Php-MultiShop: e-Commerce Multi Store / News: Recent posts

thanks to David Byrne, I've know a SQL injection vulnerability in the store-side of PHP-Multishop. It is caused by improper variable sanitizing in store/includes/multishop_functions.php called from store/login.php.
To get further details and a fix, download the package 'fix-store-sql-injection-0.1.zip' here:
http://multishop.tropic.it/modules.php?name=Downloads&d_op=viewdownload&cid=2

In the Download section of the Multishop Demo portal (http://multishop.tropic.it) is available the package to update php-multishop-0.8 to the last fixes and changes released by the osCommerce Team on 2005-11-13.
Requirement: php-multishop-0.8

I've fixed the module and now the products are displayed correctly, with tax and the final special price

I've created this Installer to simplify the process of installation of PHPNuke, hoping that it will be useful to many inexpert users, so my little work could contribute to the further diffusion of this great CMS.
This first release includes the languages english, spanish, italian and french, and provides the installation for PHPNuke version 7.7, 7.6 and 7.5.
Note: tested only with MySql DataBase.
Download: http://php-multishop.com/phpnuke-installer.php

After various suggestions finally I adopted the Admin Level wth Account package, an oCommerce contribution available on oscommerce.org, to protect the Administration Areas of the shops.
The package is available on the Download area of http://multishop.tropic.it

Is available for download on SourceForge the greek translation of Php-multishop, thanks to Vangelis Giannoulatos (panvagil - www.e-lefkas.gr).

It's ready multishop-devel-0.6, the new version of Php-MultiShop, with the update to PhpNuke 7.5, Security Patch 2.9, and other improvements and new features.

For Multishop 0-4 and 0.5 is available the fixed file for a little error in the Multi-Shop admin module (Nuke/html/admin/modules/multishop.php file).
To get the fixed file, go to the Download section (Fixes):
http://multishop.tropic.it/modules.php?name=Downloads

The fixed error is to the line n. 250 of the multishop.php file, and the correct string is:

$db->sql_query("INSERT INTO ".$prefix."_categories_to_vendors VALUES ('". $cat_id . "','" . $vendors_id . "', 'NULL')");

I've found an error of distraction in the file: Multishop_as_Addon/multishop_addon.sql (only for MultiShop-0.5 version).
Is available the correct file in the Download section (Fixes): http://multishop.tropic.it/modules.php?name=Downloads

To the end of multishop_addon.sql file, the correct commands are:

# Table nuke_authors, add field: 'radminmultishop'
ALTER TABLE nuke_authors ADD radminmultishop tinyint(2) NOT NULL default '0';... read more

For Php-MultiShop-0.5 is now available also the polish translation, thanks to Andrew (www.econe.pl).

Is now available for download the turkish translation of Php-multishop package, thanks to Baris Isik, from the Marmara University, Istanbul (Turkey).

Is now available for download the release <b>Php-MultiShop 0.5</b>, that includes the upgrade to PhpNuke 7.4 and Security Patch 2.6.