Guest Posted May 14, 2009 Posted May 14, 2009 Hi folks, I am facing a weird problem again. I just moved an osC Shop v2.2 RC2 from a server running PHP4 and MySQL4 to a brandnew one with PHP5 and MySQL5. There are no problems on the frontend site. Just the backend is giving me trouble. When I try to login to the admin panel with the correct username and passwort the system just redirects me to the login page again. I repeat that step for lets say 10 times and check my sessions table in the database. Well now I have 10 sessions in here. That can't be right... I just can't seem to find a possible mistake in the setup. Register_long_arrays and register_globals is turned on by the way. I can't just take a clean install and import the products since this webshop is fully customized already. Thanks in Adnvance, Best Regards Olli
FIMBLE Posted May 14, 2009 Posted May 14, 2009 Register_long_arrays are ok in php 5, but will not work in php6 Globals do not need to be on. Do you get any error? Sometimes you're the dog and sometimes the lamp post [/url] My Contributions
Guest Posted May 14, 2009 Posted May 14, 2009 Register_long_arrays are ok in php 5, but will not work in php6Globals do not need to be on. Do you get any error? Hey nic, I am afraid I don't get any errors. So I don't even have anything to track down. If I bypass the following in admin/includes/application_top.php by commenting it out, I can login normally. So the mechanism itself seams to work right. // redirect to login page if administrator is not yet logged in if (!tep_session_is_registered('admin')) { $redirect = false; $current_page = basename($PHP_SELF); if (($current_page != FILENAME_LOGIN)&&($current_page != FILENAME_CAO_OSC)) { if (!tep_session_is_registered('redirect_origin')) { tep_session_register('redirect_origin'); $redirect_origin = array('page' => $current_page, 'get' => $HTTP_GET_VARS); } $redirect = true; } if ($redirect == true) { tep_redirect(tep_href_link(FILENAME_LOGIN)); } unset($redirect); } But then every click I do in the admin panel, I get a new Session_id. It seams like osC can't fetch the session_id back from the database and creates a new one. Or does it just start a new one without checking which makes it impossible to login correctly. Databse encoding problem or PHP5 session_settings? Any ideas? Best Regards Olli
FIMBLE Posted May 14, 2009 Posted May 14, 2009 make sure that your configure.php has this set to mysql define('STORE_SESSIONS', ''); as in define('STORE_SESSIONS', 'mysql'); Sometimes you're the dog and sometimes the lamp post [/url] My Contributions
FIMBLE Posted May 14, 2009 Posted May 14, 2009 php_flag register_long_arrays Off you could also try to turn long arrays off in your htaccess Sometimes you're the dog and sometimes the lamp post [/url] My Contributions
Guest Posted May 14, 2009 Posted May 14, 2009 It's set, i can see the new sessions_ids in the sessions table, the system just adds a new one everytime the page reloads here's my config <?php define('HTTP_SERVER', 'http://www.copgo.de/multimedia'); define('HTTP_CATALOG_SERVER', 'http://www.copgo.de/multimedia'); define('HTTPS_CATALOG_SERVER', 'https://www.copgo.de/multimedia'); define('ENABLE_SSL_CATALOG', 'true'); define('DIR_FS_DOCUMENT_ROOT', '/srv/www/vhosts/copgo.de/httpdocs/multimedia/'); define('DIR_WS_ADMIN', '/admin/'); define('DIR_FS_ADMIN', '/srv/www/vhosts/copgo.de/httpdocs/multimedia/admin/'); define('DIR_WS_CATALOG', '/'); define('DIR_FS_CATALOG', '/srv/www/vhosts/copgo.de/httpdocs/multimedia/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_FS_CATALOG_IMAGES_MEDIUM', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_IMAGES_LARGE', DIR_FS_CATALOG . 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); define('DB_SERVER', 'localhost'); define('DB_SERVER_USERNAME', xxxxxx); define('DB_SERVER_PASSWORD', 'xxxxxx'); define('DB_DATABASE', 'xxxxxx'); define('USE_PCONNECT', 'false'); define('STORE_SESSIONS', 'mysql'); ?> If you wanna try and see what i mean: http://www.copgo.de/multimedia/admin Login: tester Pass: tester Note the osCAdminID in the addressbar [edit] I tried changing the flags already. I have a root server so I got access to global php.ini [/edit]
