View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0006367 | OXID eShop (all versions) | 4.04. Security | public | 2016-04-06 12:49 | 2023-07-07 14:50 |
Reporter | AlexN | Assigned To | |||
Priority | normal | Severity | minor | Reproducibility | always |
Status | closed | Resolution | open | ||
Product Version | 4.9.7 / 5.2.7 | ||||
Summary | 0006367: Generated Captcha in pricealaram contains bad characters | ||||
Description | On a detail page of an article the captcha at pricealarm generates bad characters if "$this->captchaKey = '66303bc779b76899eb7340fdb8252439';" is not set in "config.inc.php". | ||||
Steps To Reproduce | Well, setup a new OXID eShop CE with version 4.9.7 including sample articles. After that unset "$this->captchaKey = '66303bc779b76899eb7340fdb8252439';" and navigate to any article and check the captcha code. In case you are lucky and the captcha code contains no bad characters reload the page. | ||||
Additional Information | In a CE 4.9.4 it seems to work. | ||||
Tags | No tags attached. | ||||
Attached Files | |||||
Theme | |||||
Browser | Not defined | ||||
PHP Version | Not defined | ||||
Database Version | Not defined | ||||
|
https://github.com/OXID-eSales/oxideshop_ce/blob/v4.9.7/source/core/utils/verificationimg.php#L122 This will not work because this file is included elsewhere. So change include_once into include. But why are you even creating this funny class oxConfKey? If the value is not set in https://github.com/OXID-eSales/oxideshop_ce/blob/v4.9.7/source/core/utils/verificationimg.php#L95 you can just call oxRegistry::getConfig()->getConfigParam('sConfigKey'). |
|
Captcha feature is now a module. It is at least in 7.0.0. - mko |