Template Changes

Keeping your custom template up to date.

Introduction

If you start building a new Zen Cart with the latest version, and use the Responsive Classic template, you get all the latest fixes.

But what if you are using another template? How can you check to see if it has all the most recent fixes?

This page is intended to present a list of security fixes and other improvements you will want to add to your template if they are not present and you have overridden the file. (If you have not overridden the file, you are using the updated copy in template_default.) You can check the folder includes/templates/template_default for the base copy of the specified file if you’re not sure where a change should go.

Security Fixes

  • common/html_header.php - use header('X-Frame-Options:SAMEORIGIN'); to prevent clickjacking.

  • common/html_header.php - pull in most recent versions of jQuery and other libraries.

  • common/tpl_header.php - Use zen_output_string_protected for message display.

  • sideboxes/tpl_reviews_random.php - use zen_output_string_protected for review display.

  • templates/tpl_account_default.php - use zen_output_string_protected for $orders['order_name']) display.

  • templates/tpl_product_info_display.php - use zen_output_string_protected in productInfoLink.

  • templates/tpl_product_music_info_display.php - use zen_output_string_protected in productInfoLink.

  • templates/tpl_product_free_shipping_info_display.php - use zen_output_string_protected in productInfoLink.

  • templates/tpl_account_history_info_default.php - use zen_output_string_protected for output of $_GET['order_id'].

Client side validation

The following files were updated in Zen Cart 1.5.5 to specify a field type and required flag where needed when creating input fields.

  • templates/tpl_account_edit_default.php
  • templates/tpl_account_password_default.php
  • templates/tpl_contact_us_default.php
  • templates/tpl_login_default.php
  • templates/tpl_modules_address_book_details.php
  • templates/tpl_modules_checkout_new_address.php
  • templates/tpl_modules_create_account.php
  • templates/tpl_password_forgotten_default.php `



Still have questions? Use the Search box in the upper right, or try the full list of FAQs. If you can't find it there, head over to the Zen Cart support forum and ask there in the appropriate subforum. In your post, please include your Zen Cart and PHP versions, and a link to your site.

Is there an error or omission on this page? Please post to General Questions on the support forum. Or, if you'd like to open a pull request, just review the guidelines and get started. You can even PR right here.
Last modified May 1, 2021 by Scott C Wilson (8e26c4a).