View Issue Details

IDProjectCategoryView StatusLast Update
0006367OXID eShop (all versions)4.04. Securitypublic2023-07-07 14:50
ReporterAlexN Assigned To 
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionopen 
Product Version4.9.7 / 5.2.7 
Summary0006367: Generated Captcha in pricealaram contains bad characters
DescriptionOn a detail page of an article the captcha at pricealarm generates bad characters if "$this->captchaKey = '66303bc779b76899eb7340fdb8252439';" is not set in "config.inc.php".
Steps To ReproduceWell, setup a new OXID eShop CE with version 4.9.7 including sample articles. After that unset "$this->captchaKey = '66303bc779b76899eb7340fdb8252439';" and navigate to any article and check the captcha code. In case you are lucky and the captcha code contains no bad characters reload the page.
Additional InformationIn a CE 4.9.4 it seems to work.
TagsNo tags attached.
Attached Files
bad-characters.png (11,318 bytes)   
bad-characters.png (11,318 bytes)   
Theme
BrowserNot defined
PHP VersionNot defined
Database VersionNot defined

Activities

hendrikfreytag

2016-04-06 15:22

reporter   ~0011522

https://github.com/OXID-eSales/oxideshop_ce/blob/v4.9.7/source/core/utils/verificationimg.php#L122

This will not work because this file is included elsewhere. So change include_once into include.

But why are you even creating this funny class oxConfKey? If the value is not set in https://github.com/OXID-eSales/oxideshop_ce/blob/v4.9.7/source/core/utils/verificationimg.php#L95 you can just call oxRegistry::getConfig()->getConfigParam('sConfigKey').

QA

2023-07-07 14:50

administrator   ~0015411

Captcha feature is now a module.
It is at least in 7.0.0.
- mko