Solved

fix oscommerce version 2.2 to work with php 5.4

Posted on 2014-12-20
16
1,251 Views
Last Modified: 2014-12-26
anyone know how to fix oscommerce version 2.2 to work with php 5.4 so that oscommerce  software  thinks register_globals is set to ON
since php 5.4 has deleted the register_globals  out of it

I have see several on the internet, but they are kind of hard to follow
0
Comment
Question by:starview
  • 5
  • 4
  • 2
  • +1
16 Comments
 
LVL 4

Accepted Solution

by:
hulsebosch earned 500 total points
ID: 40511212
I wouldnt recommend  "fixing" your current version but would recommend updating to the current version.
That, or degrade the php version on your server.

It will be a whole lot of work to bring the current version you use up to the correct level.
(It's not only register_globals)
Besides, the updated versions are being build for a reason of security.
0
 

Author Comment

by:starview
ID: 40511239
I understand what you are saying but for the time being all I want to do is to find a way to make my current version work
and I can degrade the php version on my server because it is not on my server it is on a hosting server.
I have to much on this site to just let it go now, maybe I can sorry change over to a different hosting company and up great to a new version, but not now

I am hoping that some one here can show be how to do what I ask, if not I will look some where else thank you
0
 
LVL 58

Expert Comment

by:Gary
ID: 40511241
You could use extract()

But it's a bad idea and you should update
0
 

Author Comment

by:starview
ID: 40511253
extract() I don't even know what that is.

Please don't tell me update I know this already if you can not answer my question that fine. if I can not find any answers I will update, but that will be my last thing I will do, thank you
0
 
LVL 58

Expert Comment

by:Gary
ID: 40511255
Follow the link
Example

extract($_REQUEST,EXTR_SKIP);
extract($_POST,EXTR_SKIP);

Open in new window


I don't know what else OSCommerce uses.
0
 
LVL 4

Expert Comment

by:hulsebosch
ID: 40511575
What we are trying to warn you for is the fact that this will not be the only thing you will stumble on.
Once you have changed this function, you will most likely receive other messages / errors.

Just to make sure you know, here you will find all changes in oscommerce.
https://github.com/osCommerce/oscommerce2/blob/master/docs/CHANGELOG

All changes have been made for several reasons, most important reason will be the discovery of leaking programming.
Trying to catch up with that by editing your version to work with an older version of PHP is an utopy.

Having said so, I do believe the answer from Gary to be correct, in case you cannot find how to place the code in the page, please upload one of the pages where this is aplicable.
So we can have a look.
0
Promote certifications in your email signature

Has your company recently won an award or achieved a certification? They'll no doubt want to show it off. Email signature images used to promote certifications & awards can instantly establish credibility with a recipient and provide you with numerous benefits.

 
LVL 108

Expert Comment

by:Ray Paseur
ID: 40511595
I agree with the advice that you should upgrade your osCommerce software.  Register_Globals is a dangerous security hole in PHP, and that is why we removed it.  

In an emergency, you can install PHP 5.3, where register_globals still exists, but is deprecated.  You can turn off the deprecated messages in php.ini.  But this is a little like putting some black electrical tape over the warning lights.

If you use extract(), be aware of the dangers of variable injection.  Read the notes and warnings carefully.  I think if you do, you'll quickly conclude that upgrading osCommerce is the safest path forward.
0
 
LVL 58

Expert Comment

by:Gary
ID: 40513543
Three valid answers and you choose the one that repeats what everyone has already said?
0
 

Author Comment

by:starview
ID: 40513577
I really pick them all, I don't know what happen, I have no way of changing it, unless you know a way?
0
 

Author Comment

by:starview
ID: 40513614
hope this helps sorry did not want to hurt anyone's feelings
0
 
LVL 58

Expert Comment

by:Gary
ID: 40513623
NP
0
 

Author Comment

by:starview
ID: 40518449
I guess you can say I upgraded because I went to Opencart software
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 40518456
Starview, I've reviewed the literature a bit more and concluded that the correct answer is the upgrade.  It's a bit of work, but PHP is changing.  For the better, I might add.  Security is a concern now, whereas several years ago nobody thought about risks like variable injection.  PHP has a changelog, and it's easy to see how old PHP 5.3 really is -- it's so old (June 2009) that it's considered obsolete today (PHP 5.4 is almost 3 years old; PHP 5.6+ is current).  Programs that depend on risky things like register_globals are obsolete, too.  When vendors keep their platforms up-to-date it's easier to get access to security fixes and new features if we keep our scripts up-to-date at the same time.  So my recommendation is for the upgrade.  You're going to have to do it sometime, why deny yourself the benefits today?
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Foolproof security solutions has become one of the key necessities of every e-commerce or Internet banking website. If you too own an online shopping site then its vital for you to equip your web portal with customer security features that can allow…
It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
This video teaches viewers how to create their own website using cPanel and Wordpress. Tutorial walks users through how to set up their own domain name from tools like Domain Registrar, Hosting Account, and Wordpress. More specifically, the order in…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now