Auto Login BUG

[Guest]

Could you tell if you are using the "Use Search-engine Friendly URLs" setting?

 

-Aaron

[blueline]

No I am not.

[Guest]

I was having all the problems with autologon 1.08 and logoff.php.

 

Would get blank screen, changed, Filename_Logoff to Filename_Default in autologon.php and still got blank screen when I would logoff and when I would close the browser and open it and get a blank screen again, pressing F5 would then make the site appear.

 

 

In autologon.php I made the change

//		 $autologon_page = '<html><head><meta http-equiv="Refresh" content="0;URL=' . tep_href_link(FILENAME_DEFAULT, '', 'SSL') . '"></head><body></body></html>';
to
		$autologon_page = header("Location: index.php");

 

May well have speeded things up but it didn't solve any of my problems.

 

 

 

I took a little poetic license with an earlier post, bit of a variation on a theme and it is WORKING

 

In autologon.php, I made a change to an earlier suggested change at the top of autologon.php, I changed:

setcookie("TEMPCOOKIE", "CookieOn", time() + 60 * 60); 
$cookieinfo = $HTTP_COOKIE_VARS["TEMPCOOKIE"]; 

if ($cookieinfo == "CookieOn")

to

setcookie("TEMPCOOKIE", "CookieOn", time() + 60 * 60); 
$cookieinfo = $HTTP_COOKIE_VARS["TEMPCOOKIE"]; 

$cookieinfo2 = "";
$cookieinfo2 = $HTTP_COOKIE_VARS["email_address"];

if ($cookieinfo == "CookieOn" && $cookieinfo2 != "" ) 
{

 

Have tested and retested and I am not getting blank screens, I can log off and be redirected to the home page, things look good.

 

Spent hrs on this, well, on and off for days now, will test it some more, retest it tomorrow, and then get some users to test the whole new checkout experience.

 

Will post back if things are still good. Looks good so far

[Guest]

Will post back if things are still good. Looks good so far

 

 

Ok everyone, everything is still going good,

 

There's a test site at

http://test.naturalfigure.co.uk

 

 

I'm happy with it all now, have seriously bug tested it and its holding water.

 

Hope this Helps, getting this working dragged out way longer than I wanted but am now happy with my FEC and autologon working together so roll on all them extra conversions :-)

ally

[Guest]

I'm happy with it all now, have seriously bug tested it and its holding water.

 

 

Famous last words, was just wanting to not show the remember me checkbox if cookies arent enabled, and found a wee bug, so I think I'll call it a night and leave something to do for over the weekend / early next week.

[Guest]

setcookie("TEMPCOOKIE", "CookieOn", time() + 60 * 60); 
$cookieinfo = $HTTP_COOKIE_VARS["TEMPCOOKIE"]; 

$cookieinfo2 = "";
$cookieinfo2 = $HTTP_COOKIE_VARS["email_address"];

if ($cookieinfo == "CookieOn" && $cookieinfo2 != "" ) 
{

 

 

Ok, so a little bit of bug hunting reveled as plain as day as the code above shows (for anyone who knows about cookies as I do now a little more)

 

That my cookie was expiring after an hour. Have changed this to be

setcookie("TEMPCOOKIE", "CookieOn", time() + 60 * 60 * 24 * 365 * 3);

 

So as it will remember me for up to 3 yrs :-)

 

The all important code in my application_top.php now looks like this:

 

// HMCS: Begin Autologon	******************************************************************

setcookie("TEMPCOOKIE", "CookieOn", time() + 60 * 60 * 24 * 365 * 3); //Remember this cookie for 3yrs
$cookieinfo = $HTTP_COOKIE_VARS["TEMPCOOKIE"]; 

//Only do autologon if there is an email set in cookie - avoids nasty logoff mishap
$cookieinfo2 = "";
$cookieinfo2 = $HTTP_COOKIE_VARS["email_address"];


if (ALLOW_AUTOLOGON == 'true' && $cookieinfo == "CookieOn" && $cookieinfo2 != "" )  // Is Autologon enabled and cookies permissable
{								
 if (basename($PHP_SELF) != FILENAME_LOGIN) 
 {				  // yes
//	if (!tep_session_is_registered('customer_id')) {
if ( ($session_started) && (!tep_session_is_registered('customer_id')) ) 
{
  include('includes/modules/autologon.php');
}
 }
} 
else 
{
 setcookie("email_address", "", time() - 60 * 60 * 24 * 365 * 3, $cookie_path);  //no, delete email_address cookie
 setcookie("password", "", time() - 60 * 60 * 24 * 365 * 3, $cookie_path);	   //no, delete password cookie
}

// HMCS: End Autologon		******************************************************************

[danil0]

I m using SSL and when I enable autologon from Admin ... it takes my to logoff.php ... it does not work for me :(

[Guest]

I m using SSL and when I enable autologon from Admin ... it takes my to logoff.php ... it does not work for me :(

I doubt that it ever worked for anyone.

