Jump to content



Photo
- - - - -

Auto Login BUG


  • Please log in to reply
41 replies to this topic

#21   blueline

blueline
  • Members
  • 994 posts
  • Real Name:Chris Sullivan
  • Location:Atlanta, GA - USA

Posted 21 November 2003 - 00:54

Actually, I am not getting a cookie installed at all. I tried the "test" cookie process in application_top and that works, but the auto login cookies just don't install....
Chris Sullivan

#22   aedmonds

aedmonds
  • Members
  • 16 posts
  • Real Name:Aaron

Posted 21 November 2003 - 01:17

Actually, I am not getting a cookie installed at all. I tried the "test" cookie process in application_top and that works, but the auto login cookies just don't install....

Is your "test" cookie being called with the PHP setcookie function or the OSC tep_setcoookie function? I changed all of mine to use the tep_setcookie function...not sure if that makes any difference... /dry.gif' class='bbc_emoticon' alt='<_<' />

Another thing I did was I changed all of the:
$cookie_url_array = parse_url((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . substr(DIR_WS_CATALOG, 0, -1));
$cookie_path = $cookie_url_array['path'];
to the following:
if (function_exists('session_set_cookie_params')) {
	session_set_cookie_params(0, $cookie_path, $cookie_domain);
} elseif (function_exists('ini_set')) {
  ini_set('session.cookie_lifetime', '0');
  ini_set('session.cookie_path', $cookie_path);
  ini_set('session.cookie_domain', $cookie_domain);
}

Not sure if that has any effect either...guess we'll find out now, won't we....

Can somebody tell me if that will effect OSC in any negative way?

Thanks

-Aaron

#23   blueline

blueline
  • Members
  • 994 posts
  • Real Name:Chris Sullivan
  • Location:Atlanta, GA - USA

Posted 21 November 2003 - 14:38

Actually, the "test" cookie is being called with the setcookie function that comes with PHP. That works.

The other cookie which is being called by the tep_setcookie function is not working.

I have included the code below so that you can see.

The "test" cookie
// Determine if cookies are enabled  
setcookie("TEMPCOOKIE", "CookieOn", time() + 60 * 60); 
$cookieinfo = $HTTP_COOKIE_VARS["TEMPCOOKIE"]; 
if ($cookieinfo == "CookieOn") {
global $cookies_on;
$cookies_on = true;
}

The "autologin" cookie
// HMCS: Begin Autologon	******************************************************************
if ($cookies_on == true) { 
if (ALLOW_AUTOLOGON == 'true') {                                // Is Autologon enabled?
  if (basename($PHP_SELF) != FILENAME_LOGIN) {                  // yes
    if (!tep_session_is_registered('customer_id')) {
      include('includes/modules/autologon.php');
	}
  }
} else {
  setcookie("email_address", "", time() - 3600, $cookie_path);  //no, delete email_address cookie
  setcookie("password", "", time() - 3600, $cookie_path);       //no, delete password cookie
}
}
// HMCS: End Autologon  ******************************************************************

Thanks a bunch guys.
-Chris
Chris Sullivan

#24   aedmonds

aedmonds
  • Members
  • 16 posts
  • Real Name:Aaron

Posted 21 November 2003 - 17:32

Actually Chris, the autologn cookie code that you posted is only deleting the cookie. Notice how it is giving a value of "" and the time is set for the past.

Lets see what is in your autologon.php code...

#25   blueline

blueline
  • Members
  • 994 posts
  • Real Name:Chris Sullivan
  • Location:Atlanta, GA - USA

Posted 21 November 2003 - 19:21

Here ya go. Thanks for the help.

