Javascript Jabber
Your Prototype for Great Code
Shop Talk Show
Shoptalk is a podcast about front end web design, development and UX. Each week Dave & Chris will be joined by a special guest who is there to talk shop and help answer listener submitted questions.
Upfront Podcast
An in-depth discussion on the latest tooling, workflow and best practices for front-end developers, brought to you every week by Jack Franklin and Ben Howdle.
| --- \modules\shop\shipping_types\shop_fedexshipping.php Sun Apr 15 18:35:22 2012 | |
| +++ \modules\shop\shipping_types\shop_fedexshipping.php Fri Jan 25 14:23:36 2013 | |
| @@ -326,7 +326,7 @@ | |
| $request['ReturnTransitAndCommit'] = true; | |
| $request['RequestedShipment']['DropoffType'] = $this->host->pickup_type; | |
| - $request['RequestedShipment']['ShipTimestamp'] = time(); | |
| + $request['RequestedShipment']['ShipTimestamp'] = strtotime('+1 Weekday'); | |
| $request['RequestedShipment']['Shipper'] = array('Address' => array( |
I would like to note that your website restricts and disallows absolutely valid email addresses, in particular mine. I respectfully request that you update your sites email checks to allow valid email addresses which may not be particularly regular, but are absolutely valid.
I have included the requirements for email addresses along with their standards reference in RFC definitions.
An e-mail address consists of local part and domain separated by an at sign (@) character (RFC 2822 3.4.1).
The local part may consist of alphabetic and numeric characters, and the following characters: !, #, $, %, &, ', *, +, -, /, =, ?, ^, _, `, {, |, } and ~, possibly with dot separators (.), inside, but not at the start, end or next to another dot separator (RFC2822 3.2.4).
The local part may consist of a quoted string—that is, anything within quotes ("), including spaces (RFC 2822 3.2.5).
| /* | |
| * Prepare the asset list | |
| */ | |
| $aliases = array( | |
| 'mootools'=>'/modules/cms/resources/javascript/mootools_src.js', | |
| 'ls_core_mootools'=>'/modules/cms/resources/javascript/ls_mootools_core_src.js', | |
| 'ls_core_jquery'=>'/modules/cms/resources/javascript/ls_jquery_core_src.js', | |
| 'jquery'=>'/modules/cms/resources/javascript/jquery_src.js', | |
| 'jquery_noconflict'=>'/modules/cms/resources/javascript/jquery_noconflict.js', |
| <? if ($post): ?> | |
| <h2><?= h($post->title) ?></h2> | |
| <p> | |
| Published by <?= h($post->created_user_name) ?> | |
| on <?= $post->published_date->format('%F') ?> | |
| Comment(s): <?= $post->approved_comment_num ?> | |
| </p> | |
| <?= $post->content ?> |
| <?php | |
| class BlogFiles_Module extends Core_ModuleBase{ | |
| /** | |
| * Creates the module information object | |
| * @return Core_ModuleInfo | |
| */ | |
| protected function createModuleInfo(){ | |
| return new Core_ModuleInfo( | |
| "Blog Files", | |
| "Adds files to blog posts", |
| <?php | |
| if(!Phpr::$security->getUser()) | |
| { | |
| Phpr::$response->redirect(root_url('/')); | |
| }else | |
| { | |
| $cache = Phpr::$config->get('CACHING',array()); | |
| if(isset($cache['PARAMS']) && isset($cache['PARAMS']['CACHE_DIR'])) |
| <?php | |
| /** | |
| * Default shipping during checkout | |
| * This snippet when added to the pre_action will allow you to default shipping selection. | |
| * | |
| * This is mostly useful when there is only one shipping option, this allows you to skip | |
| * the shipping step of checkout entirely, simplifying things for your customers. | |
| * | |
| * This has been updated to use a dynamic method of pulling the first available shipping | |
| * option from your list of available shipping options. |
Originally reported by Joseph Richardson @EHLOVader on 2011-11-07 disclosure policy (RFv2.0)
A NULL byte poisoning in URL for both CSS and JS combination script
PHP < 5.3.4
Originally reported by Joseph Richardson @EHLOVader on 2011-11-30 disclosure policy (RFv2.0)
A session injection/hijacking vulnerability through cookie manipulation
Lemonstand specific