[OutsideTheBox]

I'll be quite honest, there's been so many quote on quote "fixes" to this mod, and I've heard

nothing but bad things about it. I attempted to install it on my test cart and wound up undoing

the install because it caused errors beyond my current programming expertise.

 

Can someone fix up the instructions and re-release the VERY IMPORTANT and VITAL mod?

[pulp2]

In the SEO quick fix, by zombie, on the contribution page. It says: in catalog/includes/boxes/meberlogin.php

 

find

 

if(ALLOW_AUTOLOGON != 'false') {

 

and above it add

 

if ($cookies_on == true) {

 

 

find

// HMCS: End Autologon **********************************************************

 

and right above it add

 

}

 

 

 

I cant seem to find the directory catalog/includes/boxes/meberlogin.php or anything close. What file should I be looking for, to make this fix work?

 

 

Thanks!

[pulp2]

I'm also getting the fallowing error message: Parse error: syntax error, unexpected T_BOOLEAN_AND in /public_html/catalog/login.php on line 220. For some reason it doesn't like the fallowing line:

 

<?php // HMCS: Begin Autologon	**********************************************************
			  if(ALLOW_AUTOLOGON != 'false') && ($cookies_on == true)) {
			  ?>

 

 

If anyone could help me with any of this, I would really appreciate it.

[Guest]

I'm also getting the fallowing error message: Parse error: syntax error, unexpected T_BOOLEAN_AND in /public_html/catalog/login.php on line 220. For some reason it doesn't like the fallowing line:

 

<?php // HMCS: Begin Autologon	**********************************************************
			  if(ALLOW_AUTOLOGON != 'false') && ($cookies_on == true)) {
			  ?>

If anyone could help me with any of this, I would really appreciate it.

My advice is to not install autologin.

[Hade]

Hey Chris,

 

I had the same problem...I've been working on getting this implemented on my site but have been very frustrated. What I found was the problem for me was that I was using the "Use Search -Engine Safe URLs" option but contribution works off of a PHP get path which pulled up "action" for my path. Try sorting your cookies by when they were last modified and play around with it. My cookies were coming up with the domain "action." You need to go into the code if you are having this problem...

 

Hope that helps...

 

Although I'm having a problem of my own. The Autologon feature works great on my computer, but whenever I use my brother's computer, login, close the browser, and open up the site again, I get automatically sent to a secured logoff page. So maybe someone can help me with that one?

 

Maybe the wizards might return and give some help...

 

Thanks

 

-Aaron

 

Same here. When I check the autologin box and leave the site and come back, it goes straight to the log off page (logoff.php)

 

It's exactly the same for firefox and IE. Any ideas anyone?

[Hade]

Right I need to get this sorted.

I'm still getting redirected to logoff.php when I revisit my site. Also, when returning to the site root, I'm faced with the 'please log in' message.

 

I think catalog/includes/modules/autologon.php is to blame.

The end of the file is as follows:

 

} else {
 if($autologon_executed != 'true'){
$autologon_page = '<html><head><meta http-equiv="Refresh" content="0;URL=' . tep_href_link(FILENAME_LOGOFF, '', 'SSL') . '"></head><body></body></html>';
$autologon_link = ((getenv('HTTPS') == 'on') ? 'https://' : 'http://') . $SERVER_NAME . $REQUEST_URI . (strpos($REQUEST_URI, "?") ? '&' : '?') . SID;
$autologon_executed = 'true';
if(!tep_session_is_registered('autologon_link'))
	tep_session_register('autologon_link');
if(!tep_session_is_registered('autologon_executed'))
tep_session_register('autologon_executed');
tep_session_close();
exit($autologon_page);
 }
}
if (tep_session_is_registered('autologon_link')) {
 $x = $autologon_link;
 tep_session_unregister('autologon_link');
 tep_redirect($x);
}

?>

 

Should the else condition be fired when returning to the site? The if condition is this:

 

if (($email_address != "") && ($password != "")) {

 

Should that be returning false?

Any help greatly appreciated.

[MindTwist]

Doh... I was actually going to install (or at least try to) this contrib, but seeing the many problems it can give, I think I will pass :(

[Guest]

Hi all,

 

I just installed this mod (Oct 24, 2007 snapshot + SEO index fixes) to an existing store. The install was easy. Directions clear.

 

For the most part AutoLogin seems to be working just great. I am a little confused about some of its behaviour. All trials have been done with Firefox 2.0/XP.

 

The only time I see the log-out page is when I actually log out. Then closing the tab and re-entering the site requires me to sign-in again. Seems proper I guess. (I had assumed/hoped that logging-out would not affect behavior of the next re-entry.)

 

If I leave my site without closing the tab and later return, I am automatically logged in on the re-entry page.

 

If I leave my site by closing the tab and return through a new tab, I am not logged in on the re-entry page.. However, the next page I navigate shows that I am then logged in.

 

I have not been redirected to any log-in or log-out page. I only gone to those pages when specifically clicking on a link.

 

So I guess the only issue I have would be the second to last point about not being logged in on the first page visited.

 

Decent contribution.

[Stephan (VS)]

How secure is the latest distribution?

 

Are there security risks?