spooks Posted March 5, 2010 Share Posted March 5, 2010 This came up & others may find it useful, so I`m repeating the tip here: After a visitor has placed an item in thier cart and has to sign in or create a account, they go back to the index page and not to the shopping cart where they came from. This first change means after your visitor logs in, if there are items in the cart, instead of going to the home page they go staight to checkout and get a message for displayed on checkout that they are logged in: In login.php find: tep_redirect(tep_href_link(FILENAME_DEFAULT)); replace with: if ($cart->count_contents() < 1) { tep_redirect(tep_href_link(FILENAME_DEFAULT)); } else { tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, 'info_message=' . 'Welcome back, You have been logged in successfully!', 'SSL')); } This next change means after your visitor completes the create account page if there are items in their cart, instead of going to CREATE_ACCOUNT_SUCCESS, they go staight to checkout and have a message displayed on checkout that the account is created: In create account find: tep_redirect(tep_href_link(FILENAME_CREATE_ACCOUNT_SUCCESS, '', 'SSL')); replace with: if ($cart->count_contents() < 1) { tep_redirect(tep_href_link(FILENAME_CREATE_ACCOUNT_SUCCESS, '', 'SSL')); } else { tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, 'info_message=' . 'Welcome! Your new account has been successfully created!', 'SSL')); } Another change I make is if your visitor has no items in thier cart & they click on checkout, they are taken to the login page, in my view this is not what they expect, so this change means if they click on checkout with nothing in thier cart they go to the cart. in checkout_shipping.php: find: // if there is nothing in the customers cart, redirect them to the shopping cart page if ($cart->count_contents() < 1) { tep_redirect(tep_href_link(FILENAME_SHOPPING_CART)); move that section to above: // if the customer is not logged on, redirect them to the login page if (!tep_session_is_registered('customer_id')) { $navigation->set_snapshot(); tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL')); } Thats it, hope you find this useful. Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
purplemartinart Posted March 15, 2010 Share Posted March 15, 2010 This came up & others may find it useful, so I`m repeating the tip here: After a visitor has placed an item in thier cart and has to sign in or create a account, they go back to the index page and not to the shopping cart where they came from. This first change means after your visitor logs in, if there are items in the cart, instead of going to the home page they go staight to checkout and get a message for displayed on checkout that they are logged in: Hi Sam, I wonder if this can help me with a small problem I am having with my site. My site has been modded a bit (V2) and unless the customer is checking out they can not go to their Order Information(account history.php) page or My Account Information (account.php) page AT ALL. After login they just stay at the front page with that standard "Hello Customer X, would you like to bla bla bla or ha ha ha" Would your tip be helpful in my situation? (if you want to see my site to see what I meanclick here) Just please, if anyone wants to fiddle, enter a customer name I can easily find to delete afterwards like "Mr.Fake Customer" or something. Thanks, Susan Proudly uses Oscommerce! Link to comment Share on other sites More sharing options...
spooks Posted March 15, 2010 Author Share Posted March 15, 2010 I just tried your site, seemed to work for me, just not secure (see the account I made) You are preventing pasting into fields, did someone tell you that could prevent hacks!! All it does is annoy real customers, where did you get that from? I stronly suggest you secure now, the hackers WILL find you. How to secure your site: http://www.oscommerce.com/forums/index.php?showtopic=313323 Anti-hacker Account Mods http://addons.oscommerce.com/info/7202 Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
purplemartinart Posted March 15, 2010 Share Posted March 15, 2010 I am sorry but I do not understand. When I go to create a customer, I go to my servers shared secure server https://ssl4.westserver. and I can paste into fields. I see what you are referring too with the account you created. I will look into those contributions but I am enough of a newbie that I do not know how you did it and thus will not be able to test if I am fixed. :'( I just created a customer to verify and I just know I go to my https server. I also tested ctrl-V into fields and it worked. Is that the kind of pasting you are talking about? Complaints are coming from customers being unable to view details of their order once a purchase is made, order history and the like. But I will work on the security also Thanks, Susan Proudly uses Oscommerce! Link to comment Share on other sites More sharing options...
