Jump to content
Jack_mcs

Autologon V 2

Recommended Posts

Thanks for posting that. It may prove useful to others as you mentioned. Although removing that code means it won't check if cookies are enabled and that may cause a failure for customers that don't have them enabled. You might want to try turning cookies off in your browser and then try to access your shop to see if it causes any problems.

Share this post


Link to post
Share on other sites

Jack,

 

I don't know the use of that function(enabling cookies), my settings in IE are normal.

If i set enable cookies to true, i get that page with enabling cookies.

But setting the settings to lower than normal doesn't change anything i still get that page and can't log in.

Or is this a fault in OSC. I don't have this with FF.

By the way, i just logged in on my shop and i still are logged in a day later so i assume it works.

Share this post


Link to post
Share on other sites

Hi Jack,

 

Thanks for the usefull contribution!

Meanwhele I'm not sure it funcions correctly in my case. I mean if a user is loged out, does it provide automatic login on a new session?

For me, autologin is working untill log out has been done.

Share this post


Link to post
Share on other sites

Share this post


Link to post
Share on other sites

Yes, it should log you back in whether you start a new session or not.

Ok for session, but how does the contribution interact with "log out" button? Can't catch the logic (((

 

Also what is the reason to add the identical language deffinitions for ENTRY_REMEMBER_ME in english.php and login.php. Seems like the one case should be enought.

Edited by leveera

Share this post


Link to post
Share on other sites

Ok for session, but how does the contribution interact with "log out" button? Can't catch the logic (((

 

Also what is the reason to add the identical language deffinitions for ENTRY_REMEMBER_ME in english.php and login.php. Seems like the one case should be enought.

As it stands right now, the log out button really doesn't have much meaning. If you logout, you will be logged in again if you switch pages. That is not a problem in most cases but if you are a shop owner that wants to login to a different account, it is. I've changed the code in the next version that allows logging in under a different account. It seems to work fine but I haven't tested it thoroughly yet.

 

The duplicate name is a holdover from the original code. The define in english/login.php can be removed.

Share this post


Link to post
Share on other sites

As it stands right now, the log out button really doesn't have much meaning. If you logout, you will be logged in again if you switch pages. That is not a problem in most cases but if you are a shop owner that wants to login to a different account, it is. I've changed the code in the next version that allows logging in under a different account. It seems to work fine but I haven't tested it thoroughly yet.

 

The duplicate name is a holdover from the original code. The define in english/login.php can be removed.

 

Thanks for detailed clarification. Now I understand that for my RC1 it is not working properly. I consider it to be a reason of bulk modifications in login process I have already done. (((

Share this post


Link to post
Share on other sites

Jack,

 

I think i got it working again, both in FF and IE.

Checked in FF and waited for 3 hours and still logged in.

 

Removed && ($cookies_on == true)) in the login.php and application_top.php.

Also removed the testcookie code.

The settings in includes/configure.php are :

define('HTTP_SERVER', 'http://www.yourdomain.com/');

define('HTTPS_SERVER', 'https://www.yourdomain.com/');

define('ENABLE_SSL', true);

define('HTTP_COOKIE_DOMAIN', 'www.yourdomain.com');

define('HTTPS_COOKIE_DOMAIN', 'www.yourdomain.com');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

 

As far as i remember these are the only changes i made.

 

Maybe this will help others.

 

I'd like to mention that this tip also worked for me. I removed

&& ($cookies_on == true) in the login.php and application_top.php.
and by doing so this contribution works for me as well, i.e. in Firefox ( IE does not recognize this amendment, though). This is of course a comment that I think Jack would be interested in since I wrote a post earlier in this thread where I assumed that it's failure had to do with my shared SSL, obviously that was wrong: It works in FF even though my environment is of a shared SSL - but not so in IE. Therefore I'm inclined to believe that some sort of a clever tweak would be able to fix it for IE also?!

 

PS. I have the utmost respect for all of the contributions made by Jack_mcs since they are never accompanied with any kind of subtle advertisements. Thanks for that! DS.

Edited by kbking

Share this post


Link to post
Share on other sites

I tried to get Autologon running but it failed all the time.

Now i do have the answer - the contribution needs register gloabels on!

With register globales off the module "autologon.php" doesn't get the password and email-address from the cookie.

For me the contribution works as soon as i change the autologon.php:

if (($email_address != "") && ($password != "")) {

changed to:

$email_address = $HTTP_COOKIE_VARS['email_address'];
$password = $HTTP_COOKIE_VARS['password'];
if (($email_address != "") && ($password != "")) {

 

regards,

 

Heiko

Share this post


Link to post
Share on other sites

Hi guys, I have a problem.

 

At least in Firefox I can see the cookies being saved (in IE I can't see anything while cookies are enabled).