FIMBLE Posted May 14, 2009 Posted May 14, 2009 it knows you use the correct password combination, or it gives the error what does your admin login.php look like, can you post it? Nic Sometimes you're the dog and sometimes the lamp post [/url] My Contributions
Guest Posted May 14, 2009 Posted May 14, 2009 For sure :) login.php <?php /* $Id: login.php 1739 2007-12-20 00:52:16Z hpdl $ osCommerce, Open Source E-Commerce Solutions [url="http://www.oscommerce.com"]http://www.oscommerce.com[/url] Copyright © 2007 osCommerce Released under the GNU General Public License */ require('includes/application_top.php'); require('includes/functions/password_funcs.php'); $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); if (tep_not_null($action)) { switch ($action) { case 'process': $username = tep_db_prepare_input($HTTP_POST_VARS['username']); $password = tep_db_prepare_input($HTTP_POST_VARS['password']); $check_query = tep_db_query("select id, user_name, user_password from " . TABLE_ADMINISTRATORS . " where user_name = '" . tep_db_input($username) . "'"); if (tep_db_num_rows($check_query) == 1) { $check = tep_db_fetch_array($check_query); if (tep_validate_password($password, $check['user_password'])) { tep_session_register('admin'); $admin = array('id' => $check['id'], 'username' => $check['user_name']); if (tep_session_is_registered('redirect_origin')) { $page = $redirect_origin['page']; $get_string = ''; if (function_exists('http_build_query')) { $get_string = http_build_query($redirect_origin['get']); } tep_session_unregister('redirect_origin'); tep_redirect(tep_href_link($page, $get_string)); } else { tep_redirect(tep_href_link(FILENAME_DEFAULT)); } } } $messageStack->add(ERROR_INVALID_ADMINISTRATOR, 'error'); break; case 'logoff': tep_session_unregister('selected_box'); tep_session_unregister('admin'); tep_redirect(tep_href_link(FILENAME_DEFAULT)); break; case 'create': $check_query = tep_db_query("select id from " . TABLE_ADMINISTRATORS . " limit 1"); if (tep_db_num_rows($check_query) == 0) { $username = tep_db_prepare_input($HTTP_POST_VARS['username']); $password = tep_db_prepare_input($HTTP_POST_VARS['password']); tep_db_query('insert into ' . TABLE_ADMINISTRATORS . ' (user_name, user_password) values ("' . $username . '", "' . tep_encrypt_password($password) . '")'); } tep_redirect(tep_href_link(FILENAME_LOGIN)); break; } } $languages = tep_get_languages(); $languages_array = array(); $languages_selected = DEFAULT_LANGUAGE; for ($i = 0, $n = sizeof($languages); $i < $n; $i++) { $languages_array[] = array('id' => $languages[$i]['code'], 'text' => $languages[$i]['name']); if ($languages[$i]['directory'] == $language) { $languages_selected = $languages[$i]['code']; } } $admins_check_query = tep_db_query("select id from " . TABLE_ADMINISTRATORS . " limit 1"); if (tep_db_num_rows($admins_check_query) < 1) { $messageStack->add(TEXT_CREATE_FIRST_ADMINISTRATOR, 'warning'); } ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> <meta name="robots" content="noindex,nofollow"> <title><?php echo TITLE; ?></title> <link rel="stylesheet" type="text/css" href="includes/stylesheet.css"> <script language="javascript" src="includes/general.js"></script> </head> <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF" onLoad="SetFocus();"> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table border="0" width="100%" cellspacing="2" cellpadding="2"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="0" height="40"> <tr> <td class="pageHeading"><?php echo HEADING_TITLE; ?></td> <td class="pageHeading" align="right"><?php echo tep_draw_form('adminlanguage', FILENAME_DEFAULT, '', 'get') . tep_draw_pull_down_menu('language', $languages_array, $languages_selected, 'onChange="this.form.submit();"') . tep_hide_session_id() . '</form>'; ?