please help me secure my site. thank you
Edited by greatdeals_007, 22 November 2009, 15:22.
Latest News: (loading..)
0
Password Protection does not work
Started by greatdeals_007, Nov 22 2009, 15:22
4 replies to this topic
#1
Posted 22 November 2009, 15:22
I noticed when I type in my domain name/admin that it goes right into the administration screen? I have cleared all my cookies & cache but it still occurs. if I click on file access it does prompt for a login but if I don't click that link I can right in.
please help me secure my site. thank you
please help me secure my site. thank you
#2
-
- Community Sponsor
-
- 7,731 posts
- Real Name:Geoffrey Walton
- Gender:Male
- Location:Norfolk, UK (close to the centre of the universe)
Posted 22 November 2009, 21:41
What path do you have set in /admin/includes/configure.php for the admin directory?
G
G
Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile
Virus Threat Scanner
My Contributions
Basic install answers.
Click here for Contributions / Add Ons.
UK your site.
Site Move.
Basic design info.
For links mentioned in old answers that are no longer here follow this link Useful Threads.
If this post was useful, click the Like This button over there ======>>>>>.
Virus Threat Scanner
My Contributions
Basic install answers.
Click here for Contributions / Add Ons.
UK your site.
Site Move.
Basic design info.
For links mentioned in old answers that are no longer here follow this link Useful Threads.
If this post was useful, click the Like This button over there ======>>>>>.
#3
Posted 24 November 2009, 06:44
Similar problem!
admin works ok, but another "admin"-section with same index.php and login.php (and correct folder in configure.php) does not prompt for password.
The other "admin"-section is localized and for the shop admin, I use the original admin.
admin works ok, but another "admin"-section with same index.php and login.php (and correct folder in configure.php) does not prompt for password.
The other "admin"-section is localized and for the shop admin, I use the original admin.
#4
Posted 24 November 2009, 11:01
The same code are in both index.php's - in admin it generates "login" in secondary it just jumps in. DIR_WS_ADMIN is correct in both.
<?php
/*
$Id: index.php 1739 2007-12-20 00:52:16Z hpdl $
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright © 2007 osCommerce
Released under the GNU General Public License
*/
require('includes/application_top.php');
$languages = tep_get_languages();
$languages_array = array();
$languages_selected = DEFAULT_LANGUAGE;
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
$languages_array[] = array('id' => $languages[$i]['code'],
'text' => $languages[$i]['name']);
if ($languages[$i]['directory'] == $language) {
$languages_selected = $languages[$i]['code'];
}
}
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php echo HTML_PARAMS; ?>>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
<meta name="robots" content="noindex,nofollow">
<title><?php echo TITLE; ?></title>
<link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
<script language="javascript" src="includes/general.js"></script>
</head>
<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF" onload="SetFocus();">
<!-- header //-->
<?php require(DIR_WS_INCLUDES . 'header.php'); ?>
<!-- header_eof //-->
<!-- body //-->
<table border="0" width="100%" cellspacing="2" cellpadding="2">
<tr>
<td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="1" cellpadding="1" class="columnLeft">
<!-- left_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_left.php'); ?>
<!-- left_navigation_eof //-->
</table></td>
<!-- body_text //-->
<td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
<tr>
<td><table border="0" width="100%" cellspacing="0" cellpadding="2" height="40">
<tr>
<td class="pageHeading"><?php echo STORE_NAME; ?></td>
<td class="pageHeading" align="right"><?php echo tep_draw_form('adminlanguage', FILENAME_DEFAULT, '', 'get') . tep_draw_pull_down_menu('language', $languages_array, $languages_selected, 'onChange="this.form.submit();"') . tep_hide_session_id() . '</form>'; ?></td>
</tr>
</table></td>
</tr>
<tr>
<td><table border="0" width="100%" cellspacing="0" cellpadding="2">
<?php
$file_extension = substr($PHP_SELF, strrpos($PHP_SELF, '.'));