spooks Posted March 15, 2010 Author Share Posted March 15, 2010 I just created a customer to verify and I just know I go to my https server. I also tested ctrl-V into fields and it worked. Is that the kind of pasting you are talking about? Your ssl/ https server does not secure your site, all that does is provide secure comms between your site & visitor (or hacker!!) Yes ctrl-V is the sort of thing I was refering too, it don't work for me on your site, maybe a browser thing, my auto insert program gets round that type of thing anyway!! The basic test is paste [w](o)%3Cr%3Ek|i*n^g into your search box & any other field (or the url) if after submitting the text its not cleaned to working you have an issue, you could also run a PCI scan which would find lots of issues. The most important security issues to address are admin access protection and vunerability removal, input sanitising (cleaning) , XSS prevention, then the rest. Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
purplemartinart Posted March 15, 2010 Share Posted March 15, 2010 Sam, would installing your Anti-hacker Account Mods, alter or effect an existing customers password or ability to login? I checked my permissions per the referred to thread and deleted the admin files for filemanager, per your suggestions. But about the customer not being able to access their history or account information- any tips??? :) Thanks, Susan Proudly uses Oscommerce! Link to comment Share on other sites More sharing options...
spooks Posted March 15, 2010 Author Share Posted March 15, 2010 Sam, would installing your Anti-hacker Account Mods, alter or effect an existing customers password or ability to login? No, there is a setting included to allow for old passwords, that is enabled by default. But about the customer not being able to access their history or account information- any tips??? Do they get logged out (ie sessions issue)? When I tested b4 I was able to access account name & address details, but did not look further. Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
purplemartinart Posted March 15, 2010 Share Posted March 15, 2010 No, they dont get logged out, but there is no place to click on to go to their customer admin area. An issue with my (not by me) mod. BUT thought this tip of yours could be a way to solve that issue that I could handle. When I add a customer, after the initial time I add in the information to add the account I am unable to access the history, account information pages unless I manually type in .com/account.php Thanks, Susan Proudly uses Oscommerce! Link to comment Share on other sites More sharing options...
spooks Posted March 15, 2010 Author Share Posted March 15, 2010 No, they dont get logged out, but there is no place to click on to go to their customer admin area. An issue with my (not by me) mod. BUT thought this tip of yours could be a way to solve that issue that I could handle. When I add a customer, after the initial time I add in the information to add the account I am unable to access the history, account information pages unless I manually type in .com/account.php I see, in includes/boxes/information.php below '<a href="' . tep_href_link(FILENAME_CONTACT_US) . '">' . BOX_INFORMATION_CONTACT . '</a><br>' . add: '<a href="' . tep_href_link(FILENAME_ACCOUNT) . '">' . HEADER_TITLE_MY_ACCOUNT . '</a><br>' . Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
purplemartinart Posted March 15, 2010 Share Posted March 15, 2010 sweeeeeeeeeeeeeeeeeeeeeeeet! thanks Sam! You'll be seeing me again soon if I get stumped by the install on your contribution ;) thank you kindly sir! Thanks, Susan Proudly uses Oscommerce! Link to comment Share on other sites More sharing options...
cemrotterdam Posted March 15, 2010 Share Posted March 15, 2010 This came up & others may find it useful, so I`m repeating the tip here: After a visitor has placed an item in thier cart and has to sign in or create a account, they go back to the index page and not to the shopping cart where they came from. This first change means after your visitor logs in, if there are items in the cart, instead of going to the home page they go staight to checkout and get a message for displayed on checkout that they are logged in: In login.php find: tep_redirect(tep_href_link(FILENAME_DEFAULT)); replace with: if ($cart->count_contents() < 1) { tep_redirect(tep_href_link(FILENAME_DEFAULT)); } else { tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, 'info_message=' . 'Welcome back, You have been logged in successfully!', 'SSL')); } This next change means after your visitor completes the create account page if there are items in their cart, instead of going to CREATE_ACCOUNT_SUCCESS, they go staight to checkout and have a message displayed on checkout that the account is created: In create account find: tep_redirect(tep_href_link(FILENAME_CREATE_ACCOUNT_SUCCESS, '', 'SSL')); replace with: if ($cart->count_contents() < 1) { tep_redirect(tep_href_link(FILENAME_CREATE_ACCOUNT_SUCCESS, '', 'SSL')); } else { tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, 'info_message=' . 'Welcome! Your new account has been successfully created!', 'SSL')); } Another change I make is if your visitor has no items in thier cart & they click on checkout, they are taken to the login page, in my view this is not what they expect, so this change means if they click on checkout with nothing in thier cart they go to the cart. in checkout_shipping.php: find: // if there is nothing in the customers cart, redirect them to the shopping cart page if ($cart->count_contents() < 1) { tep_redirect(tep_href_link(FILENAME_SHOPPING_CART)); move that section to above: // if the customer is not logged on, redirect them to the login page if (!tep_session_is_registered('customer_id')) { $navigation->set_snapshot(); tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL')); } Thats it, hope you find this useful. Thank you it has been really helpfull. Link to comment Share on other sites More sharing options...
