myTipper.com | ZoGo-Shop

Zogo v1.16 Build 15 - Security vulnerability bugfix release

This is a bugfix release related to the SQL Injection vulnerability in products.php

Everybody is advised to upgrade to this version
to avoid the SQL injection vulnerability.

This security vulnerability is already there since version 1.15.5 as it seems,
so i again stress here it is really important to upgrade to this very last version.

Bugfixes in this release.

- Fixed the SQL injection Vulnerability bug in products.php

Seems this bug was already there since 1.15.5, and was mentioned on the Secunia website. Despite i have already mailed those guys there several times, this does not seems to make sence. The bug is still there on the website and i think only an active community that send mass emails can wake this guys to update their website. So feel free to click on their webform and let them know the bug is fixed in meanwhile. You can find the report here... http://secunia.com/advisories/30232/

Secunia.com finally updated their website.
The bug is now stated as fixed !
- Updated on 9 june 2008 -

- Fixed the br-problem in admin_product_class.php

So it's now again possible to use normal html for the description of the product

- Fixed the Powered By Link

I think this was also a very old bug that had never been fixed, but hence it's fixed now

- Fixed the version in the plugin file

This was something i forgot to increase very often, i will try to keep more attention on that

Bieleke Thursday 05 June 2008 - 01:52:03 Comments 1

Zogo v1.16 Beta 13 is released

Very latest 1.16 Beta 13 release.

Bugs fixed in this release...

- Various paypal issues.
- Admin section (paying manually through admin section)

You now can test your ipn script through
http://www.eliteweaver.co.uk/testing/ipntest.php
But to be able to test, you'll have to change the paypal url
in your gateway to https://www.eliteweaver.co.uk/cgi-bin/webscr

If the above does not work, meaning you get an 200 ok status
but no returned values that means your curl version is buggy
and it's time to update it. Curl is a PHP extention.

This is also my very last release. I will leave the zogo project
and start my own. Ofcourse i'm still willing to provide you
guys with support, but do not expect any bugfixes from me
from now on. If you want to reach me personal you can join
the e107 channel on irc (freenode) or you can send your
questions or message to -email-

I had fun fixing this zogo shop but i want to take the OOP path,
while that code is much more extendable than the produceral
code that zogo uses now. But hence for that to work flawlessly
PHP5 is needed. The author of zogo still wants to support PHP4
where i do not agree with. This is also one of the reasons i leave
the project. I'm not willing to support End Of Life software.

Have fun with this (last) release from me...
Daniel is back in charge now.

Take care and goodbye.

Bieleke Saturday 15 March 2008 - 05:12:58 Comments 1

Zogo v1.16 Beta 12 is released

Bugfixed in this release...

Several admin sections.
Orders now has three statusses... Pending, Paid and Complete
So i think the Paypal section of Zogo is now completely fixed.

This release is near to Release Candidate status and will be
the very last 1.16 release. After that it should be opensourced
and eventually get a new name.

Keep in mind, i only garantee a correctly working version on
Apache 2, PHP 5 and MySQL5.

Have fun with this new bugfixed release.

Bieleke Sunday 02 March 2008 - 12:23:16 Comments 2

Zogo v1.16 Beta 11 is released

- Changed numbering of the versions to 1.16Bx where x is the number.
This fixes a problem with getting an upgrade button when zogo is installed.
- English.php, changed "Has Articles" to "Has Products"... well tranlation mistake :-)
- Little Paypal issue fixed in admin orders section.
Paypal IPN maked the order status "paid" but admin section expects status "complete"
So i fixed the admin orders section to show it correctly now.
- Removed some left-behind debug-code in the paypal_notify.php
- Decrypted the api.php and adminapi.php to get zogo ready for the opensource license
However the banners are still in there at this moment.

Thanks for this release go to LightStar for reporting the bugs.

Bieleke Friday 29 February 2008 - 14:02:18 Comments 0

Zogo v1.16 Beta 10 is released

Again a new bugfix release.

Bugfixed
======
1) problem with in the case of a new gateway-file, the gateway wasn't added to the table. This problem is fixed now.

2) When having more than one option for products did not showed more than one option in the cart, order, and invoice. This one is also fixed.

3) when adding products with different options, the cart grouped them into one product. This is ofcourse not correct, so i've rewritten the function to display the products in cart, checkout, payment, order and invoice.

Thanks for this release go to AndyP for reporting me this.

Enjoy this release.

Bieleke Sunday 24 February 2008 - 10:37:48 Comments 0

Site Update and migration

Over the next few weeks, we are planning a migration of the mytipper.com/zogoshop.com domains to a Joomla installation.

I know it will seem odd to some of you that an e107 plugin is being run and distributed from a Joomla installation, but there are several reasons for this migration.

• 
  Better SEO and SEF
  Collaboration extensions for projects
  Strong Document and content management
  

Daniel Wednesday 20 February 2008 - 22:22:18 Comments 0

Zogo v1.16 Beta 9 is released

Fixed the offline payment method which was broken during other fixes.
Thanks to Star Adrael for reporting this.

Bieleke Monday 18 February 2008 - 01:35:57 Comments 0

Zogo v1.16 Beta 8 is released

Again various fixes in plugin.php
And some fixes for admin section (categories and products)
Also fixed problem with products in categories.
Thanks to Bullwinkle and Rashan for the extensive testing.
Without you guys i would not have able to track all those bugs.

Bieleke Saturday 16 February 2008 - 15:00:27 Comments 0

News Categories