Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Not the same Login.php error?


brihan

Recommended Posts

Posted

Hi All,

 

I know this topic has been beat to death and I tried to research older post to figure out the (my) problem but I am still coming up short.

 

This is on a new install of 2.2 downloaded the other day (12/7/03).

 

I can create a new account but when I try to login I get the error:

 

You are not authorized to view this page

HTTP Error 403 - Forbidden

 

All admin functions work fine.

 

 

Here is what I know (to the best of my ability).

 

The SSL is correct

https://www.hades.safe-order.net/creia/catalog/login.php

 

If I purposely inter the wrong e-mail or password I will get the proper error page telling me:

"Error: No match for E-Mail Address and/or Password. "

 

If I click on "My Account" first and then enter my e-mail and Password it is OK and I can get into my account (and is also on my secure server).

 

The "Lock" is on in my Admin Panel.

 

That is what I know.

 

What I don't know is why I get the "You are not authorized to view this page

HTTP Error 403 - Forbidden" error when trying to login with my correct info so I can check out.

 

Any thoughts?

 

Thank you for any help you can provide.

 

Brian

Posted

Could it be a cookie problem?

 

If I set "Force Cookie Use" to "True" I get the error page (You are not authorized to view this page HTTP Error 403 - Forbidden) right off the bat when I click the link to go to the logon page. The problem I mentioned in the above post came after I entered the info and hit submit.

 

Thanks for any help you can provide.

 

Brian

Posted

Thanks beardeddone,

 

Through some round about way I was able to order a product and get through the checkout process but after the order was placed and I clicked the final "Continue" button that I guess should have taken me back to the cart I received the same "You are not authorized to view this page HTTP Error 403 - Forbidden" error.

 

I'm guessing they are related.

 

Anyone have any thoughts on fixing this?

 

Thanks,

 

Brian

  • 1 year later...
Posted

I'm having what looks like identical problems.

 

For example, when visiting the site as a guest, and I click the Write A Review button on a product's review page, I go through to the login page. I enter my email and password and click Sign In. When I'm using IE, I receive the "You Are Not Authorized..." message for the file login.php accessed through the secure server. If using Firefox, I get the "Forbidden..." message for the product_reviews_write.php file accessed through the secure server.

 

I can login okay from the My Account link and have no problems writing reviews or anything else.

 

It seems that if I'm accessing pages for which a login is required as a guest, this problem arises, but if I'm already logged in there are no problems.

Posted

A little bit more information, in light of the above suggestions.

 

The .htaccess file in the catalog directory has:

Options +FollowSymLinks -Indexes

DirectoryIndex index.php index.shtml index.htm index.html

 

# The following makes adjustments to the SSL protocol for Internet

# Explorer browsers

 

<IfModule mod_setenvif.c>

<IfDefine SSL>

SetEnvIf User-Agent ".*MSIE.*" \

nokeepalive ssl-unclean-shutdown \

downgrade-1.0 force-response-1.0

</IfDefine>

</IfModule>

---------------------------------------

And the rights for the directory are:

drwxrwxr-x

 

Any suggestions?

Posted

I found the answer in another post under "Help with Login error please":

 

In file \catalog\includes\functions\general.php, amend the redirect function to read:

 

function tep_redirect($url) {

if ( (ENABLE_SSL == true) && (getenv('HTTPS') == 'on') ) { // We are loading an SSL page

if (substr($url, 0, strlen(HTTP_SERVER)) == HTTP_SERVER) { // NONSSL url

$url = HTTPS_SERVER . DIR_WS_HTTPS_CATALOG . substr($url, strlen(HTTP_SERVER . DIR_WS_HTTP_CATALOG)); // Change it to SSL

}

}

header('Location: ' . $url);

 

tep_exit();

}

 

That did the trick!!

  • 4 weeks later...
Posted

Thank you so much for the post! i've been searching all over for this!

:'(

  • 1 month later...
Posted

Hi hi.. not sure if i'm doing it correctly. I went to the folder as mentioned and changed it as above. But when i go to login or create account, i still get the error

 

Forbidden

You don't have permission to access /login.php on this server.

 

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

 

Please help me.

 

 

 

 

Mine

 

<?php

/*

$Id: general.php,v 1.231 2003/07/09 01:15:48 hpdl Exp $

 

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2003 osCommerce

 

Released under the GNU General Public License

*/

 

////

// Stop from parsing any further PHP code

function tep_exit() {

tep_session_close();

exit();

}

 

////

// Redirect to another page or site

function tep_redirect($url) {

if ( (ENABLE_SSL == true) && (getenv('HTTPS') == 'on') ) { // We are loading an SSL page

if (substr($url, 0, strlen(HTTP_SERVER)) == HTTP_SERVER) { // NONSSL url

$url = HTTPS_SERVER . DIR_WS_HTTPS_CATALOG . substr($url, strlen(HTTP_SERVER . DIR_WS_HTTP_CATALOG)); // Change it to SSL

}

}

header('Location: ' . $url);

 

tep_exit();

}

 

 

////

// Parse the data used in the html tags to ensure the tags will not break

function tep_parse_input_field_data($data, $parse) {

return strtr(trim($data), $parse);

}

 

function tep_output_string($string, $translate = false, $protected = false) {

if ($protected == true) {

return htmlspecialchars($string);

} else {

if ($translate == false) {

return tep_parse_input_field_data($string, a

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...