I followed what the instructions says I am still can't get it to work. Still getting that error message when I tried to download it from the admin area.Quote:
Originally Posted by mc12345678
Printable View
I followed what the instructions says I am still can't get it to work. Still getting that error message when I tried to download it from the admin area.Quote:
Originally Posted by mc12345678
What are the contents of the .htaccess file found in the directory where your EP4 exports are sent?Quote:
Originally Posted by wmorris
myadmin/temp/Quote:
Originally Posted by mc12345678
Code:#
# @copyright Copyright 2003-2013 Zen Cart Development Team
# @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
# @version GIT: $Id: Author: DrByte Sat Dec 21 17:00:00 2013 -0500 Modified in v1.5.3 and for EP4$
#
# This is used with Apache WebServers
#
# The following blocks direct HTTP requests to all filetypes in this directory recursively, except certain approved exceptions
# It also prevents the ability of any scripts to run. No type of script, be it PHP, PERL or whatever, can normally be executed if ExecCGI is disabled.
# Will also prevent people from seeing what is in the dir. and any sub-directories
#
# For this to work, you must include either 'All' or at least: 'Limit' and 'Indexes' parameters to the AllowOverride configuration in your apache/conf/httpd.conf file.
# Additionally, if you want the added protection offered by the OPTIONS directive below, you'll need to add 'Options' to the AllowOverride list, if 'All' is not specified.
# Example:
#<Directory "/usr/local/apache/htdocs">
# AllowOverride Limit Options Indexes
#</Directory>
###############################
DirectoryIndex index.php
# deny *everything*
<FilesMatch ".*\..*">
Order Allow,Deny
Deny from all
</FilesMatch>
# but now allow just *certain* necessary files:
<FilesMatch "(?i).*\.(csv|CSV|txt|TXT)$">
Order Allow,Deny
Allow from all
</FilesMatch>
IndexIgnore */*
<limit POST PUT>
order deny,allow
deny from All
</limit>
## NOTE: If you want even greater security to prevent hackers from running scripts in this folder, uncomment the following line (if your hosting company will allow you to use OPTIONS):
# OPTIONS -Indexes -ExecCGI
##################
## Optional caching improvements
## Requires mod_header and mod_deflate to be enabled within Apache
##################
<IfModule mod_headers.c>
Header unset Pragma
FileETag None
Header unset ETag
#Header set Cache-Control "no-transform"
<FilesMatch "(?i).*\.(ico|jpe?g|gif|otf|webp|png|swf|flv|svg|svgz)$">
Header set Cache-control "max-age=864000, public, must-revalidate"
Header unset Last-Modified
</FilesMatch>
<FilesMatch "(?i).*\.(html|htm|xml|txt|xsl)$">
Header set Cache-control "max-age=7200, must-revalidate"
</FilesMatch>
</IfModule>
<IfModule mod_deflate.c>
<FilesMatch "(?i)\.(js|css)$">
SetOutputFilter DEFLATE
</FilesMatch>
</IfModule>
##################
## Optional improvements
## Requires mod_expires to be enabled within Apache
##################
<ifmodule mod_expires.c>
ExpiresActive On
ExpiresDefault A300
ExpiresByType application/x-javascript A3600
ExpiresByType text/css A3600
ExpiresByType image/gif A604800
ExpiresByType video/x-flv A604800
ExpiresByType application/pdf A604800
ExpiresByType text/html A300
ExpiresByType image/x-icon A86400
ExpiresByType image/jpeg A2592000
ExpiresByType image/png A2592000
ExpiresByType text/cache-manifest "access plus 0 seconds"
</ifmodule>
#turn off X-PHP-Originating-Script header when sending emails from admin
#uncomment to activate:
# php_flag mail.add_x_header Off
That file appears to be from ZC 1.5.3 with minor modifications to support download of csv files. Now I don't see in this post stream nor in a look at recent posts what version of ZC is being used, but I'm going to use the example from the current ZC 1.5.6 admin folder:Quote:
Originally Posted by wmorris
Code:#
# @copyright Copyright 2003-2016 Zen Cart Development Team
# @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
# @version $Id: .htaccess 19328 Modified in v1.6.0 and for EP4 $
#
# This is used with Apache WebServers
#
# The following blocks direct HTTP requests to all filetypes in this directory recursively, except certain approved exceptions
# It also prevents the ability of any scripts to run. No type of script, be it PHP, PERL or whatever, can normally be executed if ExecCGI is disabled.
# Will also prevent people from seeing what is in the dir. and any sub-directories
#
# For this to work, you must include either 'All' or at least: 'Limit' and 'Indexes' parameters to the AllowOverride configuration in your apache/conf/httpd.conf file.
# Additionally, if you want the added protection offered by the OPTIONS directive below, you'll need to add 'Options' to the AllowOverride list, if 'All' is not specified.
