Hi there.
My joomla version is 3.7.4, I was trying to "install and update", after I upload the "JoomShopping-update-4.2.2-4.3.0.zip" the Joomla returns an error message saying something like "uploading from /home/bv/public_html/tmp/ failed due to security reasons". Then I tried uploading a 2nd time, this time it returns
"An error has occurred.1060 Duplicate column name 'basicprice' "
I found this link https://forum.joomla.org/viewtopic.php?t=894174#p3338980 that says
The warning is generated by /libraries/joomla/filesystem/file.php on line 471 when the file is found unsafe by the method JFilterInput::isSafeFile().
The method isSafeFile() is defined in /libraries/joomla/filter/input.php and it was introduced in 3.x to check the uploaded file for "suspicious naming and potential PHP contents which could indicate a hacking attempt".
Files get rejected by default if:
- there is a null byte in the file name
- the extension is forbidden, for example .php, inc, py etc
- there is a php tag in the content
- there is a short tag in the content
- if there is a forbidden extension anywhere in the content
If you your component allows PHP files to be uploaded and calls the method JFile::upload() but does not set the call parameter to allow unsafe or does not turn off the relevant safe file options, as listed above, the upload will fail.
So why does this happen? Does the .zip file contains something that was regarded as suspicious? And to upgrade joomshopping component, do I really have to upgrade through all the versions? ( I find this very awkward)