 

BUT

 

Somewhere in the application_top should the cookie be read with $_COOKIE and I'm missing that part ?

Share this post


Link to post
Share on other sites

Yes, there is code to read the cookies. Maybe you don't have cookies enabled in IE?

Share this post


Link to post
Share on other sites

Yes, there is code to read the cookies. Maybe you don't have cookies enabled in IE?

 

 

They're enabled.

 

I now see Heiko's change, I have the same problem. Now it's working fine. TOP !

Share this post


Link to post
Share on other sites

Hello i french

i a version oscommerce-2.3.1 installed, i try autologon but this work when i remove the if condition in autologon.php

//THE IF

if (tep_validate_password($password, $check_customer['customers_password'])) {

 

are you a solution for replace this, i thinks it's now not secure, thanks.

Share this post


Link to post
Share on other sites

Hello i french

i a version oscommerce-2.3.1 installed, i try autologon but this work when i remove the if condition in autologon.php

//THE IF

if (tep_validate_password($password, $check_customer['customers_password'])) {

 

are you a solution for replace this, i thinks it's now not secure, thanks.

I don't know what section of code you are referring to but it works fine in pre-2.3 shops and there is only once change needed for it to work in 2.3 shops so I don't see a problem.

Share this post


Link to post
Share on other sites

I don't know what section of code you are referring to but it works fine in pre-2.3 shops and there is only once change needed for it to work in 2.3 shops so I don't see a problem.

 

what is the modification for 2.3 or 2.3.1? , I updated my 2.2 to 2.3.1 via the update instruction , is it not a real 2.3

I installed your contribution , but I can not make it works, perhaps, I need the modifications you are talking about

 

thanks!!!!

Share this post


Link to post
Share on other sites

what is the modification for 2.3 or 2.3.1? , I updated my 2.2 to 2.3.1 via the update instruction , is it not a real 2.3

I installed your contribution , but I can not make it works, perhaps, I need the modifications you are talking about

 

thanks!!!!

For the changes to the login.php file, this section of code

<?php // HMCS: Begin Autologon	********************************************************** ?>
<script language="javascript"><!--
function win_autologon() {
 window.open("<?php echo FILENAME_INFO_AUTOLOGON; ?>","info_autologon","height=460,width=430,toolbar=no,statusbar=no,scrollbars=yes").focus();
}
//--></script>
<?php // HMCS: End	Autologon	**********************************************************  ?>

should be placed after this in the 2.3 login.php file

  require(DIR_WS_INCLUDES . 'template_top.php');
?>

I haven't tried installing it in a 2.3 shop yet but that should allow it to work.

Share this post


Link to post
Share on other sites

For the changes to the login.php file, this section of code

<?php // HMCS: Begin Autologon	********************************************************** ?>
<script language="javascript"><!--
function win_autologon() {
 window.open("<?php echo FILENAME_INFO_AUTOLOGON; ?>","info_autologon","height=460,width=430,toolbar=no,statusbar=no,scrollbars=yes").focus();
}
//--></script>
<?php // HMCS: End	Autologon	**********************************************************  ?>

should be placed after this in the 2.3 login.php file

  require(DIR_WS_INCLUDES . 'template_top.php');
?>

I haven't tried installing it in a 2.3 shop yet but that should allow it to work.

 

you should try , I notice that the function 'tep_validate_password($plain, $encrypted)' { is different with 2.3(1)

I can 't make it works , do we have to set ssl , is it compulsory?? I notice that I got 2 cookies which expire in 2012 in firefox , however when I log off and go back to account.php again ,it does not log automatically. the Id (osCsid=3abdac709ac4fb48b81a89b4d5f539a3) is changing every time when I go to account

 

thanks

Edited by kyser

Share this post


Link to post
Share on other sites

If I am already logged and I open an other web tab to the root of the catalog , I should be automatically logged again ???

does it works on google chrome ?

Edited by kyser

Share this post


Link to post
Share on other sites

I'll look at it when I get a chance.

 

Finally I could make it work , as a member say before

we need to turn off this condition for 2.3(1):

"if (tep_validate_password($password, $check_customer['customers_password'])) {"

 

 

As I say before, the password encryption is different in 2.3(1)

that's why something wrongs about that I guess.

 

Anyways, by this reply I would especially present all my respects and my gratitude for your contribution...

 

Thanks Jack!

Share this post


Link to post
Share on other sites

when I log with ssl activated the cookies are set in .site.com (cookie path for https)

however when I click on product or page link not secured (http), I am not logged

I guest it is normal due to the fact that cookies are set in .site.com path only and not in www.site.com path (cookie path for http)

 

how can I do to set loging's cookies in http and https domains in the same time in order to switch easily from secure page to unsecured page without probs?

 

thanks!

Edited by kyser

Share this post


Link to post
Share on other sites

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×