Jump to content
Latest News: (loading..)

Search the Community

Showing results for tags 'login'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • News and Announcements
    • News and Announcements
    • Partner Announcements
    • Ambassadors
  • Commercial Support
    • Developer Feedback
  • osCommerce Online Merchant v2.x
    • General Support
    • Installation and Configuration
    • Upgrading from Earlier Versions (v2.x to v2.x)
    • Add-Ons
    • Tips and Tricks
    • Security
  • Development
    • osCommerce Online Merchant v2.4
    • osCommerce Online Merchant Community Bootstrap Edition
    • osCommerce Online Merchant v3.x
    • Development Proposals
  • General
    • OSCOMMERCE.TV
    • Next Steps / Optimizations / Marketing
    • Live Shop Reviews
    • E-Commerce Laws
    • General Discussions
    • PHP / SQL / Web Design
  • Club osC's Announcements
  • PayPal's Announcements
  • Sage Pay's Announcements
  • Solomono - new level osCommerce templates's Announcements
  • German Community's OSCOM v2.x
  • German Community's Allgemein
  • German Community's OSCOM v3.x

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Real Name


Location


Interests


Website


Skype

Found 12 results

  1. Hi, After using Ultimate SEO url my clients can not longer log in, create an account nor click any buttons for that matter that would do anything. My config files are correct, everything else works fine except that part. when I revert or simply remove part of the plugin everything works well again, that is, log in, create an account and click any buttons that would do anything. I would really like to use this plugin however if there is no fix for this i would have to change it... Someone please help me Thanks
  2. I have a very heavily modified install of osC 2.2 MS2 - 060817. Recently I changed the entire shop to use HTTPS. To achieve this, I changed the two configure.php files - the one for the shop and the one for the administration section. The relevant part of the shop's configure.php is now: define('HTTP_SERVER', 'https://www.my*web*shop.nl'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://www.my*web*shop.nl'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'www.my*web*shop.nl'); define('HTTPS_COOKIE_DOMAIN', 'www.my*web*shop.nl'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); (...) define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql' Administration > Configure > Sessions is this: Session Directory /usr/local/sites/*******/tmp/ Force Cookie Use False Check SSL Session ID False Check User Agent False Check IP Address False Prevent Spider Sessions True Recreate Session True Now a problem occurs. The osCsid stays in the URL all the time (not really recommended) and logging in is not possible. If I manually remove the osCsid variable form the URL I can login, but obviously this is not something I can expect my customers to do. I found two possible solutions, by changing the settings in Configure > Sessions: 1. Set the value for "Force Cookie Use" to TRUE. Now the osCsid simply never appears in the URL (is that good or bad?) and visitors must have cookies enabled (workable, but not perfect). or 2. Set the value for "Recreate Session" to FALSE. The osCsid variable keeps on appearing in the URL every click (not really good), but at least the visitor can log in. But these are not really the solutions I want. While the site was completely NON-SSL, the osCsid variable showed up only once in the URL, and disappeared the next click. I do not force visitors to use cookies. And I recreate the session. That's how I like it to be. My question: Why is the behavior different when using SSL? Or rather: what should I do/change so that - visitors can log in - the osCsid variable appears only once in the URL - Force cookie use can be FALSE - Recreate Session can be TRUE just like it used to be when the shop was NONSSL. Or if I am asking something impossible, what are the (serious) down sides to Force Cookie Use : True and Recreate Session : False? For example, I read elsewhere on the forum some vague rumors that some payment processors need an osCsid or that not recreating the session could be a security issue. Btw, the shop is so heavily modified that a complete upgrade to osC 2.3.4 BS Edge or so is not an option.
  3. Liebe Oscommerce-Gemeinde, seit ca. 3 Jahren habe ich die PayPal App "Login mit PayPal" funktionstüchtig installiert. Seit ein paar Tagen funktioniert das Teil nicht mehr vollständig. Es wurden keine Änderungen meinerseits am Shopsystem vorgenommen. Version: v2.3.4 Problembeschreibung: Wenn sich ein Kunde via "Login mit PayPal" anmeldet werden seit jüngster Zeit folgende Daten nicht mehr übertragen: Anrede, Vorname, Nachname, Geburtsdatum Im Adminbereich unter der PayPal-App/Log werden alle Daten übernommen aber eben Anrede, Vorname, Nachname, Geburtsdatum nicht an den Shop/Kundenkonto weiter gegeben. Hat noch jemand das Problem? Oder an was könnte das liegen? Gruß, Frank
  4. Jack_mcs