<?php
/*
  $Id: autologon.php,v 1.11 2003/01/18 20:00:00  Exp $

  osCommerce, Open Source E-Commerce Solutions
  http://www.oscommerce.com

  Copyright (c) 2003 osCommerce
  Copyright (c) 2003 HMCservices
  Released under the GNU General Public License
*/
if ($cookies_on == true) {

$cookie_url_array = parse_url((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . substr(DIR_WS_CATALOG, 0, -1));
$cookie_path = $cookie_url_array['path'];	
if (($email_address != "") && ($password != "")) {
  $check_customer_query = tep_db_query("select customers_id, customers_firstname, customers_lastname, customers_password, customers_email_address, customers_default_address_id from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "'");
  if (tep_db_num_rows($check_customer_query)) {
    $check_customer = tep_db_fetch_array($check_customer_query);
    if (tep_validate_password($password, $check_customer['customers_password'])) {
       if (SESSION_RECREATE == 'True') {
          tep_session_recreate();
        }
      $check_country_query = tep_db_query("select entry_country_id, entry_zone_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . $check_customer['customers_id'] . "' and address_book_id = '" . (int)$check_customer['customers_default_address_id'] . "'");
      $check_country = tep_db_fetch_array($check_country_query);

      $customer_id = $check_customer['customers_id'];
      $customer_default_address_id = $check_customer['customers_default_address_id'];
      $customer_first_name = $check_customer['customers_firstname'];
      $customer_country_id = $check_country['entry_country_id'];
      $customer_zone_id = $check_country['entry_zone_id'];
      if(!tep_session_is_registered('customer_id'))
          tep_session_register('customer_id');
      if(!tep_session_is_registered('customer_default_address_id'))
          tep_session_register('customer_default_address_id');
      if(!tep_session_is_registered('customer_first_name'))
   tep_session_register('customer_first_name');
      if(!tep_session_is_registered('customer_country_id'))
          tep_session_register('customer_country_id');
      if(!tep_session_is_registered('customer_zone_id'))
          tep_session_register('customer_zone_id');

      setcookie('email_address', $email_address, time()+ (365 * 24 * 3600), $cookie_path, '', ((getenv('HTTPS') == 'on') ? 1 : 0));
      setcookie('password', $check_customer['customers_password'], time()+ (365 * 24 * 3600), $cookie_path, '', ((getenv('HTTPS') == 'on') ? 1 : 0));
      $date_now = date('Y-m-d');
      $qr = "update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_of_last_logon = now(), customers_info_number_of_logons = customers_info_number_of_logons+1 where customers_info_id = '" . $customer_id . "'";
      tep_db_query($qr);
      $cart->restore_contents();    // restore cart contents
    }
  }
} else {
  if($autologon_executed != 'true'){
    $autologon_page = '<html><head><meta http-equiv="Refresh" content="0;URL=' . tep_href_link(FILENAME_LOGOFF, '', 'SSL') . '"></head><body></body></html>';
    $autologon_link = ((getenv('HTTPS') == 'on') ? 'https://' : 'http://') . $SERVER_NAME . $REQUEST_URI . (strpos($REQUEST_URI, "?") ? '&' : '?') . SID;
    $autologon_executed = 'true';
    if(!tep_session_is_registered('autologon_link'))
        tep_session_register('autologon_link');
    if(!tep_session_is_registered('autologon_executed'))
	tep_session_register('autologon_executed');
    tep_session_close();
    exit($autologon_page);
  }
}
if (tep_session_is_registered('autologon_link')) {
  $x = $autologon_link;
  tep_session_unregister('autologon_link');
  tep_redirect($x);
}
}
?>

Thanks again/
Chris Sullivan

#26   aedmonds

aedmonds
  • Members
  • 16 posts
  • Real Name:Aaron

Posted 21 November 2003 - 21:59

Could you tell if you are using the "Use Search-engine Friendly URLs" setting?

-Aaron

#27   blueline

blueline
  • Members
  • 994 posts
  • Real Name:Chris Sullivan
  • Location:Atlanta, GA - USA

Posted 22 November 2003 - 01:07

No I am not.
Chris Sullivan

#28   allymacneil

allymacneil
  • Members
  • 158 posts
  • Real Name:Ally Macneil
  • Location:Scotland

Posted 06 October 2006 - 00:37

I was having all the problems with autologon 1.08 and logoff.php.

