security? including 1.5.1.3 also need to be update the security?
actually what is this security mean? prevent hacker? does anybody knew that?

Active Member

Posts

Joined
Fri Oct 28, 2011 5:13 pm

Post by Xsecrets » Mon Oct 31, 2011 10:45 pm

no version 1.5.1.2 and all newer versions already contain this fix.
Yes it's a fix to prevent hackers from being able to write arbitrary files to your system. In some configurations it was reported that they could overwrite core files, but I never could reproduce that on any system I had access to.

OpenCart commercial mods and development http://spotonsolutions.net
Layered Navigation
Shipment Tracking
Vehicle Year/Make/Model Filter


Guru Member

Posts

Joined
Sun Oct 25, 2009 3:51 am
Location - FL US

Post by annelim » Tue Nov 01, 2011 1:04 am

Xsecrets wrote:no version 1.5.1.2 and all newer versions already contain this fix.
Yes it's a fix to prevent hackers from being able to write arbitrary files to your system. In some configurations it was reported that they could overwrite core files, but I never could reproduce that on any system I had access to.
thank you for the info Xsecret :laugh:
i trying to modify SEO url , but unsuccessful, do you have any idea how do to?
i had saw some thread guide me do to the modification, after all done, but the page still remain same as normal.
here are the post :
[1.5.0] How to change index.php?route to seo friendly urls?

Active Member

Posts

Joined
Fri Oct 28, 2011 5:13 pm

Post by Xsecrets » Tue Nov 01, 2011 1:22 am

annelim wrote:
Xsecrets wrote:no version 1.5.1.2 and all newer versions already contain this fix.
Yes it's a fix to prevent hackers from being able to write arbitrary files to your system. In some configurations it was reported that they could overwrite core files, but I never could reproduce that on any system I had access to.
thank you for the info Xsecret :laugh:
i trying to modify SEO url , but unsuccessful, do you have any idea how do to?
i had saw some thread guide me do to the modification, after all done, but the page still remain same as normal.
here are the post :
[1.5.0] How to change index.php?route to seo friendly urls?
you'll need to post in that thread those questions don't belong here this post has nothing to do with seo

OpenCart commercial mods and development http://spotonsolutions.net
Layered Navigation
Shipment Tracking
Vehicle Year/Make/Model Filter


Guru Member

Posts

Joined
Sun Oct 25, 2009 3:51 am
Location - FL US

Post by kaylamatthews » Mon Nov 07, 2011 10:04 am

Can somebody knowledgeable and kind elaborate on whether updating this file will affect a live shop with modules installed?

I am not familiar with how cache works or the cause of this security hole...all I know is I have about 7 Opencart sites and they all need to be patched, except I am not sure if this cache.php file has the potential to break those websites...

Please help!

New member

Posts

Joined
Wed Jun 01, 2011 12:30 pm

Post by Xsecrets » Mon Nov 07, 2011 11:52 am

kaylamatthews wrote:Can somebody knowledgeable and kind elaborate on whether updating this file will affect a live shop with modules installed?

I am not familiar with how cache works or the cause of this security hole...all I know is I have about 7 Opencart sites and they all need to be patched, except I am not sure if this cache.php file has the potential to break those websites...

Please help!
it is safe to just overwrite the system/library/cache.php file. It won't affect anything. I can't 100% say that there are no mods in existence that would be affected, but they are doing something they should not be if they are affected. Basically all the fix does is lock things in so you can only create cache files in the cache folder.

OpenCart commercial mods and development http://spotonsolutions.net
Layered Navigation
Shipment Tracking
Vehicle Year/Make/Model Filter


Guru Member

Posts

Joined
Sun Oct 25, 2009 3:51 am
Location - FL US

Post by kaylamatthews » Mon Nov 07, 2011 3:14 pm

Xsecrets wrote:
kaylamatthews wrote:Can somebody knowledgeable and kind elaborate on whether updating this file will affect a live shop with modules installed?

I am not familiar with how cache works or the cause of this security hole...all I know is I have about 7 Opencart sites and they all need to be patched, except I am not sure if this cache.php file has the potential to break those websites...

Please help!
it is safe to just overwrite the system/library/cache.php file. It won't affect anything. I can't 100% say that there are no mods in existence that would be affected, but they are doing something they should not be if they are affected. Basically all the fix does is lock things in so you can only create cache files in the cache folder.
You are just the person I was looking for to answer such a question ;) Thank you so much, I will update the file one site at a time and hope for the best (will back everything up of course)

Thanks again!

New member

Posts

Joined
Wed Jun 01, 2011 12:30 pm
Who is online

Users browsing this forum: No registered users and 8 guests