# Example:
#<Directory "/usr/local/apache/htdocs">
# AllowOverride Limit Options Indexes
#</Directory>
###############################
DirectoryIndex index.php
# deny *everything*
<FilesMatch ".*\..*">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order Allow,Deny
Deny from all
</IfModule>
</FilesMatch>
# allow access to the root
<FilesMatch "^$">
<IfModule mod_authz_core.c>
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
Order Allow,Deny
Allow from all
</IfModule>
</FilesMatch>
# but now allow just *certain* necessary files:
<FilesMatch "(?i).*\.(php|js|css|html?|ico|otf|jpe?g|gif|webp|png|swf|flv|xml|xsl|csv|txt)$">
<IfModule mod_authz_core.c>
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
Order Allow,Deny
Allow from all
</IfModule>
</FilesMatch>
IndexIgnore */*
<limit POST PUT>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order Allow,Deny
Deny from all
</IfModule>
</limit>
## NOTE: If you want even greater security to prevent hackers from running scripts in this folder, uncomment the following line (if your hosting company will allow you to use OPTIONS):
# OPTIONS -Indexes -ExecCGI
##################
## Optional caching improvements
## Requires mod_header and mod_deflate to be enabled within Apache
##################
<IfModule mod_headers.c>
Header unset Pragma
FileETag None
Header unset ETag
#Header set Cache-Control "no-transform"
<FilesMatch "(?i).*\.(ico|jpe?g|gif|otf|webp|png|swf|flv|svg|svgz)$">
Header set Cache-control "max-age=864000, public, must-revalidate"
Header unset Last-Modified
</FilesMatch>
<FilesMatch "(?i).*\.(html|htm|xml|txt|xsl)$">
Header set Cache-control "max-age=7200, must-revalidate"
</FilesMatch>
</IfModule>
<IfModule mod_deflate.c>
<FilesMatch "(?i)\.(js|css)$">
SetOutputFilter DEFLATE
</FilesMatch>
</IfModule>
##################
## Optional improvements
## Requires mod_expires to be enabled within Apache
##################
<ifmodule mod_expires.c>
ExpiresActive On
ExpiresDefault A300
ExpiresByType application/x-javascript A3600
ExpiresByType text/css A3600
ExpiresByType image/gif A604800
ExpiresByType video/x-flv A604800
ExpiresByType application/pdf A604800
ExpiresByType text/html A300
ExpiresByType image/x-icon A86400
ExpiresByType image/jpeg A2592000
ExpiresByType image/png A2592000
ExpiresByType text/cache-manifest "access plus 0 seconds"
</ifmodule>
#turn off X-PHP-Originating-Script header when sending emails from admin
#uncomment to activate:
# php_flag mail.add_x_header Off
I have copy what you put,,, and it still not working.Quote:
Originally Posted by mc12345678
OK, so what do you have in your admin folder for an .htaccess file?
I may ask about another file depending on the content/answer.
The central issue is that there is some security setting of the file structure that is preventing accessing the file as a download. Whether it is permissions, ownership or the like. It shouldn't be a filename issue unless the basic naming structure has been revised in the software to something "unusual".
You could move your "temp" folder to the catalog side where there is no :htaccess file that limits the file download structure at least as relates to a default Zen Cart install.
Ok, this is my .htaccess file in the main admin folder:Quote:
Originally Posted by mc12345678
Code:#
# @copyright Copyright 2003-2016 Zen Cart Development Team
# @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
# @version $Id: .htaccess 19328 Modified in v1.6.0 $
#
# This is used with Apache WebServers
#
# The following blocks direct HTTP requests to all filetypes in this directory recursively, except certain approved exceptions
# It also prevents the ability of any scripts to run. No type of script, be it PHP, PERL or whatever, can normally be executed if ExecCGI is disabled.
# Will also prevent people from seeing what is in the dir. and any sub-directories
#
# For this to work, you must include either 'All' or at least: 'Limit' and 'Indexes' parameters to the AllowOverride configuration in your apache/conf/httpd.conf file.
# Additionally, if you want the added protection offered by the OPTIONS directive below, you'll need to add 'Options' to the AllowOverride list, if 'All' is not specified.