></td> </tr> </table></td> </tr> <tr> <td> <?php $heading = array(); $contents = array(); if (tep_db_num_rows($admins_check_query) > 0) { $heading[] = array('text' => '<b>' . HEADING_TITLE . '</b>'); $contents = array('form' => tep_draw_form('login', FILENAME_LOGIN, 'action=process')); $contents[] = array('text' => TEXT_USERNAME . '<br>' . tep_draw_input_field('username')); $contents[] = array('text' => '<br>' . TEXT_PASSWORD . '<br>' . tep_draw_password_field('password')); $contents[] = array('align' => 'center', 'text' => '<br><input type="submit" value="' . BUTTON_LOGIN . '" />'); } else { $heading[] = array('text' => '<b>' . HEADING_TITLE . '</b>'); $contents = array('form' => tep_draw_form('login', FILENAME_LOGIN, 'action=create')); $contents[] = array('text' => TEXT_CREATE_FIRST_ADMINISTRATOR); $contents[] = array('text' => '<br>' . TEXT_USERNAME . '<br>' . tep_draw_input_field('username')); $contents[] = array('text' => '<br>' . TEXT_PASSWORD . '<br>' . tep_draw_password_field('password')); $contents[] = array('align' => 'center', 'text' => '<br><input type="submit" value="' . BUTTON_CREATE_ADMINISTRATOR . '" />'); } $box = new box; echo $box->infoBox($heading, $contents); ?> </td> </tr> </table> <!-- body_eof //--> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--> <br> </body> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?> application_top.php <?php /* $Id: application_top.php 1833 2008-01-30 22:03:30Z hpdl $ osCommerce, Open Source E-Commerce Solutions [url="http://www.oscommerce.com"]http://www.oscommerce.com[/url] Copyright © 2008 osCommerce Released under the GNU General Public License */ // Start the clock for the page parse time log define('PAGE_PARSE_START_TIME', microtime()); // Set the level of error reporting error_reporting(E_ALL & ~E_NOTICE); // check support for register_globals if (function_exists('ini_get') && (ini_get('register_globals') == false) && (PHP_VERSION < 4.3) ) { exit('Server Requirement Error: register_globals is disabled in your PHP configuration. This can be enabled in your php.ini configuration file or in the .htaccess file in your catalog directory. Please use PHP 4.3+ if register_globals cannot be enabled on the server.'); } // Set the local configuration parameters - mainly for developers if (file_exists('includes/local/configure.php')) include('includes/local/configure.php'); // Include application configuration parameters require('includes/configure.php'); // Define the project version define('PROJECT_VERSION', 'osCommerce Online Merchant v2.2 RC2a'); // some code to solve compatibility issues require(DIR_WS_FUNCTIONS . 'compatibility.php'); // set php_self in the local scope $PHP_SELF = (isset($HTTP_SERVER_VARS['PHP_SELF']) ? $HTTP_SERVER_VARS['PHP_SELF'] : $HTTP_SERVER_VARS['SCRIPT_NAME']); // Used in the "Backup Manager" to compress backups define('LOCAL_EXE_GZIP', '/usr/bin/gzip'); define('LOCAL_EXE_GUNZIP', '/usr/bin/gunzip'); define('LOCAL_EXE_ZIP', '/usr/local/bin/zip'); define('LOCAL_EXE_UNZIP', '/usr/local/bin/unzip'); // include the list of project filenames require(DIR_WS_INCLUDES . 'filenames.php'); // include the list of project database tables require(DIR_WS_INCLUDES . 'database_tables.php'); // customization for the design layout define('BOX_WIDTH', 125); // how wide the boxes should be in pixels (default: 125) // Define how do we update currency exchange rates // Possible values are 'oanda' 'xe' or '' define('CURRENCY_SERVER_PRIMARY', 'oanda'); define('CURRENCY_SERVER_BACKUP', 'xe'); // include the database functions require(DIR_WS_FUNCTIONS . 'database.php'); // make a connection to the database... now tep_db_connect() or die('Unable to connect to database server!'); // set application wide parameters $configuration_query = tep_db_query('select configuration_key as cfgKey, configuration_value as cfgValue from ' . TABLE_CONFIGURATION); while ($configuration = tep_db_fetch_array($configuration_query)) { define($configuration['cfgKey'], $configuration['cfgValue']); } // define our general functions used application-wide require(DIR_WS_FUNCTIONS . 'general.php'); require(DIR_WS_FUNCTIONS . 'html_output.php'); // initialize the logger class require(DIR_WS_CLASSES . 'logger.php'); // include shopping cart class require(DIR_WS_CLASSES . 'shopping_cart.php'); // check to see if php implemented session management functions - if not, include php3/php4 compatible session class if (!function_exists('session_start')) { define('PHP_SESSION_NAME', 'osCAdminID'); define('PHP_SESSION_PATH', '/'); define('PHP_SESSION_SAVE_PATH', SESSION_WRITE_DIRECTORY); include(DIR_WS_CLASSES . 'sessions.php'); } // define how the session functions will be used require(DIR_WS_FUNCTIONS . 