Change Details

# Login as administrative user to the adm.console # Go to {nav Website & Content > Structure & Data} section # Edit some category, edit category Description field using CKEditor, confirm that image upload in CKEditor works fine. (That is test for changes in core/ckeditor/ckfinder/core/connector/php/php5/Core/Config.php) # No normal tests for changes in core/ckeditor/ckfinder/core/connector/php/php5/Utils/Security.php, because get_magic_quotes_gpc() always return false and changed code is never called. Comment "if" condition (line 35 and line 52). Set debugger breakpoints in the line 73 of core/ckeditor/ckfinder/core/connector/php/connector.php (getRidOfMagicQuotes call). Debug after pressing "Browse Server" button in CKEditor. Confirm, that $_GET variable is recursively iterated and "stripslashes" function is applied to each it's data element. ## To be continued

# Login as administrative user to the adm.console # Go to {nav Website & Content > Structure & Data} section # Edit some category, edit category Description field using CKEditor, confirm that image upload in CKEditor works fine. (That is test for changes in core/ckeditor/ckfinder/core/connector/php/php5/Core/Config.php) # No normal tests for changes in core/ckeditor/ckfinder/core/connector/php/php5/Utils/Security.php, because get_magic_quotes_gpc() always return false and changed code is never called. Comment "if" condition (line 35 and line 52). Set debugger breakpoints in the line 73 of core/ckeditor/ckfinder/core/connector/php/connector.php (getRidOfMagicQuotes call). Debug after pressing "Browse Server" button in CKEditor. Confirm, that $_GET variable is recursively iterated and "stripslashes" function is applied to each it's data element. -- CKEditor's "Browse Server" button leads to changed places in core/ckeditor/ckfinder/core/connector/php/php5/Core/Config.php and core/ckeditor/ckfinder/core/connector/php/php5/Utils/Security.php (need remove if condition with "get_magic_quotes_gpc()" to execute changed code in Security.php) Changes in core/install.php - may be invoked when upgrading from some old version, after pressing "Continue" button on "Select Modules to Upgrade" step. Changes in core/kernel/db/cat_event_handler.php 1) event OnSaveSettings may be invoked from Tools > Import Data, when pressing folder icin-button in the "Import Section:: row. 2) method _getPermissionCheckInfo in changed part may be invoked when creating new product with non-root admin user, after pressing "Save" button. ## To be continued

# Login as administrative user to the adm.console # Go to {nav Website & Content > Structure & Data} section # Edit some category, edit category Description field using CKEditor, confirm that image upload in CKEditor works fine. (That is test for changes in core/ckeditor/ckfinder/core/connector/php/php5/Core/Config.php) # No normal tests for changes in core/ckeditor/ckfinder/core/connector/php/php5/Utils/Security.php, because get_magic_quotes_gpc() always return false and changed code is never called. Comment "if" condition (line 35 and line 52). Set debugger breakpoints in the line 73 of core/ckeditor/ckfinder/core/connector/php/connector.php (getRidOfMagicQuotes call). Debug after pressing "Browse Server" button in CKEditor. Confirm, that $_GET variable is recursively iterated and "stripslashes" function is applied to each it's data element. -- CKEditor's "Browse Server" button leads to changed places in core/ckeditor/ckfinder/core/connector/php/php5/Core/Config.php and core/ckeditor/ckfinder/core/connector/php/php5/Utils/Security.php (need remove if condition with "get_magic_quotes_gpc()" to execute changed code in Security.php) Changes in core/install.php - may be invoked when upgrading from some old version, after pressing "Continue" button on "Select Modules to Upgrade" step. Changes in core/kernel/db/cat_event_handler.php 1) event OnSaveSettings may be invoked from Tools > Import Data, when pressing folder icin-button in the "Import Section:: row. 2) method _getPermissionCheckInfo in changed part may be invoked when creating new product with non-root admin user, after pressing "Save" button. ## To be continued