Would get blank screen, changed, Filename_Logoff to Filename_Default in autologon.php and still got blank screen when I would logoff and when I would close the browser and open it and get a blank screen again, pressing F5 would then make the site appear.


In autologon.php I made the change
//		 $autologon_page = '<html><head><meta http-equiv="Refresh" content="0;URL=' . tep_href_link(FILENAME_DEFAULT, '', 'SSL') . '"></head><body></body></html>';
to
			$autologon_page = header("Location: index.php");

May well have speeded things up but it didn't solve any of my problems.



I took a little poetic license with an earlier post, bit of a variation on a theme and it is WORKING

In autologon.php, I made a change to an earlier suggested change at the top of autologon.php, I changed:
setcookie("TEMPCOOKIE", "CookieOn", time() + 60 * 60); 
$cookieinfo = $HTTP_COOKIE_VARS["TEMPCOOKIE"]; 

if ($cookieinfo == "CookieOn")
to
setcookie("TEMPCOOKIE", "CookieOn", time() + 60 * 60); 
$cookieinfo = $HTTP_COOKIE_VARS["TEMPCOOKIE"]; 

$cookieinfo2 = "";
$cookieinfo2 = $HTTP_COOKIE_VARS["email_address"];

if ($cookieinfo == "CookieOn" && $cookieinfo2 != "" ) 
{

Have tested and retested and I am not getting blank screens, I can log off and be redirected to the home page, things look good.

Spent hrs on this, well, on and off for days now, will test it some more, retest it tomorrow, and then get some users to test the whole new checkout experience.

Will post back if things are still good. Looks good so far
"Know that this is your God, who could not consent to send anyone else to save you, but would come himself that he might gain for himself all your love." St Alphonsus Ligouri

#29   allymacneil

allymacneil
  • Members
  • 158 posts
  • Real Name:Ally Macneil
  • Location:Scotland

Posted 07 October 2006 - 00:29

Will post back if things are still good. Looks good so far



Ok everyone, everything is still going good,

There's a test site at
http://test.naturalfigure.co.uk


I'm happy with it all now, have seriously bug tested it and its holding water.

Hope this Helps, getting this working dragged out way longer than I wanted but am now happy with my FEC and autologon working together so roll on all them extra conversions :-)
ally
"Know that this is your God, who could not consent to send anyone else to save you, but would come himself that he might gain for himself all your love." St Alphonsus Ligouri

#30   allymacneil

allymacneil
  • Members
  • 158 posts
  • Real Name:Ally Macneil
  • Location:Scotland

Posted 07 October 2006 - 01:00

I'm happy with it all now, have seriously bug tested it and its holding water.



Famous last words, was just wanting to not show the remember me checkbox if cookies arent enabled, and found a wee bug, so I think I'll call it a night and leave something to do for over the weekend / early next week.
"Know that this is your God, who could not consent to send anyone else to save you, but would come himself that he might gain for himself all your love." St Alphonsus Ligouri

#31   allymacneil

allymacneil
  • Members
  • 158 posts
  • Real Name:Ally Macneil
  • Location:Scotland

Posted 09 October 2006 - 20:05

setcookie("TEMPCOOKIE", "CookieOn", time() + 60 * 60); 
$cookieinfo = $HTTP_COOKIE_VARS["TEMPCOOKIE"]; 

$cookieinfo2 = "";
$cookieinfo2 = $HTTP_COOKIE_VARS["email_address"];

if ($cookieinfo == "CookieOn" && $cookieinfo2 != "" ) 
{



Ok, so a little bit of bug hunting reveled as plain as day as the code above shows (for anyone who knows about cookies as I do now a little more)

That my cookie was expiring after an hour. Have changed this to be
setcookie("TEMPCOOKIE", "CookieOn", time() + 60 * 60 * 24 * 365 * 3);