'sessions.php'); // set the session name and save path tep_session_name('osCAdminID'); tep_session_save_path(SESSION_WRITE_DIRECTORY); // set the session cookie parameters if (function_exists('session_set_cookie_params')) { session_set_cookie_params(0, DIR_WS_ADMIN); } elseif (function_exists('ini_set')) { ini_set('session.cookie_lifetime', '0'); ini_set('session.cookie_path', DIR_WS_ADMIN); } // lets start our session tep_session_start(); if ( (PHP_VERSION >= 4.3) && function_exists('ini_get') && (ini_get('register_globals') == false) ) { extract($_SESSION, EXTR_OVERWRITE+EXTR_REFS); } // set the language if (!tep_session_is_registered('language') || isset($HTTP_GET_VARS['language'])) { if (!tep_session_is_registered('language')) { tep_session_register('language'); tep_session_register('languages_id'); } include(DIR_WS_CLASSES . 'language.php'); $lng = new language(); if (isset($HTTP_GET_VARS['language']) && tep_not_null($HTTP_GET_VARS['language'])) { $lng->set_language($HTTP_GET_VARS['language']); } else { $lng->get_browser_language(); } $language = $lng->language['directory']; $languages_id = $lng->language['id']; } // redirect to login page if administrator is not yet logged in if (!tep_session_is_registered('admin')) { $redirect = false; $current_page = basename($PHP_SELF); if (($current_page != FILENAME_LOGIN)&&($current_page != FILENAME_CAO_OSC)) { if (!tep_session_is_registered('redirect_origin')) { tep_session_register('redirect_origin'); $redirect_origin = array('page' => $current_page, 'get' => $HTTP_GET_VARS); } $redirect = true; } if ($redirect == true) { tep_redirect(tep_href_link(FILENAME_LOGIN)); } unset($redirect); } // include the language translations require(DIR_WS_LANGUAGES . $language . '.php'); $current_page = basename($PHP_SELF); if (file_exists(DIR_WS_LANGUAGES . $language . '/' . $current_page)) { include(DIR_WS_LANGUAGES . $language . '/' . $current_page); } // define our localization functions require(DIR_WS_FUNCTIONS . 'localization.php'); // Include validation functions (right now only email address) require(DIR_WS_FUNCTIONS . 'validations.php'); // setup our boxes require(DIR_WS_CLASSES . 'table_block.php'); require(DIR_WS_CLASSES . 'box.php'); // initialize the message stack for output messages require(DIR_WS_CLASSES . 'message_stack.php'); $messageStack = new messageStack; // split-page-results require(DIR_WS_CLASSES . 'split_page_results.php'); // entry/item info classes require(DIR_WS_CLASSES . 'object_info.php'); // email classes require(DIR_WS_CLASSES . 'mime.php'); require(DIR_WS_CLASSES . 'email.php'); // file uploading class require(DIR_WS_CLASSES . 'upload.php'); // calculate category path if (isset($HTTP_GET_VARS['cPath'])) { $cPath = $HTTP_GET_VARS['cPath']; } else { $cPath = ''; } if (tep_not_null($cPath)) { $cPath_array = tep_parse_category_path($cPath); $cPath = implode('_', $cPath_array); $current_category_id = $cPath_array[(sizeof($cPath_array)-1)]; } else { $current_category_id = 0; } // default open navigation box if (!tep_session_is_registered('selected_box')) { tep_session_register('selected_box'); $selected_box = 'configuration'; } if (isset($HTTP_GET_VARS['selected_box'])) { $selected_box = $HTTP_GET_VARS['selected_box']; } // the following cache blocks are used in the Tools->Cache section // ('language' in the filename is automatically replaced by available languages) $cache_blocks = array(array('title' => TEXT_CACHE_CATEGORIES, 'code' => 'categories', 'file' => 'categories_box-language.cache', 'multiple' => true), array('title' => TEXT_CACHE_MANUFACTURERS, 'code' => 'manufacturers', 'file' => 'manufacturers_box-language.cache', 'multiple' => true), array('title' => TEXT_CACHE_ALSO_PURCHASED, 'code' => 'also_purchased', 'file' => 'also_purchased-language.cache', 'multiple' => true) ); // check if a default currency is set if (!defined('DEFAULT_CURRENCY')) { $messageStack->add(ERROR_NO_DEFAULT_CURRENCY_DEFINED, 'error'); } // check if a default language is set if (!defined('DEFAULT_LANGUAGE')) { $messageStack->add(ERROR_NO_DEFAULT_LANGUAGE_DEFINED, 'error'); } if (function_exists('ini_get') && ((bool)ini_get('file_uploads') == false) ) { $messageStack->add(WARNING_FILE_UPLOADS_DISABLED, 'warning'); } define('FILENAME_POLLS', 'polls.php'); require(DIR_WS_CLASSES . 'poll_info.php'); require(DIR_WS_CLASSES . 'configuration_info.php'); ?>
