[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path Zen Cart 源代码 whatsnew_1.3.9g.html
<table border="3" width="748px" align="center" cellpadding="6">
<tr>
<td>
<h1>修改日志 - 修改文件列表</h1>
<p>自v1.3.9f后的修改文件的列表,见<a href="changelog-v1-3-9g.html" target="_blank">changelog-v1-3-9g.html</a> </p>
<h1>*** SECURITY REQUIREMENT ***</h1>
<p>For added security, Zen Cart™ comes with several .htaccess files already included in various folders to help provide protection against unwanted visitors
and even against mis-use of your site in the unfortunate situation of your site being hacked. These protections prevent hackers from using your site as phishing sources.</p>
<p>However, for these built-in protections to work, your web hosting server administrator MUST set the AllowOverride directive
in the server's apache configuration (the server's master httpd.conf file) to "All" or at least ensure it includes these parameters: 'Limit Indexes'.<br />
<pre>ie: AllowOverride All<br />
or: AllowOverride Limit Indexes </pre><br />
<em>(NOTE: You must also add "Options" if uncommenting OPTIONS directives in your .htaccess files)</em><br /><br />
Without these settings, you will likely encounter "<strong>500 Internal Server Error</strong>" messages when attempting to access various parts of your site, including perhaps the zc_install installer script. </p>
<p>Storeowners hosting on Windows Servers using IIS instead of Apache may need to remove the .htaccess files and rework them into suitable equivalents within your IIS configuration. See Microsoft's IIS website for specific assistance.</p>
<h1>ADDITIONAL NOTE ABOUT .htaccess FILES</h1>
<p>Inside some folders is an .htaccess file that lists certain *permitted* filetypes which may be accessed. (Anything else is blocked to prevent abuse on your site).</p>
<p>The side-effect of this is that if you choose to use media types that are not already listed in the *permitted* list, then your visitors will not be able to see those resources. </p>
<p>Thus, if you are using product images that are not in the list of permitted types in your /images/.htaccess, you will need to add those types to the list.</p>
<p>Similarly, if you are using certain media types in music product previews, you will need to make sure those are in your /media/.htaccess </p>
<p>And, if you are using filetypes for downloadable products that are not already listed in your /pub/.htaccess and /download/.htaccess you will need to add those as well.</p>
<h1>Zen Cart™ Server Requirements</h1>
<p>服务器配置要求:<br />PHP 4.3.2 或以上版本,Apache 1.3.30 和 MySQL 3.23 或以上版本。</p>
<p>建议配置:<br />PHP 5.3.2 或以上版本,Apache 2.2 或以上版本,MySQL 4.1 或以上版本。</p>
<p>虽然 Zen Cart 也可以在 Windows/IIS 服务器上运行,但最好用 Linux/Apache 服务器。</p>
<h1>版本v1.3.9a/b/c/d/e/f到1.3.9g的升级说明</h1>
<p>如果从<strong><u>Zen Cart v1.3.9a 或 1.3.9b 或 1.3.9c 或 1.3.9d 或 1.3.9e 或 1.3.9f</u></strong>升级,很简单:<br>
- 比较所有修改的文件... 将您修改过的地方,重新添加到新文件中<br>
- 上传新文件 (含您自己修改过的部分) 到服务器<br>
- (从 v1.3.9a 到 v1.3.9b 或 v1.3.9c 或 v1.3.9d 或 v1.3.9e 或 v1.3.9f 或 v1.3.9g 不需要升级数据库)<br />
- (在版本"d" 和 "e" 和 "f" 和 "g"之间升级,不需要删除或卸载支付模块)
</p>
<p>If you are upgrading <strong><u>from a version prior to v1.3.9a</u></strong>, please follow the instructions in the "<a href="2.readme_how_to_upgrade.html">how to upgrade</a>" documentation in the /docs folder. </p>
<h1>升级说明</h1>
<p>升级后,在访问管理界面前,建议先清空浏览器的缓存和cookies,并重新打开浏览器。有时会因为旧的cookies或缓存而无法访问管理界面。</p>
<h1>新增功能 ... </h1>
<h3><strong>从版本 1.3.9f 到 1.3.9g 包括了以下更新: </strong></h3>
<ul>
<li>CHANGE-74 - Security: Fix LFI/FD threat</li>
<li>CHANGE-74 - Security: Fix bSQLi vulnerability</li>
<li>CHANGE-74 - Security: Fix multiple XSS vulnerabilities</li>
<li>BUGSFORUM-1514 - Added admin warning page to prevent admin use if admin folder hasn't been renamed. (For XSS prevention and other security reasons, to deter hackers.)</li>
<li>BUGSFORUM-1514 - Added admin warning page to prevent admin use if zc-install folder hasn't been deleted</li>
<li>BUGSFORUM-531 - Fix to prevent "2006 MySQL server has gone away" messages</li>
<li>BUGSFORUM-1116 - Fix htmlspecialchars problem in ezpages</li>
<li>BUGSFORUM-1422 - Fix intermittent PayPal Express Checkout error 10413 & 10417 with large quantities and items on sale</li>
<li>BUGSFORUM-1438 - Improvements to canonical <link> support to minimize duplicate content reports</li>
<li>BUGSFORUM-1459 - Fix PayPal Express/Pro 10413 problem caused by rounding error with shipping taxes</li>
<li>BUGSFORUM-1472 - Set httpOnly attribute in session cookies, to minimize XSS risks</li>
<li>BUGSFORUM-1473 - Fix debug log problem</li>
<li>BUGSFORUM-1475 - Fix occasional Linkpoint problem when discounts/coupons are used</li>
<li>BUGSFORUM-1481 - Remove layout table in PayPal Pro VBV message</li>
<li>BUGSFORUM-1482 - Checkout Confirmation occassionally takes user back to log in after multiple purchases in one shopping session</li>
<li>BUGSFORUM-1490 - Fix Express Checkout quirk where customers selecting PP addresses for countries deleted from store would still be allowed to checkout</li>
<li>BUGSFORUM-1498 - Fix small authnet quirk where debug history order numbers might have trailing additional digits in debug data</li>
<li>BUGSFORUM-1499 - Fix PayPal problem where echecks wouldn't activate the order when cleared, due to a problem introduced when fixing duplicate-orders issue in v1.3.9d</li>
<li>BUGSFORUM-1507 - Security: Fix multiple XSS vulnerabilities</li>
<li>BUGSFORUM-1515 - Security: Fix multiple XSS vulnerabilities</li>
<li>BUGSFORUM-1519 - uninitialized variable causing odd display results if an error condition occurs</li>
<li>BUGSFORUM-1520 - Fix error where deleting an order wasn't removing associated download records.</li>
<li>BUGSFORUM-1522 - Featured, Specials, What's New sidebox div correction</li>
<li>BUGSFORUM-1527 - PayPal display bug in admin when Transaction IDs start with 0</li>
<li>ADDED: option added to disable Express Checkout shortcut button for those merchants whose customers are confused by it. However, it's best to leave it on to increase sales and conversions.</li>
<li>MINOR: small fix to authorize.net modules to prevent a brief delay from occurring when drawing the admin modules->payments screen</li>
<li>MINOR: added .xsl to approved filetypes in /includes/.htaccess</li>
<li>Removed obsolete cache.php language file</li>
</ul>
</td>
</tr>
</table>
<br /><br />
<p align="center"><em>Zen Cart 中文版 版权所有 2004 - 2010</em></p>
<br /><br />
</body>
</html>