So as it will remember me for up to 3 yrs :-)

The all important code in my application_top.php now looks like this:

// HMCS: Begin Autologon	******************************************************************

setcookie("TEMPCOOKIE", "CookieOn", time() + 60 * 60 * 24 * 365 * 3); //Remember this cookie for 3yrs
$cookieinfo = $HTTP_COOKIE_VARS["TEMPCOOKIE"]; 

//Only do autologon if there is an email set in cookie - avoids nasty logoff mishap
$cookieinfo2 = "";
$cookieinfo2 = $HTTP_COOKIE_VARS["email_address"];


if (ALLOW_AUTOLOGON == 'true' && $cookieinfo == "CookieOn" && $cookieinfo2 != "" )  // Is Autologon enabled and cookies permissable
{								
  if (basename($PHP_SELF) != FILENAME_LOGIN) 
  {				  // yes
//	if (!tep_session_is_registered('customer_id')) {
	if ( ($session_started) && (!tep_session_is_registered('customer_id')) ) 
	{
	  include('includes/modules/autologon.php');
	}
  }
} 
else 
{
  setcookie("email_address", "", time() - 60 * 60 * 24 * 365 * 3, $cookie_path);  //no, delete email_address cookie
  setcookie("password", "", time() - 60 * 60 * 24 * 365 * 3, $cookie_path);	   //no, delete password cookie
}

// HMCS: End Autologon		******************************************************************

"Know that this is your God, who could not consent to send anyone else to save you, but would come himself that he might gain for himself all your love." St Alphonsus Ligouri

#32   danil0

danil0
  • Members
  • 101 posts
  • Real Name:Daniel
  • Gender:Male
  • Location:Greece Athens

Posted 28 February 2007 - 23:51

I m using SSL and when I enable autologon from Admin ... it takes my to logoff.php ... it does not work for me /sad.gif' class='bbc_emoticon' alt=':(' />

#33   Coopco

Coopco
  • Members
  • 9,557 posts
  • Real Name:Leslie Cooper
  • Gender:Male
  • Location:Sea Lake, Victoria, Australia

Posted 01 March 2007 - 09:26

I m using SSL and when I enable autologon from Admin ... it takes my to logoff.php ... it does not work for me /sad.gif' class='bbc_emoticon' alt=':(' />

I doubt that it ever worked for anyone.


The Coopco Underwear Shop



If you live to be 100 years of age, that means you have lived for 36,525 days. Don't waste another, there aren't many left.

#34   OutsideTheBox

OutsideTheBox
  • Members
  • 7 posts
  • Real Name:Robert Starkey

Posted 18 April 2007 - 18:38

I'll be quite honest, there's been so many quote on quote "fixes" to this mod, and I've heard
nothing but bad things about it. I attempted to install it on my test cart and wound up undoing
the install because it caused errors beyond my current programming expertise.

Can someone fix up the instructions and re-release the VERY IMPORTANT and VITAL mod?

#35   pulp2

pulp2
  • Members
  • 132 posts
  • Real Name:Bill Nedster

Posted 01 May 2007 - 18:02

In the SEO quick fix, by zombie, on the contribution page. It says: in catalog/includes/boxes/meberlogin.php

find

if(ALLOW_AUTOLOGON != 'false') {

and above it add

if ($cookies_on == true) {


find
// HMCS: End Autologon **********************************************************

and right above it add

}



I cant seem to find the directory catalog/includes/boxes/meberlogin.php or anything close. What file should I be looking for, to make this fix work?


Thanks!

#36   pulp2

pulp2
  • Members
  • 132 posts
  • Real Name:Bill Nedster

Posted 02 May 2007 - 21:01

I'm also getting the fallowing error message: Parse error: syntax error, unexpected T_BOOLEAN_AND in /public_html/catalog/login.php on line 220. For some reason it doesn't like the fallowing line:

<?php // HMCS: Begin Autologon	**********************************************************
				  if(ALLOW_AUTOLOGON != 'false') && ($cookies_on == true)) {
				  ?>


If anyone could help me with any of this, I would really appreciate it.

