OpenCart Community

vQmod Generator has been updated today

Fixes some issues people were having with \n \r etc

Compatible with the new vQmod 2.3.0 which ads extra tags and attributes.

Added a vqcache file viewer

Separated the language into a language file so it can be translated

Moved the package on to GitHub

http://uksb.github.com/vqgen/

Maybe someone can help with the translations ?

GitHub -> https://github.com/uksb/vqgen

Please fork, use the Develop branch if adding / changnig anything.

If people will copy the package, please retain the copyright info and license from the package.

Any questions, please let me know.

Beautiful plugin. Very useful. Love it.

A major security vulnerability though, is the "Enable this mod" link on top of the page after xml is generated. This way anyone can add mods to anyone's shop without permission, potentially even bringing the roof down.

Shop Admin should be required to enable the mod either via FTP or via Admin panel.

Not sure how

Firstly the vqgen folder should be password protected

Secondly the Enable this mod only removes an underscore from the extension.xml_ file to make it extension.xml and thus make it live.

If I am missing something glaringly obvious though, please do explain

uksitebuilder wrote:Firstly the vqgen folder should be password protected

That's the "workaround" that I've been using, but most folks don't.

uksitebuilder wrote:Enable this mod only removes an underscore from the extension.xml_ file to make it extension.xml and thus make it live.

And that little task makes all the difference. A malicious person (lets say a competitor) may keep piling on harmful vqmods into the xml folder, but shop would still be safe as long as extension is xml_. As soon as some outside entity gets the power to activate/make live the mod, that's where there's potential for disaster.

uksitebuilder wrote: Firstly the vqgen folder should be password protected

but generally people don't how to do it .... may be you can add a instruction file for that or implement authentication on vqgen ... anyways very cool extension ...saves developer's time ...

ChetanCx wrote:very cool extension ...saves developer's time ...

+1

Ok Guys,

I understand where you are coming from.

Although I do point out in the install text to password protet the folder, but you are right, some people need to have their hand held.

Next update coming in a day or two will have a login/session form/method built in.

In addition I will also be adding the function to view core files in a collapsable splitscreen so you can load up an original file to view the code and work in the editor to vqmod it.

uksitebuilder wrote:Next update coming in a day or two will have a login/session form/method built in.

Cheers!

uksitebuilder wrote:In addition I will also be adding the function to view core files in a collapsable splitscreen so you can load up an original file to view the code and work in the editor to vqmod it.

Ooh! Turning all the bells and whistles on, are we?

Seriously, though, that will make this module indispensable!

** Just added a Hotfix release to fix backwards compatibility issue with older xml files

Please update your versions

I installed and ran VQGEN and got the message: Parse error: syntax error, unexpected $end, expecting ',' or ';' in /home/goingthi/public_html/vqgen/index.php on line 490 - did I do something wrong during installation?

Which version of vQgen ?

Hi
Thank you for a nice tool

I have a question:
Why do you set permission to 777 on new or edited files created via the mod?
For me (the environment we are in) it should be 644
Suppose I could just change the code at line 146 in action.php to 644 instead, or would that mess things up?

Thank You

// kjg

Hi, thanks for your great extension.
I am using the latest vqgen, latest vqmod 2.3.2, and oc 1.5.4.1
I don't know what I am missing but all generated xmls are not working because vqgen is adding lots of \\\ everywhere. See example below from the search operation.


Regards,

Marvin Mendez

I will check it our and release a fix soon

Most probably due to php magic_quotes_gpc on your server

If magic_quotes_gpc is on (most likely), then ot should be turned off either in php.ini or htaccess

If your host does not allow this, please try adding the following to the top of index.php, after the opening <?php tag

Thanks for your reply, I'll check my server config to see if that's on. I'll let you know tomorrow cuz I am falling asleep atm... going to bed now.

Thanks.
Marvin

Thanks for vQmod. I use in on a localhost. The only version that works for me is the version from AvanOsch (1st page). Otherwise the edit area is blank. Can you review his version and provide an update to yours so it works on a localhost?

maybe add a version number in the footer so we know which we have in case of updates?

Need to escape certain characters, such as by "\" in "\n" or "\r", and need to double-up what will later fall away, suggest a quirk of fancybox or ckeditor. Be sure to toggle Source mode into Source mode when inserting code with editors driven by similar means.

On needing permission, check permissions, dirs 755, files 644. On modern Linux servers set up to prevent the risks of 777, setting 777 can actually lock dir and file access. The final 7 gives outside anonymous "world" all rights to read, write, execute. The middle 7 does so for "group" including the system. Thus, 5 in 2nd and 3rd positions, and nowadays for 777 expect misbehaviors and hacking.

hi im a new to all this vqmod thing do i install the vqmod generator in the site im working on or does it need to be on a clean version of open cart hope some one can help me