# Example:
#<Directory "/usr/local/apache/htdocs">
# AllowOverride Limit Options Indexes
#</Directory>
###############################
DirectoryIndex index.php
# deny *everything*
<FilesMatch ".*\..*">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order Allow,Deny
Deny from all
</IfModule>
</FilesMatch>
# allow access to the root
<FilesMatch "^$">
<IfModule mod_authz_core.c>
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
Order Allow,Deny
Allow from all
</IfModule>
</FilesMatch>
# but now allow just *certain* necessary files:
<FilesMatch "(?i).*\.(php|js|css|html?|ico|otf|jpe?g|gif|webp|png|swf|flv|xml|xsl)$">
<IfModule mod_authz_core.c>
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
Order Allow,Deny
Allow from all
</IfModule>
</FilesMatch>
IndexIgnore */*
<limit POST PUT>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order Allow,Deny
Deny from all
</IfModule>
</limit>
## NOTE: If you want even greater security to prevent hackers from running scripts in this folder, uncomment the following line (if your hosting company will allow you to use OPTIONS):
# OPTIONS -Indexes -ExecCGI
##################
## Optional caching improvements
## Requires mod_header and mod_deflate to be enabled within Apache
##################
<IfModule mod_headers.c>
Header unset Pragma
FileETag None
Header unset ETag
#Header set Cache-Control "no-transform"
<FilesMatch "(?i).*\.(ico|jpe?g|gif|otf|webp|png|swf|flv|svg|svgz)$">
Header set Cache-control "max-age=864000, public, must-revalidate"
Header unset Last-Modified
</FilesMatch>
<FilesMatch "(?i).*\.(html|htm|xml|txt|xsl)$">
Header set Cache-control "max-age=7200, must-revalidate"
</FilesMatch>
</IfModule>
<IfModule mod_deflate.c>
<FilesMatch "(?i)\.(js|css)$">
SetOutputFilter DEFLATE
</FilesMatch>
</IfModule>
##################
## Optional improvements
## Requires mod_expires to be enabled within Apache
##################
<ifmodule mod_expires.c>
ExpiresActive On
ExpiresDefault A300
ExpiresByType application/x-javascript A3600
ExpiresByType text/css A3600
ExpiresByType image/gif A604800
ExpiresByType video/x-flv A604800
ExpiresByType application/pdf A604800
ExpiresByType text/html A300
ExpiresByType image/x-icon A86400
ExpiresByType image/jpeg A2592000
ExpiresByType image/png A2592000
ExpiresByType text/cache-manifest "access plus 0 seconds"
</ifmodule>
#turn off X-PHP-Originating-Script header when sending emails from admin
#uncomment to activate:
# php_flag mail.add_x_header Off
Then, would recommend the following to be placed in your folder for downloading/uploading EP4 files:Quote:
Originally Posted by wmorris
Code:#
# @copyright Copyright 2003-2016 Zen Cart Development Team
# @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
# @version $Id: .htaccess 19328 Modified in v1.6.0 and for EP4 $
#
# This is used with Apache WebServers
#
# The following blocks direct HTTP requests to all filetypes in this directory recursively, except certain approved exceptions
# It also prevents the ability of any scripts to run. No type of script, be it PHP, PERL or whatever, can normally be executed if ExecCGI is disabled.
# Will also prevent people from seeing what is in the dir. and any sub-directories
#
# For this to work, you must include either 'All' or at least: 'Limit' and 'Indexes' parameters to the AllowOverride configuration in your apache/conf/httpd.conf file.
# Additionally, if you want the added protection offered by the OPTIONS directive below, you'll need to add 'Options' to the AllowOverride list, if 'All' is not specified.
# Example:
#<Directory "/usr/local/apache/htdocs">
# AllowOverride Limit Options Indexes
#</Directory>
###############################
DirectoryIndex index.php
# deny *everything*
<FilesMatch ".*\..*">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order Allow,Deny
Deny from all
</IfModule>
</FilesMatch>
# but now allow just *certain* necessary files:
<FilesMatch "(?i).*\.(csv|txt)$">
<IfModule mod_authz_core.c>
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
Order Allow,Deny
Allow from all
</IfModule>
</FilesMatch>
IndexIgnore */*
<limit POST PUT>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order Allow,Deny
Deny from all
</IfModule>
</limit>
## NOTE: If you want even greater security to prevent hackers from running scripts in this folder, uncomment the following line (if your hosting company will allow you to use OPTIONS):
# OPTIONS -Indexes -ExecCGI
##################
## Optional caching improvements
## Requires mod_header and mod_deflate to be enabled within Apache
##################
<IfModule mod_headers.c>
Header unset Pragma
FileETag None
Header unset ETag
#Header set Cache-Control "no-transform"
<FilesMatch "(?i).*\.(ico|jpe?g|gif|otf|webp|png|swf|flv|svg|svgz)$">
Header set Cache-control "max-age=864000, public, must-revalidate"
Header unset Last-Modified
</FilesMatch>
<FilesMatch "(?i).*\.(html|htm|xml|txt|xsl)$">
Header set Cache-control "max-age=7200, must-revalidate"
</FilesMatch>
</IfModule>
<IfModule mod_deflate.c>
<FilesMatch "(?i)\.(js|css)$">
SetOutputFilter DEFLATE
</FilesMatch>
</IfModule>
##################
## Optional improvements
## Requires mod_expires to be enabled within Apache
##################
<ifmodule mod_expires.c>
ExpiresActive On
ExpiresDefault A300
ExpiresByType application/x-javascript A3600
ExpiresByType text/css A3600
ExpiresByType image/gif A604800
ExpiresByType video/x-flv A604800
ExpiresByType application/pdf A604800
ExpiresByType text/html A300
ExpiresByType image/x-icon A86400
ExpiresByType image/jpeg A2592000
ExpiresByType image/png A2592000
ExpiresByType text/cache-manifest "access plus 0 seconds"
</ifmodule>
#turn off X-PHP-Originating-Script header when sending emails from admin
#uncomment to activate:
# php_flag mail.add_x_header Off
That Worked,,, Thank You!Quote:
Originally Posted by mc12345678
Million $ question: would this work with recently released 1.5.6b??? .. Thank you!