Rozza Posted September 28, 2010 Posted September 28, 2010 Not sure what I have done but after adding a couple of contributions ('QT Pro', 'Monthly Sales & Tax Report' and 'UK VAT Summary') every time I try to run these admin reports it forces me to log-in again. I'm also seeing a new session ID in the URL. With QT Pro and Monthly Sales & Tax Report it's just an annoyance but with UK VAT Summary it renders the report useless as after re-logging in it loses the setting I made to create the report. I have trawled the forum for info but I'm drawing a blank - any advice would be appreciated.
web-project Posted September 28, 2010 Posted September 28, 2010 I know this sort of issue, as I have experienced before on customer server. Basically the issue with sessions, normally the oscommerce create the session and on some servers you will see the session adding to URL address the osid= To fix your issue you need to modify the code, for example: <a href="index.php">Home</a> should be changed to: <?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">Home</a>'; ?> Please read this line: Do you want to find all the answers to your questions? click here. As for contribution database it's located here! 8 people out of 10 don't bother to read installation manuals. I can recommend: if you can't read the installation manual, don't bother to install any contribution yourself. Before installing contribution or editing/updating/deleting any files, do the full backup, it will save to you & everyone here on the forum time to fix your issues. Any issues with oscommerce, I am here to help you.
Rozza Posted September 28, 2010 Author Posted September 28, 2010 Hi Alex, many thanks for your quick reply. Apologies but I probably threw in a few red herrings in my original post as I'm a complete novice when it comes to php. I'm not sure where I would edit the text you suggest as the links or form submissions are within the code of the contribution. The problem only arises from within the pages of all my added contributions - eg: I log in to the admin panel, click on 'Reports' and then (for example) 'VAT Quarterly Reports' - so far so good. The basic report is there on screen and my url is showing: .../admin/vat_report.php?osCAdminID=c3bb4d20c42dc1d89b34f24150037700 Now when I want to drill down further (by selecting a link on the page or submitting a form element) I'm faced with the log-in screen. The url is then: .../admin/login.php?osCAdminID=1976e225bc890391c4bf7c53d213bdfa However if I click the browsers 'Back' button I can go back to the page where I was previously and with the original url/Admin ID. I have scanned through the code of all these contributions but I'm struggling to find links etc that are not already in form of your example.
Jan Zonjee Posted September 28, 2010 Posted September 28, 2010 However if I click the browsers 'Back' button I can go back to the page where I was previously and with the original url/Admin ID. Perhaps you have set your browser not to accept cookies? The contributions you use may not have anticipated that. If you don't want your browser to accept cookies because you are afraid for something it might be better to install another browser and use that one for your shop admin and only that. But then set it to accept cookies. Or perhaps there is something wrong with your admin/configure.php file and the site cannot set a cookie in your browser because of that.
Rozza Posted September 29, 2010 Author Posted September 29, 2010 Perhaps you have set your browser not to accept cookies? The contributions you use may not have anticipated that. If you don't want your browser to accept cookies because you are afraid for something it might be better to install another browser and use that one for your shop admin and only that. But then set it to accept cookies. Or perhaps there is something wrong with your admin/configure.php file and the site cannot set a cookie in your browser because of that. Hi Jan, thanks for the tip but I have tried various browsers with cookies on/off. I have tried numerous tweaks in the config file and options like forcing cookies, changing the session directory & directory permissions etc. Not sure if they are important but there are a couple of things I have noticed... Every time I log in I get the exact same session osCAdminID ??!! (even on different browsers) - I would have thought this would be an ever changing randomly generated key? When I hover over the links in most areas of the OCS Admin area my browser will show the full path of the link - then the function - ending with the current osCAdminID. However within all my added contributions the function appears after the osCAdminID. For example... A link within the standard OSC 'Stock Report' http://mysubdomain.mydomain.com//admin/stock.php?product_id=44&osCAdminID=c3bb4d20c42dc1d89b34f24150037700 Link within added contributions (in this case Monthly Sales & Tax Report, selecting 'April 2010') http://mysubdomain.mydomain.com//admin/stats_monthly_sales.php?osCAdminID=c3bb4d20c42dc1d89b34f24150037700&month=4&year=2010 In every case where it fails and kicks me back to the Admin log-in page that link will have the function at the very end of the path.
