Closed

Urgent: need to reactivate closed x cart store and solve patch installation error

This project received 1 bids from talented freelancers with an average bid price of $25 USD / hour.

Get free quotes for a project like this
Employer working
Skills Required
Project Budget
$25 USD / hour
Total Bids
1
Project Description

Our store at [url removed, login to view] is temporarily closed. By temporarily closing the store, we no longer have access to our admin panel. We first need help determining how to reopen our store.

Second, after installing a patch recommended by x cart this morning, we receive the following error. Further below is the email regarding the x cart patch that was recommended to us.

Please see error:

$HTTP_HOST = isset($_SERVER['HTTP_HOST']) ? addslashes($_SERVER['HTTP_HOST']) : false; $HTTP_HOST = isset($_SERVER['HTTP_HOST']) ? addslashes($_SERVER['HTTP_HOST']) : false; $HTTP_HOST = isset($_SERVER['HTTP_HOST']) ? addslashes($_SERVER['HTTP_HOST']) : false; Warning: Cannot modify header information - headers already sent by (output started at /usr/www/users/philroth/JR/store/[url removed, login to view]) in /usr/www/users/philroth/JR/store/include/[url removed, login to view] on line 72
Warning: Cannot modify header information - headers already sent by (output started at /usr/www/users/philroth/JR/store/[url removed, login to view]) in /usr/www/users/philroth/JR/store/include/[url removed, login to view] on line 74
Warning: Cannot modify header information - headers already sent by (output started at /usr/www/users/philroth/JR/store/[url removed, login to view]) in /usr/www/users/philroth/JR/store/include/[url removed, login to view] on line 83
Warning: Cannot modify header information - headers already sent by (output started at /usr/www/users/philroth/JR/store/[url removed, login to view]) in /usr/www/users/philroth/JR/store/include/[url removed, login to view] on line 84
Warning: Cannot modify header information - headers already sent by (output started at /usr/www/users/philroth/JR/store/[url removed, login to view]) in /usr/www/users/philroth/JR/store/include/[url removed, login to view] on line 91
Warning: Cannot modify header information - headers already sent by (output started at /usr/www/users/philroth/JR/store/[url removed, login to view]) in /usr/www/users/philroth/JR/store/include/func/[url removed, login to view] on line 1582
Warning: Cannot modify header information - headers already sent by (output started at /usr/www/users/philroth/JR/store/[url removed, login to view]) in /usr/www/users/philroth/JR/store/include/[url removed, login to view] on line 162


We have an urgent need to fix our patch installation recommended by X-Cart, see below:

Dear X-Cart customer,

During internal audit activities we found minor security issue that make X-Cart potentially vulnerable to attackers who wish to gain access to the application back-end.

Qualiteam has released the security update which includes the following improvements:

4.1.x branch:
-some known problems related to anonymous accounts
-protection from unallowed access to back-end, using queries (formed in a special way) has been added

4.2.x - 4.4.x branches:
Security improvement for server variables and [url removed, login to view] script


SEVERITY
Minor

IMPACT ON 4.1.x versions
A malicious user can gain access to address info for anonymous accounts.
A malicious user can gain access to the application back-end.

IMPACT ON 4.2.x - 4.4.x versions
A malicious user can gain access to the application back-end with a complex SQL injection

AFFECTED VERSIONS
All X-Cart versions

SOLUTION
We recommend you to apply the security fix to secure your store.

To apply this patch, follow the instructions below:

1) Download the patch (the security-patch-2012-04-05_{version}.tgz archive file) from the "File area" section of your Qualiteam account.

You can find the patch at
X-Cart -> X-Cart supporting files for prev versions -> {Your X-Cart branch} -> {Your X-Cart version} -> Updates and patches

2) Decompress the archive file.
The following files/folders will be extracted:
/DIFF-xcart - contains DIFF files for patching customized X-Cart files
/README - this README file
/xcart - contains already patched X-Cart files
[url removed, login to view] - contains all DIFF files from the DIFF-xcart folder, combined into one file

Note:
DIFF file is a file that contains differences between two files. In our case, DIFF file contains changes made to the current file compared to the former version of the same fil

Looking to make some money?

  • Set your budget and the timeframe
  • Outline your proposal
  • Get paid for your work

Hire Freelancers who also bid on this project

    • Forbes
    • The New York Times
    • Time
    • Wall Street Journal
    • Times Online