websta Posted May 4, 2008 Share Posted May 4, 2008 I am getting the error "Error: Invalid administrator login attempt." despite careful spelling and setting and re-setting username/password in the database. Orignally, I was having problems with my admin area, and following a oscommerce's developer suggestions, I am upgrading my cart to oscommerce-2.2rc2a which was said to eliminate such problems. :) During the upgrade, at first, I was unable to get into the admin area at all when I went to (my site)/admin in my browser. So, I followed Harald's instructions to run this SQL query on my database to create a place to store the administrators username and passowrd (located here: http://www.oscommerce.com/forums/index.php?showtopic=268335 ): CREATE TABLE administrators (id int NOT NULL auto_increment, user_name varchar(32) binary NOT NULL, user_password varchar(40) NOT NULL, PRIMARY KEY (id) ) That worked, :thumbsup:, and now I get sent to admin/login.php when I go to (my site)/admin in my browser. It asked me for my first username and password, which I entered. But, as I said before, now I am getting the error "Error: Invalid administrator login attempt" in red at the top of the page despite careful spelling and setting and re-setting username/password in the database via phpMyAdmin. I followed instructions from http://www.oscommerce.com/forums/lofiversion/i...hp?t294437.html (which I am concerned may compromise the security of the site? :blush: ?): SECURE ADMIN SSL Change the defines below to the https server Admin/includes/configure.php // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'https://secure5.myserver.net/~justme'); // eg, http://localhost - should not be empty for productive servers define('HTTP_CATALOG_SERVER', 'https://secure5.myserver.net/~justme'); define('HTTPS_CATALOG_SERVER', 'https://secure5.myserver.net/~justme'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module ----------------------------------------------------------------------------- admin/includes/functions/html_output.php Changed this... if ($connection == 'NONSSL') { $link = HTTP_SERVER . DIR_WS_ADMIN; } elseif ($connection == 'SSL') { if (ENABLE_SSL == 'true') { $link = HTTPS_SERVER . DIR_WS_ADMIN; } else { $link = HTTP_SERVER . DIR_WS_ADMIN; } To this.......... if ($connection == 'NONSSL') { $link = HTTP_CATALOG_SERVER . DIR_WS_ADMIN; } elseif ($connection == 'SSL') { if (ENABLE_SSL_CATALOG == 'true') { $link = HTTPS_CATALOG_SERVER . DIR_WS_ADMIN; } else { $link = HTTP_CATALOG_SERVER . DIR_WS_ADMIN; } But I still get the same "Error: Invalid administrator login attempt" response. :huh: Other posts seemed to suggest a need for the admin directory to already be protected by a .htaccess password, which I tried to set up using my web host's control panel, but that appeared to not be of any help (should this be done, regardless?). :'( I am wondering if my admin/includes/configure.php file has been (is now) set incorrectly(??): // Define the webserver and path parameters// * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://marineminerals.com/'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://marineminerals.com/'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', ''); define('HTTPS_COOKIE_DOMAIN', ''); define('HTTP_COOKIE_PATH', ''); define('HTTPS_COOKIE_PATH', ''); define('DIR_WS_HTTP_CATALOG', ''); define('DIR_WS_HTTPS_CATALOG', ''); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/'); define('DIR_FS_CATALOG', dirname($HTTP_SERVER_VARS['SCRIPT_FILENAME']) . '/'); define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/'); // define our database connection define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers define('DB_SERVER_USERNAME', ' --filled pit-- '); define('DB_SERVER_PASSWORD', ' --filled out-- '); define('DB_DATABASE', ' --filled out-- '); define('USE_PCONNECT', 'false'); // use persistent connections? define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql' Thank you for reading my post. I guess I am handling my upgrade improperly. :'( Any suggestions are appreciated. :) Feel free to PM me if you prefer. Link to comment Share on other sites More sharing options...
♥geoffreywalton Posted May 4, 2008 Share Posted May 4, 2008 You have 2 levels of security. htacess, which pops up the standard enter user name and password. If you delete all the entries in the administrators table you will be asked to enter a username and password. Once you do that try logging in with them. Normally works Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile Virus Threat Scanner My Contributions Basic install answers. Click here for Contributions / Add Ons. UK your site. Site Move. Basic design info. For links mentioned in old answers that are no longer here follow this link Useful Threads. If this post was useful, click the Like This button over there ======>>>>>. Link to comment Share on other sites More sharing options...
websta Posted May 4, 2008 Author Share Posted May 4, 2008 If you delete all the entries in the administrators table you will be asked to enter a username and password. Once you do that try logging in with them. Normally works Thank you for your response. I can set up the .htaccess as well, but the immediate problem is that even when I delete the administrators table and re-enter new username/password (which I have done several times now, via phpMyadmin and via (my site)/admin), I still get the same error. I am wondering if the configure.php file is set up incorrectly?? Link to comment Share on other sites More sharing options...
♥geoffreywalton Posted May 4, 2008 Share Posted May 4, 2008 Are you deleting all the records in the administrators table in php and then entering them as you log in to the admin area of your shop If you are entering them in phpmyadmin they have to be after md5ing them. Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile Virus Threat Scanner My Contributions Basic install answers. Click here for Contributions / Add Ons. UK your site. Site Move. Basic design info. For links mentioned in old answers that are no longer here follow this link Useful Threads. If this post was useful, click the Like This button over there ======>>>>>. Link to comment Share on other sites More sharing options...
websta Posted May 5, 2008 Author Share Posted May 5, 2008 Are you deleting all the records in the administrators table in php and then entering them as you log in to the admin area of your shop If you are entering them in phpmyadmin they have to be after md5ing them. I have done them both ways. Still the same error. Thank you for the tip about entering them in directly! Link to comment Share on other sites More sharing options...
♥geoffreywalton Posted May 5, 2008 Share Posted May 5, 2008 There are a couple of contributions for forgotton passwords, try those. Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile Virus Threat Scanner My Contributions Basic install answers. Click here for Contributions / Add Ons. UK your site. Site Move. Basic design info. For links mentioned in old answers that are no longer here follow this link Useful Threads. If this post was useful, click the Like This button over there ======>>>>>. Link to comment Share on other sites More sharing options...
websta Posted May 5, 2008 Author Share Posted May 5, 2008 Thanks, Geoffrey. Perhaps I misunderstand (and my apologies if I am) but I don't think it is because I forgot the password. To be clear, I cut and pasted the username and password the initial time, and then when prompted to enter it again to get into the admin area, I cut and pasted the same username and password in again, and then got the error. Repeatedly. :unsure: Link to comment Share on other sites More sharing options...
♥geoffreywalton Posted May 5, 2008 Share Posted May 5, 2008 If it get you in it is worth trying. Shouldn't take more than 5/10 mins to install. Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile Virus Threat Scanner My Contributions Basic install answers. Click here for Contributions / Add Ons. UK your site. Site Move. Basic design info. For links mentioned in old answers that are no longer here follow this link Useful Threads. If this post was useful, click the Like This button over there ======>>>>>. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.