#37   Coopco

Coopco
  • Members
  • 9,557 posts
  • Real Name:Leslie Cooper
  • Gender:Male
  • Location:Sea Lake, Victoria, Australia

Posted 03 May 2007 - 14:48

I'm also getting the fallowing error message: Parse error: syntax error, unexpected T_BOOLEAN_AND in /public_html/catalog/login.php on line 220. For some reason it doesn't like the fallowing line:

<?php // HMCS: Begin Autologon	**********************************************************
				  if(ALLOW_AUTOLOGON != 'false') && ($cookies_on == true)) {
				  ?>
If anyone could help me with any of this, I would really appreciate it.

My advice is to not install autologin.


The Coopco Underwear Shop



If you live to be 100 years of age, that means you have lived for 36,525 days. Don't waste another, there aren't many left.

#38   Hade

Hade
  • Members
  • 100 posts
  • Real Name:Hayden Kibble

Posted 04 May 2007 - 21:27

Hey Chris,

I had the same problem...I've been working on getting this implemented on my site but have been very frustrated. What I found was the problem for me was that I was using the "Use Search -Engine Safe URLs" option but contribution works off of a PHP get path which pulled up "action" for my path. Try sorting your cookies by when they were last modified and play around with it. My cookies were coming up with the domain "action." You need to go into the code if you are having this problem...

Hope that helps...

Although I'm having a problem of my own. The Autologon feature works great on my computer, but whenever I use my brother's computer, login, close the browser, and open up the site again, I get automatically sent to a secured logoff page. So maybe someone can help me with that one?

Maybe the wizards might return and give some help...

Thanks

-Aaron


Same here. When I check the autologin box and leave the site and come back, it goes straight to the log off page (logoff.php)

It's exactly the same for firefox and IE. Any ideas anyone?
Read the forum rules...

#39   Hade

Hade
  • Members
  • 100 posts
  • Real Name:Hayden Kibble

Posted 19 June 2007 - 12:01

Right I need to get this sorted.
I'm still getting redirected to logoff.php when I revisit my site. Also, when returning to the site root, I'm faced with the 'please log in' message.

I think catalog/includes/modules/autologon.php is to blame.
The end of the file is as follows:

} else {
  if($autologon_executed != 'true'){
	$autologon_page = '<html><head><meta http-equiv="Refresh" content="0;URL=' . tep_href_link(FILENAME_LOGOFF, '', 'SSL') . '"></head><body></body></html>';
	$autologon_link = ((getenv('HTTPS') == 'on') ? 'https://' : 'http://') . $SERVER_NAME . $REQUEST_URI . (strpos($REQUEST_URI, "?") ? '&' : '?') . SID;
	$autologon_executed = 'true';
	if(!tep_session_is_registered('autologon_link'))
		tep_session_register('autologon_link');
	if(!tep_session_is_registered('autologon_executed'))
	tep_session_register('autologon_executed');
	tep_session_close();
	exit($autologon_page);
  }
}
if (tep_session_is_registered('autologon_link')) {
  $x = $autologon_link;
  tep_session_unregister('autologon_link');
  tep_redirect($x);
}

?>

Should the else condition be fired when returning to the site? The if condition is this:

if (($email_address != "") && ($password != "")) {

Should that be returning false?
Any help greatly appreciated.
Read the forum rules...

#40   MindTwist

MindTwist
  • Members
  • 83 posts
  • Real Name:Aitor Fernandez
  • Gender:Male
  • Location:Barcelona, Spain

Posted 06 November 2007 - 21:29

Doh... I was actually going to install (or at least try to) this contrib, but seeing the many problems it can give, I think I will pass /sad.gif' class='bbc_emoticon' alt=':(' />
MindTwist of Twisted Reality and Twisted Tienda