$files = array();
if ($dir = @dir(DIR_FS_ADMIN . 'includes/modules/index')) {
while ($file = $dir->read()) {
if (!is_dir($module_directory . $file)) {
if (substr($file, strrpos($file, '.')) == $file_extension) {
$files[] = $file;
}
}
}
sort($files);
$dir->close();
}
$col = 0;
for ($i=0, $n=sizeof($files); $i<$n; $i++) {
if (file_exists(DIR_WS_LANGUAGES . $language . '/modules/index/' . $files[$i])) {
include(DIR_WS_LANGUAGES . $language . '/modules/index/' . $files[$i]);
}
if ($col < 1) {
echo ' <tr>' . "\n";
}
$col++;
if ($col <= 2) {
echo ' <td width="50%" valign="top">' . "\n";
}
include('includes/modules/index/' . $files[$i]);
if ($col <= 2) {
echo ' </td>' . "\n";
}
if ( !isset($files[$i+1]) || ($col == 2) ) {
if ( !isset($files[$i+1]) && ($col == 1) ) {
echo ' <td width="50%" valign="top"> </td>' . "\n";
}
$col = 0;
echo ' </tr>' . "\n";
}
}
?>
</table></td>
</tr>
</table></td>
</tr>
</table>
<!-- body_eof //-->
<!-- footer //-->
<?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
<!-- footer_eof //-->
<br>
</body>
</html>
<?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>
<?php
/*
$Id: index.php 1739 2007-12-20 00:52:16Z hpdl $
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright © 2007 osCommerce
Released under the GNU General Public License
*/
require('includes/application_top.php');
$languages = tep_get_languages();
$languages_array = array();
$languages_selected = DEFAULT_LANGUAGE;
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
$languages_array[] = array('id' => $languages[$i]['code'],
'text' => $languages[$i]['name']);
if ($languages[$i]['directory'] == $language) {
$languages_selected = $languages[$i]['code'];
}
}
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php echo HTML_PARAMS; ?>>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
<meta name="robots" content="noindex,nofollow">
<title><?php echo TITLE; ?></title>
<link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
<script language="javascript" src="includes/general.js"></script>
</head>
<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF" onload="SetFocus();">
<!-- header //-->
<?php require(DIR_WS_INCLUDES . 'header.php'); ?>
<!-- header_eof //-->
<!-- body //-->
<table border="0" width="100%" cellspacing="2" cellpadding="2">
<tr>
<td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="1" cellpadding="1" class="columnLeft">
<!-- left_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_left.php'); ?>
<!-- left_navigation_eof //-->
</table></td>
<!-- body_text //-->
<td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
<tr>
<td><table border="0" width="100%" cellspacing="0" cellpadding="2" height="40">
<tr>
<td class="pageHeading"><?php echo STORE_NAME; ?></td>
<td class="pageHeading" align="right"><?php echo tep_draw_form('adminlanguage', FILENAME_DEFAULT, '', 'get') . tep_draw_pull_down_menu('language', $languages_array, $languages_selected, 'onChange="this.form.submit();"') . tep_hide_session_id() . '</form>'; ?></td>
</tr>
</table></td>
</tr>
<tr>
<td><table border="0" width="100%" cellspacing="0" cellpadding="2">
<?php
$file_extension = substr($PHP_SELF, strrpos($PHP_SELF, '.'));
$files = array();
if ($dir = @dir(DIR_FS_ADMIN . 'includes/modules/index')) {
while ($file = $dir->read()) {
if (!is_dir($module_directory . $file)) {
if (substr($file, strrpos($file, '.')) == $file_extension) {
$files[] = $file;
}
}
}
sort($files);
$dir->close();
}
$col = 0;
for ($i=0, $n=sizeof($files); $i<$n; $i++) {
if (file_exists(DIR_WS_LANGUAGES . $language . '/modules/index/' . $files[$i])) {
include(DIR_WS_LANGUAGES . $language . '/modules/index/' . $files[$i]);
}
if ($col < 1) {
echo ' <tr>' . "\n";
}
$col++;
if ($col <= 2) {
echo ' <td width="50%" valign="top">' . "\n";
}
include('includes/modules/index/' . $files[$i]);
if ($col <= 2) {
echo ' </td>' . "\n";
}
if ( !isset($files[$i+1]) || ($col == 2) ) {
if ( !isset($files[$i+1]) && ($col == 1) ) {
echo ' <td width="50%" valign="top"> </td>' . "\n";
}
$col = 0;
echo ' </tr>' . "\n";
}
}
?>
</table></td>
</tr>
</table></td>
</tr>
</table>
<!-- body_eof //-->
<!-- footer //-->
<?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
<!-- footer_eof //-->
<br>
</body>
</html>
<?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>