purplemartinart Posted March 16, 2010 Share Posted March 16, 2010 In login.php find: tep_redirect(tep_href_link(FILENAME_DEFAULT)); replace with: if ($cart->count_contents() < 1) { tep_redirect(tep_href_link(FILENAME_DEFAULT)); } else { tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, 'info_message=' . 'Welcome back, You have been logged in successfully!', 'SSL')); } This next change means after your visitor completes the create account page if there are items in their cart, instead of going to CREATE_ACCOUNT_SUCCESS, they go staight to checkout and have a message displayed on checkout that the account is created: In create account find: tep_redirect(tep_href_link(FILENAME_CREATE_ACCOUNT_SUCCESS, '', 'SSL')); replace with: if ($cart->count_contents() < 1) { tep_redirect(tep_href_link(FILENAME_CREATE_ACCOUNT_SUCCESS, '', 'SSL')); } else { tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, 'info_message=' . 'Welcome! Your new account has been successfully created!', 'SSL')); } I made these 2 changes and it did not work as planned. I am not sure where I am messing up. Basically, with a non logged in customer, an item in the cart, after making a new account I get bumped to the welcome "Please sign in page". What am i doing wrong? I don't think I am loosing the session id as the url has login.php?osCsid=9b6408721e15cb206ae3800a4a168ab5 But there is no cart shown. I try to sign in again and it will not leave the "login" welcome, please sign in page. But as soon as I click on a category for instance, the cart shows back up with my item in the basket. If you can take a look - I created a dummy customer with email [email protected] and password of "password" or create your own. Was that code snippet ready to go 'as is' or am I supposed to change something or add something to it? thank you Thanks, Susan Proudly uses Oscommerce! Link to comment Share on other sites More sharing options...
spooks Posted March 16, 2010 Author Share Posted March 16, 2010 Was that code snippet ready to go 'as is' or am I supposed to change something or add something to it? Yes, you don't need anything else, it does sound as though you have done something to cause the sid to change, check you have no links containing a sid and all links use tep_href_link The code given is just basic stuff, there is nothing 'fancy' going on. Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
scastro Posted March 23, 2010 Share Posted March 23, 2010 This came up & others may find it useful, so I`m repeating the tip here: After a visitor has placed an item in thier cart and has to sign in or create a account, they go back to the index page and not to the shopping cart where they came from. This first change means after your visitor logs in, if there are items in the cart, instead of going to the home page they go staight to checkout and get a message for displayed on checkout that they are logged in: In login.php find: tep_redirect(tep_href_link(FILENAME_DEFAULT)); replace with: if ($cart->count_contents() < 1) { tep_redirect(tep_href_link(FILENAME_DEFAULT)); } else { tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, 'info_message=' . 'Welcome back, You have been logged in successfully!', 'SSL')); } This next change means after your visitor completes the create account page if there are items in their cart, instead of going to CREATE_ACCOUNT_SUCCESS, they go staight to checkout and have a message displayed on checkout that the account is created: In create account find: tep_redirect(tep_href_link(FILENAME_CREATE_ACCOUNT_SUCCESS, '', 'SSL')); replace with: if ($cart->count_contents() < 1) { tep_redirect(tep_href_link(FILENAME_CREATE_ACCOUNT_SUCCESS, '', 'SSL')); } else { tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, 'info_message=' . 'Welcome! Your new account has been successfully created!', 'SSL')); } Another change I make is if your visitor has no items in thier cart & they click on checkout, they are taken to the login page, in my view this is not what they expect, so this change means if they click on checkout with nothing in thier cart they go to the cart. in checkout_shipping.php: find: // if there is nothing in the customers cart, redirect them to the shopping cart page if ($cart->count_contents() < 1) { tep_redirect(tep_href_link(FILENAME_SHOPPING_CART)); move that section to above: // if the customer is not logged on, redirect them to the login page if (!tep_session_is_registered('customer_id')) { $navigation->set_snapshot(); tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL')); } Thats it, hope you find this useful. This isn't working for me. Every user that adds an item to the cart is automatically signed in as the test account that I set up. I tested this on multiple computers and each one was automatically signed in, skipping the login/create account process. Link to comment Share on other sites More sharing options...
