Release 1.5.5c

PHP Mailer Patch and other minor fixes

ANLEITUNG/index.html

@@ -59,7 +59,7 @@ <h1>Willkommen bei der deutschen Zen Cart Version 1.5.5</h1>
 <em>Das Team der deutschen Zen Cart Version</em></p>
 <hr />
 <span class="small">
-Die deutsche Zen Cart Version 1.5.5 ist eine Modifikation der amerikanischen Zen Cart Version 1.5.5b von <a href="http://www.zen-cart.com" target="_blank">zen-cart.com</a>.<br/>
+Die deutsche Zen Cart Version 1.5.5 ist eine Modifikation der amerikanischen Zen Cart Version 1.5.5c von <a href="http://www.zen-cart.com" target="_blank">zen-cart.com</a>.<br/>
 <br/>
 Dieses Programm wird in der Hoffnung vertrieben, dass es nützlich ist, allerdings OHNE IRGENDWELCHE GARANTIEN; ohne  die  Garantie der MARKTGÄNGIGKEIT oder der EIGNUNG ZU EINEM BESTIMMTEN ZWECK
 und wird vertrieben unter der GNU General Public License </span>
@@ -143,7 +143,7 @@ <h1>Neue Funktionen gegenüber 1.5.4</h1>
 </ul>
 
 <p>
-  Folgende Neuerungen und Bugfixes wurden aus der amerikanischen 1.5.5b Version  übernommen:</p>
+  Folgende Neuerungen und Bugfixes wurden aus der amerikanischen 1.5.5c Version  übernommen:</p>
 <ul>
   <li>All known v1.5.4 bugfixes and security fixes are included in v1.5.5,   including tighter control around XSS as well as clickjacking</li>
   <li>Template: The default out-of-the-box template (called "Responsive   Classic") is now a mobile-friendly responsive-design theme built for   flexibility with tablets, mobile devices, and desktops.</li>
@@ -195,6 +195,15 @@ <h1>Neue Funktionen gegenüber 1.5.4</h1>
   <li>Fix extra breadcrumb that was appearing when always-open-with-category is enabled</li>
   <li>Update BOC currency parsing to cope with their data changes and division-by-zero errors as a result</li>
   <li>Fix a test-mode bug in Authorizenet AIM module</li>
+  <li>Fix serious PHPMailer bug (upgraded to 5.2.19)</li>
+  <li>    Fix some variable strict-type rule enforcement issues for better PHP 7 compatibility</li>
+  <li>    Fix sanitizer (admin) overzealous cleaning for Attribute Option Comments</li>
+  <li>    Fixed bug preventing sending Coupon and GV emails to &quot;all customers&quot;</li>
+  <li>    Fixed rarely-triggered bug with product-type overrides for delete/copy logic</li>
+  <li>    Fixed problem where deleting a customer wouldn't delete old product-notification requests associated with that customer</li>
+  <li>    Fixed PayPal Standard to no longer transmit a comma as thousands-separator. (PayPal is being more strict about this in 2017.)</li>
+  <li>    Fixed shopping-basket quantity alert problem where changing quantities didn't always fire if min/mix rules were set</li>
+  <li>    Make null-exception treatment consistent in admin to match catalog</li>
 </ul>
 <h1>Changelog</h1>
 <p>Es gibt gegenüber Zen Cart 1.5.4 deutsch Änderungen in fast allen Dateien, ein detailliertes Changelog würde daher den Rahmen dieser Doku sprengen.<br>

README.md

@@ -73,4 +73,4 @@ Zen Cart 1.5.5 deutsch ermöglicht den Einsatz von Zen Cart unter PHP 7 und brin
 * pdf Rechnung integriert
 * Bei Bestellungen können die Adressdaten korrigiert werden
 
-Alle Neuerungen und Bugfixes aus der amerikanischen 1.5.5b Version wurden ebenfalls übernommen
+Alle Neuerungen und Bugfixes aus der amerikanischen 1.5.5c Version wurden ebenfalls übernommen

