AnimeCYC

Er, just where exactly are you seeing the queries? The only lines I see in the MySQL class that use die are in the connect() function (called way before you're in a position to run any queries at all): 22. die(Tools::displayError('The database selection cannot be made.')); 25. die(Tools::displayError('Link to database cannot be established.')); 28. die(Tools::displayError('PrestaShop Fatal error: no utf-8 support. Please check your server configuration.')); If you've properly configured your SERVER then you shouldn't be displaying PHP errors (although you may want to silently log them to a log file) either. You should just show a blank screen. Prestashop will try and impose this on your store, although on some servers it will not be allowed to turn error display off. Paul I have attahced the file bundled with 1.2.1 please look at the functions that execute queries. Im not sure if your looking at in house version of your software but the die() methods are still being called: public function getRow($query) { $this->_result = false; if ($this->_link) if ($this->_result = mysql_query($query.' LIMIT 1', $this->_link)) { if (mysql_errno()) die(Tools::displayError($this->getMsgError($query))); return mysql_fetch_assoc($this->_result); } if (mysql_errno()) die(Tools::displayError($this->getMsgError($query))); return false; } public function Execute($query) { $this->_result = false; if ($this->_link) { $this->_result = mysql_query($query, $this->_link); if (mysql_errno()) die(Tools::displayError($this->getMsgError($query))); return $this->_result; } if (mysql_errno()) die(Tools::displayError($this->getMsgError($query))); return false; } public function ExecuteS($query, $array = true) { $this->_result = false; if ($this->_link && $this->_result = mysql_query($query, $this->_link)) { if (mysql_errno()) die(Tools::displayError($this->getMsgError($query))); if (!$array) return $this->_result; $resultArray = array(); while ($row = mysql_fetch_assoc($this->_result)) $resultArray[] = $row; return $resultArray; } if (mysql_errno()) die(Tools::displayError($this->getMsgError($query))); return false; } I have downloaded the file just now to make sure I was not going crazy and the functions above still contain the aforementioned methods. MySQL.php

There are some serious issues with the changes in 1.2.1 I have not had the chance to run through it completely but I see some major flaws. In the MySQL class for instance you are using the die() method explicitly without regard to the security risk involved with showing people the queries. I would understand it if you had a debug flag in there for developers to see there SQL errors but as it is this is not something for production. I would highly recommend replacing the die() methods with that of a more secure and intuitive method. It looks as though you just rushed this release and did not properly take a look at the code that was written. Just from this one file it makes me wonder what other bad practices have taken place in this "update". I don't intend for this message to be offensive at all, but the fact that PrestaShop is widely used by people concerns me. Please fix this ASAP.

What they said makes perfect sense, when purchasing your certificate just make sure you purchase one that would allow for subject alternate names such as a SAN, EV, or WildCard. As for the DNS info they gave I guess you learn something new everyday thanks for asking your host.

Hopefully the answer your host gives can shed light one this lol personally I haven't dealt with a certificate that didn't allow for an alias name. For clarification when you mentioned the price range in which you bought your certificates I assume you purchased a single-site certificate if so then you would be correct in saying that you would be unable to use the alias yourdomain.com. Alias names are only available on SAN certificates.

Not true. I guess it depends on the cert you use. I've purchased more than a few certs that would only let you use it on one or the other. Then again most of the certs I've purchased have been really inexpensive... $10 - $20 per year. I don't think it's that big a deal.. it's better for SEO purpose to settle on either "www.yourstore.com" or "yourstore.com" as multiple instances can hurt your ranking. You should be able to add an alternate name to the certificate. Most commonly you would get the certificate registered to www.yourdomain.com, and would add the alternate domain yourdomain.com both of these URLs would be on the cirtificate. An example: Subject = www.medtress.com Subject Alternative Names = medtress.com Issuer = UTN-USERFirst-Hardware Serial Number = 273D59D59D9D8AD3A4264B569BE74C0F Key size = 1024 bit Signature algorithm = SHA1+RSA (good) Notice the alternative name.

When you buy a security certificate and add it to your domain it should work on both www.yoursite.com and yoursite.com as they are the same domain. Your certificate will cover both, I'm not sure why you would think it would only cover one end of your site. the WWW in the url doesn't change the location of the site it simply states that this site is on the World Wide Web and is not on an Intranet. For instance the security certificate I have for my clients site is registered to: www.medtress.com but will function the same if you were to visit medtress.com. As Merchant implied you may have a certificate that was not configured correctly ask your host to fix this for you. Out of the box PrestaShop's ability to discern between http and https is not that great and will result in you getting those security errors because you may have an linked item that carriers the http protocol and not the https protocol. I have developed a module based off of someones fix on this forum and it works beautifully to properly redirect to the correct protocol. I will post it as soon as I get time. If my information is wrong please correct me cause I can be really stupid at times lol

If PHP5 isn't installed on the server nothing you add to an .htaccess file will allow PHP5 execution. I'm confused as to why anyone would have two php installations anyways -- does that make sense? It would only cause conflict on the server. If anything, have PHP5 installed on the server. Most hosts do this for free. If you are on a dedicated server call your tech support and have them install it for you (usually costs money.) By now PHP4 is very outdated compared to PHP5, but even with the upgrade PHP5 scales nicely for scripts written for PHP4 so upgrading the server itself is a much better solution. If I misread the thread my bad lol

I wouldn't use ThickBox, try switching to something better and more lightweight like MoonBox: http://code.google.com/p/moonbox/

I was wondering if it was possible to get the manufacturer name to appear after the product name in the product list (product-list.tpl) I've many things but it does not seem to work. I can get the manufacturer id just fine but I cant use it to query data within the template itself. Any thoughts? - Seth