FIMBLE Posted May 14, 2009 Posted May 14, 2009 this in you application_top.php is different to yours, try and replace it with code below // redirect to login page if administrator is not yet logged in if (!tep_session_is_registered('admin')) { $redirect = false; $current_page = basename($PHP_SELF); if ($current_page != FILENAME_LOGIN) { if (!tep_session_is_registered('redirect_origin')) { tep_session_register('redirect_origin'); $redirect_origin = array('page' => $current_page, 'get' => $HTTP_GET_VARS); } $redirect = true; } if ($redirect == true) { tep_redirect(tep_href_link(FILENAME_LOGIN)); } unset($redirect); } Sometimes you're the dog and sometimes the lamp post [/url] My Contributions
Guest Posted May 14, 2009 Posted May 14, 2009 Well that doesn't change anything, since this FILENAME_CAO_OSC is just a bypass for the erp system. I just found out tep_session_is_registered('admin') always returns false...How come? Olli
FIMBLE Posted May 14, 2009 Posted May 14, 2009 strange! Also i notice that your config is set to SSL true but it i snot showing as SSL when i try HTTPS there is a big fat red warning The site's security certificate is not trusted! You attempted to reach www.copgo.de, but the server presented a certificate issued by an entity that is not trusted by your computer's operating system. This may mean that the server has generated its own security credentials, which Google Chrome cannot rely on for identity information, or an attacker may be trying to intercept your communications. You should not proceed, especially if you have never seen this warning before for this site. You can try to run with SSL off and see how you go, also check your server error log for info if not Try to add a new administrator, did you add the php_flag register_long_arrays Off to your htaccess? Nic Sometimes you're the dog and sometimes the lamp post [/url] My Contributions
FIMBLE Posted May 14, 2009 Posted May 14, 2009 oh i take it you are also on a windows box? Sometimes you're the dog and sometimes the lamp post [/url] My Contributions
Jan Zonjee Posted May 14, 2009 Posted May 14, 2009 I just found out tep_session_is_registered('admin') always returns false...How come? Exposing your admin area like this is not the greatest idea but the strange thing is that the cookie with admin id corresponds with the osCadminId in the source code of the page, but not with the one in the browser bar: login.php?osCAdminID=e4kbgkiijbsrsp1o8qof2e16s9ta4dhh but in the source code it is: login.php?action=process&osCAdminID=no8gjkl4hco6p6o4fajj80t5uvj9nh4k No clue to what causes that but perhaps it is a missing piece of the puzzle.
Guest Posted May 14, 2009 Posted May 14, 2009 Hey Nic, nothing in the the error logs, SSL certificate shouldn't matter. It is a SuSE Linux box. I turned off long arrays in php.ini (global) and even put it in the configuration for the virtual host. No change. I tried running without SSL already, no change as well. The part for the ERP System is to be recoded soon, I gotta get this running though. Seams like The variables don't get registered in the sessions.
FIMBLE Posted May 14, 2009 Posted May 14, 2009 you also seem to have an issue with the front end not displaying images. Perhaps try a vanilla install in a different folder , see if this works. Sometimes you're the dog and sometimes the lamp post [/url] My Contributions
FIMBLE Posted May 14, 2009 Posted May 14, 2009 in chrome and fire fox your images do not show for the categories, but they do for sub categories, IE (8) shows the images but the links once clicked are painfully slow. Sometimes you're the dog and sometimes the lamp post [/url] My Contributions
Guest Posted May 14, 2009 Posted May 14, 2009 I already tried a clean install, same problem. The frontend is ok so far, there's some work to do yet but the basics are done. Even Login and Logout and the whole sessions management works in the frontend. Customers can register, can login again... hmmmm EDIT: They can't show for categories yet, theres none setup so far. Only product images are in by now. This is just a testing productset and the database has to be reimported. Caching is off and the category tables aren't optimized yet.