Jan Zonjee Posted September 29, 2010 Posted September 29, 2010 Every time I log in I get the exact same session osCAdminID ??!! (even on different browsers) - I would have thought this would be an ever changing randomly generated key? That is far from normal. Have you checked your admin/includes/configure.php to see if an osCAdminID is in there somewhere. When I hover over the links in most areas of the OCS Admin area my browser will show the full path of the link - then the function - ending with the current osCAdminID. However within all my added contributions the function appears after the osCAdminID. mydomain.com//admin There should be only one slash, not two.
Rozza Posted September 29, 2010 Author Posted September 29, 2010 That is far from normal. Have you checked your admin/includes/configure.php to see if an osCAdminID is in there somewhere. Can't see any references to an osCAdminID in the configure.php file - I should add that the repeating number is only at each first log-in, when I'm kicked out a new ID is created. When I restart my browser that repeating number is back. mydomain.com//admin There should be only one slash, not two. I had noticed that too, it's been like that from the start but apart from the added contributions everything seems to work fine - not sure how to fix it but I'll look in to it. Fo what it's worth here is my admin/includes/configure.php file (for extra site security I had changed the name of the admin & catalog images folder)... <?php define('HTTP_SERVER', 'http://mysubdomain.mydomain.com/'); define('HTTP_CATALOG_SERVER', 'http://mysubdomain.mydomain.com/'); define('HTTPS_CATALOG_SERVER', 'http://mysubdomain.mydomain.com'); define('ENABLE_SSL_CATALOG', 'false'); define('DIR_FS_DOCUMENT_ROOT', '/var/www/vhosts/mydomain.com/subdomains/mysubdomain/httpdocs/'); define('DIR_WS_ADMIN', '/xxxxx/'); define('DIR_FS_ADMIN', '/var/www/vhosts/mydomain.com/subdomains/mysubdomain/httpdocs/xxxxx/'); define('DIR_WS_CATALOG', '/'); define('DIR_FS_CATALOG', '/var/www/vhosts/mydomain.com/subdomains/mysubdomain/httpdocs/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'xxxxxx/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'xxxxxx/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); define('DB_SERVER', 'plesk-db01.plus.net:3306'); define('DB_SERVER_USERNAME', 'xxxxxxxxx'); define('DB_SERVER_PASSWORD', 'xxxxxxxxx'); define('DB_DATABASE', 'xxxxxxxxx'); define('USE_PCONNECT', 'false'); define('STORE_SESSIONS', 'mysql'); ?>
Jan Zonjee Posted September 29, 2010 Posted September 29, 2010 When I restart my browser that repeating number is back. That's still strange since when you shut down the browser the cookie should have been expired. I had noticed that too, it's been like that from the start but apart from the added contributions everything seems to work fine - not sure how to fix it but I'll look in to it. I am almost 100% sure you should not have trailing slashes after the define in HTTP_SERVER and HTTP_CATALOG_SERVER: <?php define('HTTP_SERVER', 'http://mysubdomain.mydomain.com'); define('HTTP_CATALOG_SERVER', 'http://mysubdomain.mydomain.com'); define('HTTPS_CATALOG_SERVER', 'http://mysubdomain.mydomain.com'); The rest looks fine. Can you see the osCAdminID cookie in your browser?
Rozza Posted September 29, 2010 Author Posted September 29, 2010 I am almost 100% sure you should not have trailing slashes after the define in HTTP_SERVER and HTTP_CATALOG_SERVER: <?php define('HTTP_SERVER', 'http://mysubdomain.mydomain.com'); define('HTTP_CATALOG_SERVER', 'http://mysubdomain.mydomain.com'); define('HTTPS_CATALOG_SERVER', 'http://mysubdomain.mydomain.com'); The rest looks fine. Can you see the osCAdminID cookie in your browser? Jan, you are a genius! Those trailing slashes would appear to have been the root (no pun intended) of all my problems. With cookies allowed all the scripts run as they should (well, apart from the UK VAT Report not showing the true values, but that's for another day - I'll install that again) and the osCAdminID no longer shows as part of the link or URL. With cookies blocked the problem re-surfaces but, as per your earlier reply, this may be expected and is at least predictable. It's an excellent working solution for me and for that I am truly grateful. Many, many thanks Carl
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.