thessrtech Posted September 23, 2005 Posted September 23, 2005 When i go to my page/admin there is no prompt page, it simply lets me make changes to the website, what did i do wrong?
Guest Posted September 23, 2005 Posted September 23, 2005 You simply have not protected your admin area yet. Get familiar with htaccess: http://www.webmaster-resources101.com/tool...s_generator.php
Guest Posted September 24, 2005 Posted September 24, 2005 or ask your host, depends what they have I use Web Protect via cPanel
mushindo Posted September 24, 2005 Posted September 24, 2005 Here is another quick one that I use all the time: STEP 1: edit /admin/includes/configure.php and add this to the bottom: // define admin user/password define('ADMIN_USERNAME', 'yourusername'); define('ADMIN_PASSWORD', 'yourpassword'); Save. STEP 2: edit /admin/includes/application_top.php Find this: // Include application configuration parameters require('includes/configure.php'); and add this below it // include authentication user/password of administration require(DIR_WS_INCLUDES . 'authen.php'); save. STEP 3: Copy the following coding and save it as a new php file into /admin/includes/authen.php <?php if(!isset($PHP_AUTH_USER)) { header('WWW-Authenticate: Basic realm="Store Admin Tools"'); header('HTTP/1.0 401 Unauthorized'); echo $SERVER_NAME . ' Authorization Required.'; exit; } else { if (($PHP_AUTH_USER != ADMIN_USERNAME) || ($PHP_AUTH_PW != ADMIN_PASSWORD)) { header('WWW-Authenticate: Basic realm="Store Admin Tools"'); header('HTTP/1.0 401 Unauthorized'); echo $SERVER_NAME . ' Authorization Required.'; exit; } } ?> Save. Upload all the above files, then open a new browser window, go to www.yoursite.com/catalog/admin/ or www.yoursite.com/admin/ and it should prompt you now for the username and password defined on the bottom of the configure.php page. This basically works the same as password protecting a folder. NOTE: If you are using CPANEL, your host may not allow you to make these changes or it may not work if they have something else turned on. Most CPANEL setups already force you to login and have the osc admin folders in a different location. FYI. If you dont use CPANEL, then you are fine :) Let me know how it works for you if you use it. Sincerely, Bruce 19 contributions submitted
Pjeras Posted September 24, 2005 Posted September 24, 2005 It is working, thank you very much, I was searching for that topic :) It is working! Really! mushindo is the best :thumbsup: Thank you for exhaustive post ;)
Broadsword Posted September 25, 2005 Posted September 25, 2005 Here is another quick one that I use all the time: STEP 1: edit /admin/includes/configure.php and add this to the bottom: // define admin user/password define('ADMIN_USERNAME', 'yourusername'); define('ADMIN_PASSWORD', 'yourpassword'); Save. STEP 2: edit /admin/includes/application_top.php Find this: // Include application configuration parameters require('includes/configure.php'); and add this below it // include authentication user/password of administration require(DIR_WS_INCLUDES . 'authen.php'); save. STEP 3: Copy the following coding and save it as a new php file into /admin/includes/authen.php <?php if(!isset($PHP_AUTH_USER)) { header('WWW-Authenticate: Basic realm="Store Admin Tools"'); header('HTTP/1.0 401 Unauthorized'); echo $SERVER_NAME . ' Authorization Required.'; exit; } else { if (($PHP_AUTH_USER != ADMIN_USERNAME) || ($PHP_AUTH_PW != ADMIN_PASSWORD)) { header('WWW-Authenticate: Basic realm="Store Admin Tools"'); header('HTTP/1.0 401 Unauthorized'); echo $SERVER_NAME . ' Authorization Required.'; exit; } } ?> Save. Upload all the above files, then open a new browser window, go to www.yoursite.com/catalog/admin/ or www.yoursite.com/admin/ and it should prompt you now for the username and password defined on the bottom of the configure.php page. This basically works the same as password protecting a folder. NOTE: If you are using CPANEL, your host may not allow you to make these changes or it may not work if they have something else turned on. Most CPANEL setups already force you to login and have the osc admin folders in a different location. FYI. If you dont use CPANEL, then you are fine :) Let me know how it works for you if you use it. <{POST_SNAPBACK}> I've just followed these intructions (being that i forgot to add any password protection to my admin area!) and after putting in the username and password got this error - 1046 - No Database Selected select configuration_key as cfgKey, configuration_value as cfgValue from configuration [TEP STOP] - i then uploaded the unchanged files as they were originally and still get the same error message! Can someone please let me know what i need to do to either revert back to what i had originally, or how to get this woring? Thanks.