spooks Posted March 24, 2010 Author Share Posted March 24, 2010 This isn't working for me. Every user that adds an item to the cart is automatically signed in as the test account that I set up. I tested this on multiple computers and each one was automatically signed in, skipping the login/create account process. This does not alter the login in any way, it just alters the redirect after login, you have something else going on. try clearing caches and deleting cookies. Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
scastro Posted March 24, 2010 Share Posted March 24, 2010 This does not alter the login in any way, it just alters the redirect after login, you have something else going on. try clearing caches and deleting cookies. Alright the solution is working, i cleared my cache and deleted my cookies. No more redirects. I am having one other problem though, the quantity clears itself. Please help. Link to comment Share on other sites More sharing options...
spooks Posted March 24, 2010 Author Share Posted March 24, 2010 Alright the solution is working, i cleared my cache and deleted my cookies. No more redirects. I am having one other problem though, the quantity clears itself. Please help. Again not normal behaviour, cart addition/changes are done within application top, examine you code there esp any changes you have made to the default osC code. PS I would remind that by default osC merges the visitor cart with you user cart on login, so if you have issues ensure your cart is empty, logout, then re-test. Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
axioma Posted March 26, 2010 Share Posted March 26, 2010 Everything good... But when a costumer wants to go only to his account, he will redirected to the shopping cart, or if it is empty, he will be directed to index. From there, he has to make another click in order to arrive finally to his account page (not very friendly). ANY thoughts ????? Link to comment Share on other sites More sharing options...
spooks Posted March 26, 2010 Author Share Posted March 26, 2010 Everything good... But when a costumer wants to go only to his account, he will redirected to the shopping cart, or if it is empty, he will be directed to index. No, not quite the method, the default osC is if there is a page history, after login, go there, otherwise index.php. The only change this does is to the last, ie if there is a page history, after login, go there, otherwise if items in cart, go there, otherwise index.php. So your complaint is to the default operation!! PS did you check this fully? if you click on account, the account page does add to the history b4 redirect to login, so after login you do go back to account not anywhere else!! Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
axioma Posted March 26, 2010 Share Posted March 26, 2010 No, not quite the method, the default osC is if there is a page history, after login, go there, otherwise index.php. The only change this does is to the last, ie if there is a page history, after login, go there, otherwise if items in cart, go there, otherwise index.php. So your complaint is to the default operation!! PS did you check this fully? if you click on account, the account page does add to the history b4 redirect to login, so after login you do go back to account not anywhere else!! Hello, yes I test on 2 stores, one on a fresh installation without modification, and one on another store with this modification. The goal is go to my account. This 2 sceneries are present: The standard store lead me to directly to my account after I login The modified store lead me to directly to shopping after I login (note: my cart is empty, I did not put anything to my shopping cart). Link to comment Share on other sites More sharing options...
spooks Posted March 26, 2010 Author Share Posted March 26, 2010 Hello, yes I test on 2 stores, one on a fresh installation without modification, and one on another store with this modification. The goal is go to my account. This 2 sceneries are present: The standard store lead me to directly to my account after I login The modified store lead me to directly to shopping after I login (note: my cart is empty, I did not put anything to my shopping cart). Then you made an error, on my sites with this (rc2a etc) it does as expected. Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
axioma Posted March 29, 2010 Share Posted March 29, 2010 Yes is something wrong in my store. After made the modifications to my store an a vanilla store, and after use compare files loging.php files are similar create_account.php files are similar even create_account_success.php files are similar I don’t know where is my error… Link to comment Share on other sites More sharing options...