Guest Posted May 14, 2009 Posted May 14, 2009 I found an error in application top: PHP Fatal error: Call to undefined function tep_session_name() in /srv/www/vhosts/copgo.de/httpdocs/multimedia/admin/includes/application_top.php on Line 96 This is the according code: // set the session name and save path tep_session_name('osCAdminID'); tep_session_save_path(SESSION_WRITE_DIRECTORY);
koala Posted January 9, 2010 Posted January 9, 2010 Hey guys, did anyone find a fix for this problem as I'm having the same issue. I'm using a fresh install of oscommerce version 3 PHP 5.3.1 on apache 2.2 with mysqli 5 I log in to admin but get redirected to the logon screen again with just the session ID changing as described above.
germ Posted January 9, 2010 Posted January 9, 2010 Hey guys, did anyone find a fix for this problem as I'm having the same issue. I'm using a fresh install of oscommerce version 3 PHP 5.3.1 on apache 2.2 with mysqli 5 I log in to admin but get redirected to the logon screen again with just the session ID changing as described above. Version 3 problems need to be posted smewhere here Look towards the top of the page. This part of the forum is for Version 2 support exclusively. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
BdMdesigN Posted July 30, 2011 Posted July 30, 2011 Moin Moin Brothers and Sisters, I have here a fresh install of the osc 2.3.1 on PHP-Version: 5.3.7RC2-dev :: MySQL-Version: 5.1.46-log :: Server-Version: Apache/2.2.15 (Linux/SUSE). After this fix: http://www.oscommerce.com/forums/topic/218403-1062-duplicate-entry-error-fix/ , i cant go in the Adminpanel. I cant login, because all browsers are redirects in the Nirvana. Admin Sessions are created. I dont have made changes in all file, it a fresh install. Best Regards
BdMdesigN Posted July 30, 2011 Posted July 30, 2011 this in you application_top.php is different to yours, try and replace it with code below // redirect to login page if administrator is not yet logged in if (!tep_session_is_registered('admin')) { $redirect = false; $current_page = basename($PHP_SELF); if ($current_page != FILENAME_LOGIN) { if (!tep_session_is_registered('redirect_origin')) { tep_session_register('redirect_origin'); $redirect_origin = array('page' => $current_page, 'get' => $HTTP_GET_VARS); } $redirect = true; } if ($redirect == true) { tep_redirect(tep_href_link(FILENAME_LOGIN)); } unset($redirect); } Huu? FIMBLE, my application_top.php its not the same as yours ?!? Lines 123 - 164: // redirect to login page if administrator is not yet logged in if (!tep_session_is_registered('admin')) { $redirect = false; $current_page = basename($PHP_SELF); // if the first page request is to the login page, set the current page to the index page // so the redirection on a successful login is not made to the login page again if ( ($current_page == FILENAME_LOGIN) && !tep_session_is_registered('redirect_origin') ) { $current_page = FILENAME_DEFAULT; $HTTP_GET_VARS = array(); } if ($current_page != FILENAME_LOGIN) { if (!tep_session_is_registered('redirect_origin')) { tep_session_register('redirect_origin'); $redirect_origin = array('page' => $current_page, 'get' => $HTTP_GET_VARS); } // try to automatically login with the HTTP Authentication values if it exists if (!tep_session_is_registered('auth_ignore')) { if (isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) && !empty($HTTP_SERVER_VARS['PHP_AUTH_USER']) && isset($HTTP_SERVER_VARS['PHP_AUTH_PW']) && !empty($HTTP_SERVER_VARS['PHP_AUTH_PW'])) { $redirect_origin['auth_user'] = $HTTP_SERVER_VARS['PHP_AUTH_USER']; $redirect_origin['auth_pw'] = $HTTP_SERVER_VARS['PHP_AUTH_PW']; } } $redirect = true; } if (!isset($login_request) || isset($HTTP_GET_VARS['login_request']) || isset($HTTP_POST_VARS['login_request']) || isset($HTTP_COOKIE_VARS['login_request']) || isset($HTTP_SESSION_VARS['login_request']) || isset($HTTP_POST_FILES['login_request']) || isset($HTTP_SERVER_VARS['login_request'])) { $redirect = true; } if ($redirect == true) { tep_redirect(tep_href_link(FILENAME_LOGIN, (isset($redirect_origin['auth_user']) ? 'action=process' : ''))); } unset($redirect); } And if i delete/uncomment this lines the Adminpanel works ?!?
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.