Broadsword Posted September 25, 2005 Posted September 25, 2005 Ok...i now realise that the code within my admin/includes/configure.php file is incomplete/incorrect. Here's what i have re-changed it to so far (after i overwrote the file on my server!). I can now gain access to the main Admin menue page but cannot go any further. <?php /* $Id: configure.php,v 1.14 2003/02/21 16:55:24 dgw_ Exp $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2002 osCommerce Released under the GNU General Public License */ // define our webserver variables // FS = Filesystem (physical) // WS = Webserver (virtual) define('HTTP_SERVER', 'http://localhost'); // eg, http://localhost or - https://localhost should not be NULL for productive servers define('HTTP_CATALOG_SERVER', ''); define('HTTPS_CATALOG_SERVER', ''); define('ENABLE_SSL_CATALOG', 'false'); // secure webserver for catalog module define('DIR_FS_DOCUMENT_ROOT', $DOCUMENT_ROOT); // where your pages are located on the server. if $DOCUMENT_ROOT doesnt suit you, replace with your local path. (eg, /usr/local/apache/htdocs) define('DIR_WS_ADMIN', '/admin/'); define('DIR_FS_ADMIN', DIR_FS_DOCUMENT_ROOT . DIR_WS_ADMIN); define('DIR_WS_CATALOG', '/catalog/'); define('DIR_FS_CATALOG', DIR_FS_DOCUMENT_ROOT . DIR_WS_CATALOG); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); // define our database connection define('DB_SERVER', 'localhost'); define('DB_SERVER_USERNAME', 'myusername'); define('DB_SERVER_PASSWORD', 'mypassword'); define('DB_DATABASE', 'mydatabasename'); define('USE_PCONNECT', 'false'); define('STORE_SESSIONS', ''); ?> Now with this file uploaded when i go to www.mysite.com/catalog/admin/ i get the main Admin menu page with these error messages at the top - Warning: session_start(): open(mysite/tmp/sess_c87f0523602d7e522522c0fc33a7ded9, O_RDWR) failed: No such file or directory (2) in /home/mydatabase/public_html/mysite/catalog/admin/includes/functions/sessions.php on line 67 Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/mydatabase/public_html/mysite/catalog/admin/includes/functions/sessions.php:67) in /home/mydatabase/public_html/mysite/catalog/admin/includes/functions/sessions.php on line 67 Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/mydatabase/public_html/mysite/catalog/admin/includes/functions/sessions.php:67) in /home/mydatabase/public_html/mysite/catalog/admin/includes/functions/sessions.php on line 67 - and cannot go any further without "The page cannot be displayed" errors. I'd appreciate it if someone can tell me what i need to add/change to the configure.php file so i can re-gain full access to my admin area. Thanks.
mushindo Posted September 27, 2005 Posted September 27, 2005 Here is a list of what I have in my admin/includes/configure.php file: <?php /* osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2003 osCommerce Released under the GNU General Public License */ // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://www.mysite.com'); // eg, http://localhost - should not be empty for productive servers define('HTTP_CATALOG_SERVER', 'http://www.mysite.com'); define('HTTPS_CATALOG_SERVER', 'https://server.site-secure.net/mysite'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module define('DIR_FS_DOCUMENT_ROOT', '/www/mysite/'); // where the pages are located on the server define('DIR_WS_ADMIN', '/catalog/admin/'); // absolute path required define('DIR_FS_ADMIN', '/www/mysite/catalog/admin/'); // absolute pate required define('DIR_WS_CATALOG', '/catalog/'); // absolute path required define('DIR_FS_CATALOG', '/www/mysite/catalog/'); // absolute path required define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); // define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); // define our database connection define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers define('DB_SERVER_USERNAME', 'username'); define('DB_SERVER_PASSWORD', 'password'); define('DB_DATABASE', 'dbasename'); define('USE_PCONNECT', 'false'); // use persisstent connections? define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql' // define admin user/password define('ADMIN_USERNAME', 'admin'); define('ADMIN_PASSWORD', 'demo'); // NOTE: Alter the following file as well with dbase info: live_support/config.php for live chat module ?> I believe the problem you may be having is that this define('HTTP_SERVER', 'http://localhost'); Should be set to this instead: define('HTTP_SERVER', 'http://www.mysite.com'); Let me know. Sincerely, Bruce 19 contributions submitted
mausob Posted September 27, 2005 Posted September 27, 2005 I carefully followed the process described by mushido, but it does nor work on my site. When I try mydomain/catalog/admin, it asks for my to inkey the user and password, but I cannot login, it rejects me! :( Please help!
Guest Posted September 27, 2005 Posted September 27, 2005 better use the control panel of your host to protect the admin directory with a password. You see depending on the server the headers may need to be different.
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.