Yahoo! Script Changes: PHP Based Apps in Yahoo! Hosting Effected

Yahoo! has recently announced a change to their PHP hosting environment:

[Yahoo!]

To improve security for both merchants and buyers, we will be disabling the following PHP options, beginning October 1:

  • register_globals
  • allow_url_fopen and its corollary allow_url_include

[Yahoo!]

Should this concern you?

Most stores will not be affected by this change if they are using the Merchant Solutions Store Editor as the engine which generates store pages.  Stores that have been built in Merchant Solutions Web Hosting could need to make adjustments to their php scripts.

If your store was built by FastPivot, it uses the Store Editor as the store page engine.  Your store itself will NOT be affected by this change. However, if FastPivot built any custom php scripts for your store, they may be affected by this change.

What kinds of features are involved?

Any page that has a URL that starts with “site.” or https://pN.secure.hostingprod.com is a page that might be affected by Yahoo’s change.¬† For example, if I have the store http://www.MyYahooStore.com, all pages that begin with this URL will not be affected.¬† If I have any pages with URLs that start with http://site.MyYahooStore.com or https://p4.secure.hostingprod.com/@site.myyahoostore.com/ssl/ these might be affected, depending on what functions they perform.

Some examples of pages that might need a code adjustment because of this change by Yahoo:

  • Pages that add customer information to a database, or email it to you (other than pages using Yahoo’s standard mail-to forms)
  • Custom image handlers that retrieve images stored in hosting instead of using the images inside the store editor
  • Custom tools that handle user-supplied images
  • Specialized merchandizing or promotional features that you manage from a different URL instead of managing within your Yahoo! store editor
  • Specialized shipping or tax rates that you manage from a different URL instead of managing within your Yahoo! store manager
  • Be aware that a feature may be encased in an iFrame, so the feature itself may use a different url than the page that it appears on

FastPivot has assessed all of our current clients, and we will be contacting you personally if we are aware of any scripts that need to be reviewed.¬† If you have pages or functions regarding your store that you have questions about and you don’t hear from us personally, please feel free to contact us at FastPivot.

Clip to Evernote