    Minor Security Issue

    I've ran across a security issue that everyone should be aware of. I recently worked on two, unrelated, shops that had been hacked. One was an RC2 shop while the other was a fairly recent BS shop. Both had renamed admin directories. I was not able to find the way in the hacker used since the hacking had occurred over a month before in both cases. However, the change made by the hacker was the same in both cases. Code was added to the checkout pages to record the customer details and to write them to a .txt file in the admin/includes/local/ directory. It turns out that that directory (any directory in admin) is not protected with the normal on-page login. So without being logged in, the hacker could read the file by going to https://example.com/admin/local/hacker.txt. You can test this on your own site by visiting https://your domain/your admin/local/README The README file is a standard file included in all oscommerce versions. If you can read that file via the url, then your admin is not secure. The fix is to add a popup login using the .htaccess method. This change won't prevent the reason it happened in the first place but it will prevent the data from being used should it happen.
  5. douglaswalker

    Login With PayPal

    hi there I have recently put login with Paypal on my site. All works but it asks for confirmation everytime I login to it. i thought that after the initial request it would auto approve... any ideas? Doug
  6. Please please.. Who can help me? I have OsC2.3.4BS Edge on PHP5.6. Existing clients with >1 address get this error: (see attached image) Warning: session_start(): Failed to decode session object. Session has been destroyed. The effect is that the checkout procedure is redirected to the login page again This line: ...\sessions.php:122 contains this: return session_start(); This code previously used to be at line 95 (I did only add some comment). Please help, I have been researching for days already, without results.. Much obliged if.. Eveline Bernard
  7. tgely

    Facebook APP

    Hi all, I have started figure out Facebook Login and put into the Facebook APP interface https://github.com/Gergely/facebook-app Any proposal appreciated. Testers wanted. Facebook Login enable to log in with facebook account and create a social account in the shop. FBLogin registrate the user with origin facebook email address. Thanks
  8. Hi, My Oscommerce admin login page not show any thing, first time when i login it asking me password then i put the password it show me the admin page with userid or password but it redirect to home page.... after that i will open login page its show blank page.... please help me for that
  9. Would anybody be able to shed some light on this error? I understand that it's generated by the mod_security module on my server but is this purely my server-side? I've followed the instructions to the letter but after putting in my login details in the PayPal Login pop-up window I get the above. If I have to contact my host, then fair enough but is there any way that I could do this myself? Every search I do for it only returns articles about WordPress. Regards, Graham p.s. I wasn't sure which sub-forum to put this in. I decided on here as the module came with the 2.3.4 package.
  10. Hi Harald, What is the configuration on paypal login Thank you Paypal developper account Application name: osc Application display name: osc edit App redirect URLs Edit Redirect URLs are required for Log In with PayPal features. Application return URL (test) : ????????????? Application return URL (live) : 5] Cancel REST API CREDENTIALS Test credentials Your test credentials are enabled for all features in your application. Test account: 5]test-facilitator@@Toto.com Endpoint: 5] api.sandbox.paypal.com Client ID: 5] ==> ok module AYqdIhD0q5Z3yPjYt3s2xFx5stzIuZwGkoVWgW5QVtTVMtTR2 Secret: 5] ==> Ok Module EM7btxBTHXxk1hw85itNyKs-8TFEDRTCKsVhEpYPdthMHn322f Other ?
  11. I'm running v2.3.3. I downloaded this contribution: http://addons.oscommerce.com/info/8727 I've followed all of the instructions properly. Okay, so here is where it all falls apart. I'm browsing the admin section, and decide to visit the "Sliders" admin area under "Configuration"... When I click on "Sliders", I am logged out, and a new session ID is generated (login.php?osCAdminID=<new session id here>) When I log back in, I land on the "Sliders" admin panel (with same session ID shown on login page). If I then try to upload a slider, I'm logged out, and a new session ID is generated (shown on the login page). So there you have it - when I try to navigate to the slider settings page, I'm logged out, and when I try to upload an image, I'm logged out. I have no other issues with this happening anywhere else on the store or any other session issues. My store is running perfectly fine. I installed this addon, and this issue only arises when accessing or using the particular admin panel for the addon. Any help would be appreciated! Cordially, Robert Whitis
  12. JoséQueiroga

    Adding language - error login

    Hello, I bought a premium theme for oscommerce and I installed it into my store, so my files are quite different from the original ones. So, to add the Portuguese language, I copied all the english files on the includes/languages/english folder, and I translated them one by one to portuguese. Know that I'm almost finished, I encountered an expected error. When I try to login (as a costumer) on the store, with the english language on, everything goes well. But with the portuguese language on, I cant do the login. It goes back to the index page, but the client is not logged in. You can try and see yourselves: store: oursweetevents.com user: queiroga_14@hotmail.com pass: 12345 Can anyone figure out what's going wrong? Thanks
×