brihan Posted December 9, 2003 Posted December 9, 2003 Hi All, I know this topic has been beat to death and I tried to research older post to figure out the (my) problem but I am still coming up short. This is on a new install of 2.2 downloaded the other day (12/7/03). I can create a new account but when I try to login I get the error: You are not authorized to view this page HTTP Error 403 - Forbidden All admin functions work fine. Here is what I know (to the best of my ability). The SSL is correct https://www.hades.safe-order.net/creia/catalog/login.php If I purposely inter the wrong e-mail or password I will get the proper error page telling me: "Error: No match for E-Mail Address and/or Password. " If I click on "My Account" first and then enter my e-mail and Password it is OK and I can get into my account (and is also on my secure server). The "Lock" is on in my Admin Panel. That is what I know. What I don't know is why I get the "You are not authorized to view this page HTTP Error 403 - Forbidden" error when trying to login with my correct info so I can check out. Any thoughts? Thank you for any help you can provide. Brian
brihan Posted December 9, 2003 Author Posted December 9, 2003 Could it be a cookie problem? If I set "Force Cookie Use" to "True" I get the error page (You are not authorized to view this page HTTP Error 403 - Forbidden) right off the bat when I click the link to go to the logon page. The problem I mentioned in the above post came after I entered the info and hit submit. Thanks for any help you can provide. Brian
beardeddone Posted December 9, 2003 Posted December 9, 2003 HTTP Error 403 - Forbidden ****** It also sounds like it might be a cmod or .htaccess problem. Best Regards
brihan Posted December 9, 2003 Author Posted December 9, 2003 Thanks beardeddone, Through some round about way I was able to order a product and get through the checkout process but after the order was placed and I clicked the final "Continue" button that I guess should have taken me back to the cart I received the same "You are not authorized to view this page HTTP Error 403 - Forbidden" error. I'm guessing they are related. Anyone have any thoughts on fixing this? Thanks, Brian
Noobish-n-stuff Posted December 9, 2003 Posted December 9, 2003 make sure the rights are setup correctly for the catalog dir. it almost sounds like it can't write to the db.
Guest Posted April 16, 2005 Posted April 16, 2005 I'm having what looks like identical problems. For example, when visiting the site as a guest, and I click the Write A Review button on a product's review page, I go through to the login page. I enter my email and password and click Sign In. When I'm using IE, I receive the "You Are Not Authorized..." message for the file login.php accessed through the secure server. If using Firefox, I get the "Forbidden..." message for the product_reviews_write.php file accessed through the secure server. I can login okay from the My Account link and have no problems writing reviews or anything else. It seems that if I'm accessing pages for which a login is required as a guest, this problem arises, but if I'm already logged in there are no problems.
Guest Posted April 17, 2005 Posted April 17, 2005 A little bit more information, in light of the above suggestions. The .htaccess file in the catalog directory has: Options +FollowSymLinks -Indexes DirectoryIndex index.php index.shtml index.htm index.html # The following makes adjustments to the SSL protocol for Internet # Explorer browsers <IfModule mod_setenvif.c> <IfDefine SSL> SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 </IfDefine> </IfModule> --------------------------------------- And the rights for the directory are: drwxrwxr-x Any suggestions?
Guest Posted April 18, 2005 Posted April 18, 2005 I found the answer in another post under "Help with Login error please": In file \catalog\includes\functions\general.php, amend the redirect function to read: function tep_redirect($url) { if ( (ENABLE_SSL == true) && (getenv('HTTPS') == 'on') ) { // We are loading an SSL page if (substr($url, 0, strlen(HTTP_SERVER)) == HTTP_SERVER) { // NONSSL url $url = HTTPS_SERVER . DIR_WS_HTTPS_CATALOG . substr($url, strlen(HTTP_SERVER . DIR_WS_HTTP_CATALOG)); // Change it to SSL } } header('Location: ' . $url); tep_exit(); } That did the trick!!
Guest Posted May 10, 2005 Posted May 10, 2005 Thank you so much for the post! i've been searching all over for this! :'(
MissyB19 Posted July 7, 2005 Posted July 7, 2005 Hi hi.. not sure if i'm doing it correctly. I went to the folder as mentioned and changed it as above. But when i go to login or create account, i still get the error Forbidden You don't have permission to access /login.php on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. Please help me. Mine <?php /* $Id: general.php,v 1.231 2003/07/09 01:15:48 hpdl Exp $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright © 2003 osCommerce Released under the GNU General Public License */ //// // Stop from parsing any further PHP code function tep_exit() { tep_session_close(); exit(); } //// // Redirect to another page or site function tep_redirect($url) { if ( (ENABLE_SSL == true) && (getenv('HTTPS') == 'on') ) { // We are loading an SSL page if (substr($url, 0, strlen(HTTP_SERVER)) == HTTP_SERVER) { // NONSSL url $url = HTTPS_SERVER . DIR_WS_HTTPS_CATALOG . substr($url, strlen(HTTP_SERVER . DIR_WS_HTTP_CATALOG)); // Change it to SSL } } header('Location: ' . $url); tep_exit(); } //// // Parse the data used in the html tags to ensure the tags will not break function tep_parse_input_field_data($data, $parse) { return strtr(trim($data), $parse); } function tep_output_string($string, $translate = false, $protected = false) { if ($protected == true) { return htmlspecialchars($string); } else { if ($translate == false) { return tep_parse_input_field_data($string, a
Recommended Posts
Archived
This topic is now archived and is closed to further replies.