| OSCommerce Security
... how safe is it? |
BeeDeeDubbleU
msg:3073170 | 8:00 am on Sep 6, 2006 (gmt 0) |
I have a PHP developer who installs OSCommerce packages for me. It's a great system and the sites have all turned out well. I don't do much PHP myself and while we have not had any problems I am not sure how safe the sites are. Can anyone offer advice on how secure OSCommerce really is? Is there a continuing update process that we should be using and if so do you charge your clients for this?
|
badass101
msg:3073213 | 8:43 am on Sep 6, 2006 (gmt 0) |
There was a new security rollup released recently for osCommerce 2.2 Milestone 2 (the standard release for the last few years). You should look at applying this rollup. The code changes aren't too bad, and there are diff/patch files available if you're familiar with automated patching tools - this makes the process pretty painless. I'm about to patch up a bunch of my shops - but need to sort out charging the clients that don't have maintenance or don't put much business our way.
|
badass101
msg:3073217 | 8:45 am on Sep 6, 2006 (gmt 0) |
Oh, forgot the useful link... Text details of changes to files is here:
[oscommerce.com...] If you want to download the full package then grab it (which includes the patch/diff files) from here:
[oscommerce.com...]
|
|
|
