Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

Simple Manual Order

dave111

By dave111
in General Add-Ons Support

 Share

Recommended Posts

dave111

dave111

Posted
Posted

anyone use the simple manual order entry contrib.

http://www.oscommerce.com/community/contributions,1927

 

It works fine only 1 problem, when you turn password security on in the script (change from false to true) when you try to access http://www.site.com/admin.php it prompts for password but wont let me in.

 

So every time i want to use the thing i have to go in and change security to false then login with no password, and when finished change it back to true.....very annoying.

 

Can anyone help?

Link to comment
Share on other sites
giftmaster

giftmaster

Posted
Posted
anyone use the simple manual order entry contrib.

http://www.oscommerce.com/community/contributions,1927

 

It works fine only 1 problem, when you turn password security on in the script (change from false to true) when you try to access http://www.site.com/admin.php it prompts for password but wont let me in.

 

So every time i want to use the thing i have to go in and change security to false then login with no password, and when finished change it back to true.....very annoying.

 

Can anyone help?

 

I posted the same questions a few weeks ago. No responce. I don't think it is a popular contrubtion. My site will be going live in about a week so I am working on the problem. I will let you know the fix (if I find it) :D

Raymond

Link to comment
Share on other sites
giftmaster

giftmaster

Posted
Posted
I posted the same questions a few weeks ago. No responce. I don't think it is a  popular contrubtion. My site will be going live in about a week so I am working on the problem. I will let you know the fix (if I find it)  :D

Raymond

 

Well I looked through the contrubution ...for about 2 hrs. I can't figure out why it does not work. I have contacted the creator of the contrubution via email. I hope to have a fix real soon.

Raymond

Link to comment
Share on other sites
giftmaster

giftmaster

Posted
Posted
Well I looked through the contrubution ...for about 2 hrs. I can't figure out why it does not work. I have contacted the creator of the contrubution via email. I hope to have a fix real soon.

Raymond

 

The creator of the contrubution emailed me and said "Thanks for contacting us, and choosing to make use of our Mod. There are

no known bugs with the software in terms of password protection. Did you

follow the instructions regarding securing the mod?

 

If you would like us to investigate the problem with your setup, we can

do this. I would estimate we could have the problem resolved within 30

mins, but if it was going to take longer we would contact you prior to

proceeding. We charge $US50 per hour for this sort of work. Payment is

via PayPal."

I'm not sure what to make of it. I will keep you up to date.

Raymond

Link to comment
Share on other sites
  • 4 weeks later...
giftmaster

giftmaster

Posted
Posted
Any update on this? Is this contrib actually supported?

 

I don't think so. After contacting the creator I'm not even sure it was completed. It seem it was half done so the company can charge you to finish it.

I keep a copy of the Admin file localy so when I need to use it I up load the admin file then delete it from my site when I am done.

Link to comment
Share on other sites
  • 7 months later...
  • 1 month later...
Guest

Guest

Posted
Posted (edited)

Geoff from Attitude here. We have received quite a few "thanks yous" - so there are a few people using this without issue.

 

I think your issues will be related to web server support for the authentication system we borrowed from another contribution (?Admin Authentication for 2.2? by Bao Quoc Nguyen) which uses HTTP authentication via PHP_AUTH_USER. There are server specific issues related to this form of authentication documented on the PHP.net site (running PHP as a CGI or some servers running IIS).

 

The contribution clearly states that security/authentication is up to the store owner.

 

Anyone having problems contact me direct - we will look at any issues and come up with a solution for authentication that overcomes any major issues. We will also implement some other enhancements we have made but not released.

 

We will post here when the new version is released.

Edited by attitudenz
Link to comment
Share on other sites
ka0osk

ka0osk

Posted
Posted
Geoff from Attitude here. We have received quite a few "thanks yous" - so there are a few people using this without issue.

 

I think your issues will be related to web server support for the authentication system we borrowed from another contribution (?Admin Authentication for 2.2? by Bao Quoc Nguyen) which uses HTTP authentication via PHP_AUTH_USER. There are server specific issues related to this form of authentication documented on the PHP.net site (running PHP as a CGI or some servers running IIS).

 

The contribution clearly states that security/authentication is up to the store owner.

 

Anyone having problems contact me direct - we will look at any issues and come up with a solution for authentication that overcomes any major issues. We will also implement some other enhancements we have made but not released.

 

We will post here when the new version is released.

 

I just started having this problem --- I didnt change a thing, so I am assuming it has somthing to do with my provider changing something. They changed permissions on several dirs on my a few months ago out of the blue, but this thing has me baffled!!!! Does someone have a admin securing contrib that doesnt use the PHP_AUTH_USER session vars?

john [email protected]

Link to comment
Share on other sites
ka0osk

ka0osk

Posted
Posted
I just started having this problem --- I didnt change a thing, so I am assuming it has somthing to do with my provider changing something. They changed permissions on several dirs on my a few months ago out of the blue, but this thing has me baffled!!!! Does someone have a admin securing contrib that doesnt use the PHP_AUTH_USER session vars?

john [email protected]

:thumbsup:

 

Replying to my own message!

 

I bitched to my provider and they admitted that they had changed over to cgi in the last few day.... AH HAH! They made a few changes and recompiled Apache and now it works just fine!

 

John ka0osk :lol: :lol: :lol: :lol: :lol: :lol: <_<

Link to comment
Share on other sites
ka0osk

ka0osk

Posted
Posted
:thumbsup:

 

Replying to my own message!

 

I bitched to my provider and they admitted that they had changed over to cgi in the last few day.... AH HAH! They made a few changes and recompiled Apache and now it works just fine!

 

John ka0osk :lol: :lol: :lol: :lol: :lol: :lol: <_<

 

 

Again replying to myself.... here is the explaination I got from my provider:

 

If Apache is compiled with the option -DSECURITY_HOLE_PASS_AUTHORIZATION, then

it will pass the User/Pass Auth data to a CGI application through the

HTTP_AUTHORIZATION header (eg, in FastCGI, -pass-header HTTP_AUTHORIZATION).

By Default, the User/Pass data is not passed with the HTTP_AUTHORIZATION

header.

 

Technically this is viewed as a potential security violation, but on our

system, all Authentication would be handled either by .htpasswd or internal PHP

Code (eg PHP controls it). No System User information is passed in the clear,

and hence its really not a security violation. On systems that utilize other

mod_auth modules, then perhaps it could be (eg , LDAP or PAM ), but in general,

these are special circumstances and generally not available in Shared hosting

environments.

.......

I hope that helps those that are having the same probs as me!

John ka0osk :)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...