UPLOAD/admin/customers.php

@@ -4,7 +4,7 @@
  * @copyright Copyright 2003-2016 Zen Cart Development Team
  * @copyright Portions Copyright 2003 osCommerce
  * @license http://www.zen-cart-pro.at/license/2_0.txt GNU Public License V2.0
- * @version $Id: customers.php 790 2016-05-08 09:13:51Z webchills $
+ * @version $Id: customers.php 791 2016-12-27 09:06:51Z webchills $
  */
 
   require('includes/application_top.php');
@@ -401,6 +401,8 @@
         $db->Execute("delete from " . TABLE_WHOS_ONLINE . "
                       where customer_id = '" . (int)$customers_id . "'");
 
+    	$db->Execute("delete from " . TABLE_PRODUCTS_NOTIFICATIONS . " where customers_id = " . $customer_id);
+
         zen_record_admin_activity('Customer with customer ID ' . (int)$customers_id . ' deleted.', 'warning');
         zen_redirect(zen_href_link(FILENAME_CUSTOMERS, zen_get_all_get_params(array('cID', 'action')), 'NONSSL'));
         break;

UPLOAD/admin/includes/functions/database.php

@@ -4,7 +4,7 @@
  * @copyright Copyright 2003-2016 Zen Cart Development Team
  * @copyright Portions Copyright 2003 osCommerce
  * @license http://www.zen-cart-pro.at/license/2_0.txt GNU Public License V2.0
- * @version $Id: database.php 733 2015-01-22 09:04:16Z webchills $
+ * @version $Id: database.php 734 2016-12-27 09:02:16Z webchills $
  */
 
 
@@ -23,7 +23,7 @@ function zen_db_perform($table, $data, $action = 'insert', $parameters = '', $li
           case 'now()':
             $query .= 'now(), ';
             break;
-          case 'null':
+          case 'NULL':
             $query .= 'null, ';
             break;
           default:
@@ -39,7 +39,7 @@ function zen_db_perform($table, $data, $action = 'insert', $parameters = '', $li
           case 'now()':
             $query .= $columns . ' = now(), ';
             break;
-          case 'null':
+          case 'NULL':
             $query .= $columns .= ' = null, ';
             break;
           default:

UPLOAD/admin/includes/init_includes/init_sanitize.php

@@ -5,7 +5,7 @@
  * @package initSystem
  * @copyright Copyright 2003-2016 Zen Cart Development Team
  * @license http://www.zen-cart-pro.at/license/2_0.txt GNU Public License V2.0
- * @version $Id: init_sanitize.php 738 2016-11-03 08:03:16Z webchills $
+ * @version $Id: init_sanitize.php 739 2016-12-27 09:03:16Z webchills $
  */
 
 if (!defined('DO_STRICT_SANITIZATION')) {
@@ -205,13 +205,13 @@
 $group = array('metatags_title', 'metatags_keywords', 'metatags_description');
 $sanitizer->addSimpleSanitization('META_TAGS', $group);
 
-$group = array('customers_email_address' => array('sanitizerType' => 'SANITIZE_EMAIL_AUDIENCE', 'method' => 'post', 'pages' => array('mail')));
+$group = array('customers_email_address' => array('sanitizerType' => 'SANITIZE_EMAIL_AUDIENCE', 'method' => 'post', 'pages' => array('coupon_admin', 'gv_mail', 'mail')));
 $sanitizer->addComplexSanitization($group);
 
 $group = array('customers_email_address');
 $sanitizer->addSimpleSanitization('SANITIZE_EMAIL', $group);
 
-$group = array('products_description', 'products_taxonomy', 'coupon_desc', 'file_contents', 'categories_description', 'message_html', 'banners_html_text', 'pages_html_text', 'comments');
+$group = array('products_description', 'products_taxonomy', 'coupon_desc', 'file_contents', 'categories_description', 'message_html', 'banners_html_text', 'pages_html_text', 'comments', 'products_options_comment');
 $sanitizer->addSimpleSanitization('PRODUCT_DESC_REGEX', $group);
 
 $group = array('products_url');

UPLOAD/admin/includes/modules/prod_cat_header_code.php

@@ -4,20 +4,15 @@
  * @copyright Copyright 2003-2016 Zen Cart Development Team
  * @copyright Portions Copyright 2003 osCommerce
  * @license http://www.zen-cart-pro.at/license/2_0.txt GNU Public License V2.0
- * @version $Id: prod_cat_header_code.php 729 2011-08-09 15:49:16Z hugo13 $
+ * @version $Id: prod_cat_header_code.php 730 2016-12-27 09:05:16Z webchills $
  */
 if (!defined('IS_ADMIN_FLAG')) {
   die('Illegal Access');
 }
   require(DIR_WS_CLASSES . 'currencies.php');
   $currencies = new currencies();
 