spooks Posted March 29, 2010 Author Share Posted March 29, 2010 I don’t know where is my error… In an edited login.php ushould now have: // restore cart contents $cart->restore_contents(); if (sizeof($navigation->snapshot) > 0) { $origin_href = tep_href_link($navigation->snapshot['page'], tep_array_to_string($navigation->snapshot['get'], array(tep_session_name())), $navigation->snapshot['mode']); $navigation->clear_snapshot(); tep_redirect($origin_href); } else { if ($cart->count_contents() < 1) { tep_redirect(tep_href_link(FILENAME_DEFAULT)); } else { tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, 'info_message=' . 'Welcome back, You have been logged in successfully!', 'SSL')); } } that code means if there is a page history, go there, otherwise if items in cart, go there, otherwise index.php perhaps you have brackets miss positioned, that would drastically alter the behaviour. Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
axioma Posted March 29, 2010 Share Posted March 29, 2010 this is my code // restore cart contents $cart->restore_contents(); if (sizeof($navigation->snapshot) > 0) { $origin_href = tep_href_link($navigation->snapshot['page'], tep_array_to_string($navigation->snapshot['get'], array(tep_session_name())), $navigation->snapshot['mode']); $navigation->clear_snapshot(); tep_redirect($origin_href); } else { if ($cart->count_contents() < 1) { tep_redirect(tep_href_link(FILENAME_DEFAULT)); } else { tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, 'info_message=' . 'Welcome back, You have been logged in successfully!', 'SSL')); } } } } } if ($error == true) { $messageStack->add('login', TEXT_LOGIN_ERROR); is there an extra brackets? thnks Link to comment Share on other sites More sharing options...
birdrockdesigns Posted May 27, 2010 Share Posted May 27, 2010 This came up & others may find it useful, so I`m repeating the tip here: After a visitor has placed an item in thier cart and has to sign in or create a account, they go back to the index page and not to the shopping cart where they came from. This first change means after your visitor logs in, if there are items in the cart, instead of going to the home page they go staight to checkout and get a message for displayed on checkout that they are logged in: In login.php find: tep_redirect(tep_href_link(FILENAME_DEFAULT)); replace with: if ($cart->count_contents() < 1) { tep_redirect(tep_href_link(FILENAME_DEFAULT)); } else { tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, 'info_message=' . 'Welcome back, You have been logged in successfully!', 'SSL')); } This next change means after your visitor completes the create account page if there are items in their cart, instead of going to CREATE_ACCOUNT_SUCCESS, they go staight to checkout and have a message displayed on checkout that the account is created: In create account find: tep_redirect(tep_href_link(FILENAME_CREATE_ACCOUNT_SUCCESS, '', 'SSL')); replace with: if ($cart->count_contents() < 1) { tep_redirect(tep_href_link(FILENAME_CREATE_ACCOUNT_SUCCESS, '', 'SSL')); } else { tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, 'info_message=' . 'Welcome! Your new account has been successfully created!', 'SSL')); } Another change I make is if your visitor has no items in thier cart & they click on checkout, they are taken to the login page, in my view this is not what they expect, so this change means if they click on checkout with nothing in thier cart they go to the cart. in checkout_shipping.php: find: // if there is nothing in the customers cart, redirect them to the shopping cart page if ($cart->count_contents() < 1) { tep_redirect(tep_href_link(FILENAME_SHOPPING_CART)); move that section to above: // if the customer is not logged on, redirect them to the login page if (!tep_session_is_registered('customer_id')) { $navigation->set_snapshot(); tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL')); } Thats it, hope you find this useful. Sam, this is brilliant! Thanks so much. Don't know if this is the right thread, but do you know how to get the Complete Reviews System to work with a CSS osCommerce install? I keep getting syntax errors - and I've looked through the code. I have to remove any 'table' tags like <td> or <tr> - and the instructions aren't too clear. http://addons.oscommerce.com/info/4397 Any help would be much appreciated. Thanks. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.