If you’re using Squirrel Cart as your shopping cart and PayPal to handle payment transactions you might be interested in this. I did some research the other day and found out how to set up a Payment Data Transfer so now after PayPal receives a payment a confirmation will be sent to Squirrel Cart to complete the order, making life a bit easier.
So one of clients wanted for the user to be automatically logged in after the user registered with the site. I thought it was going to be a little difficult, doing a form with hidden fields that submitted to the login page. But after a little searching, it turns out that its a 2 lines of editing to the registration component. Add “$mainframe” as one of the globals in line 118 and add
$mainframe->login($row->username,$row->password); to line 213. Happy Coding
Ciao Ciao
Woe is the PHP hosting provider that thinks leaving register_globals on is a good thing. At lunch today, the PICnet gang was chatting about security vulnerabilities that were occuring in many Joomla 3rd party components. The problem is that our wonderful Joomla core was taking flack for not being secure, but at the end of the day all the hacks seemed to be occuring because of poor programming and server hosts leaving on the dreaded “register_globals” on their servers.
I mean, this is PHP hosting 101, right?
Unfortunately, one of our great clients had a server that had register_globals turned on, and the hacker took full advantage. Moral of the story, please, please, check to make sure that register_globals is turned off. If your hosting provider has it turned on, turn and run the other way.
Now, to take this to the next step, Johannes Ullrich over at the Internet Storm Center wrote his Tip of the Day on PHP security today. Read more for some excerpts of how you can protect your code.
You are currently browsing the archives for the PHP category.
PICnet Blog is copyright of PICnet, Inc.
Entries 
and Comments (RSS).