-
-  if (isset($_GET['product_type'])) {
-    $product_type = zen_db_prepare_input($_GET['product_type']);
-  } else {
-    $product_type='1';
-  }
+  $product_type = (isset($_POST['products_id']) ? zen_get_products_type($_POST['products_id']) : isset($_GET['product_type']) ? $_GET['product_type'] : 1);
 
   $type_admin_handler = $zc_products->get_admin_handler($product_type);
 

UPLOAD/admin/product.php

@@ -4,7 +4,7 @@
  * @copyright Copyright 2003-2016 Zen Cart Development Team
  * @copyright Portions Copyright 2003 osCommerce
  * @license http://www.zen-cart-pro.at/license/2_0.txt GNU Public License V2.0
- * @version $Id: product.php 787 2016-03-04 22:13:51Z webchills $
+ * @version $Id: product.php 788 2016-12-27 09:13:51Z webchills $
  */
 
   require('includes/application_top.php');
@@ -33,7 +33,6 @@
       } else {
         $delete_linked = 'true';
       }
-      $product_type = zen_get_products_type($_POST['products_id']);
         if (file_exists(DIR_WS_MODULES . $zc_products->get_handler($product_type) . '/delete_product_confirm.php')) {
           require(DIR_WS_MODULES . $zc_products->get_handler($product_type) . '/delete_product_confirm.php');
          } else {

UPLOAD/includes/classes/shopping_cart.php

@@ -6,7 +6,7 @@
  * @copyright Copyright 2003-2016 Zen Cart Development Team
  * @copyright Portions Copyright 2003 osCommerce
  * @license http://www.zen-cart-pro.at/license/2_0.txt GNU Public License V2.0
- * @version $Id: shopping_cart.php 776 2016-11-03 08:08:29Z webchills $
+ * @version $Id: shopping_cart.php 777 2016-12-27 09:08:29Z webchills $
  */
 
 if (!defined('IS_ADMIN_FLAG')) {
@@ -1780,14 +1780,6 @@ function actionUpdateProduct($goto, $parameters) {
           $adjust_max= 'true';
         } else {
         if ($add_max != 0) {
-// bof: adjust new quantity to be same as current in stock
-            if (STOCK_ALLOW_CHECKOUT == 'false' && ($new_qty + $cart_qty > $chk_current_qty)) {
-                $adjust_new_qty = 'true';
-                $alter_qty = $chk_current_qty - $cart_qty;
-                $new_qty = ($alter_qty > 0 ? $alter_qty : 0);
-                $messageStack->add_session('shopping_cart', ($this->display_debug_messages ? 'FUNCTION ' . __FUNCTION__ . ': ' : '') . WARNING_PRODUCT_QUANTITY_ADJUSTED . zen_get_products_name($_POST['products_id'][$i]), 'caution');
-            }
-// eof: adjust new quantity to be same as current in stock
           // adjust quantity if needed
         switch (true) {
           case ($new_qty == $current_qty): // no change
@@ -1811,6 +1803,13 @@ function actionUpdateProduct($goto, $parameters) {
           default:
             $adjust_max= 'false';
           }
+
+// bof: notify about adjustment to new quantity to be same as current in stock or maximum to add
+          if ($adjust_max == 'true') {
+            $messageStack->add_session('shopping_cart', ($this->display_debug_messages ? 'FUNCTION ' . __FUNCTION__ . ': ' : '') . WARNING_PRODUCT_QUANTITY_ADJUSTED . zen_get_products_name($_POST['products_id'][$i]), 'caution');
+          }
+// eof: notify about adjustment to new quantity to be same as current in stock or maximum to add
+
           $attributes = ($_POST['id'][$_POST['products_id'][$i]]) ? $_POST['id'][$_POST['products_id'][$i]] : '';
           $this->add_cart($_POST['products_id'][$i], $new_qty, $attributes, false);
         } else {