Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

autologon 1.03 and the 3/17/03 snapshot


reyak

Recommended Posts

this is really directed at marcel and anyone else that uses the autologon.

 

i just installed the autologon over the daily snapshot with the latest cookie-force security thing that has been going on. I get no errors after the install, but it doesnt seem to remember my login.

 

feel free to test it at http://www.reyakscards.com/default.php

 

it is my test site that eventually will become production after i figure out most stuff. my setup is http://www.domain.com and the https://secure.domain.com.

 

any asssitance would be greatly appreciated.

 

thanks in advance

Reyak

~Reyak's Card~ to be established soon

Link to comment
Share on other sites

ok, i just got the notification email that the security cvs is out - so is there any plans on updating the autologin?
Yes, the plans exist, but I'm currently busy with adapting the security proposal so it can be used on shops with shared ssl-certificates. See http://www.oscommerce.com/forums/viewtopic.php?t=31928

 

Marcel

Greetings from Marcel

|Current version|Documentation|Contributions|

Link to comment
Share on other sites

  • 4 weeks later...

Marcel,

Do you know of any quick fixes (until a new version) that I could implement to allow Autologon when the client doesn't have cookies enabled?

 

The problem I'm having is that the Autologon feature works great if the client has cookies enabled. Regardless of whether they are using autologon, the site still works like normal.

When the client doesn't have cookies enabled, I get a continuous loop of the logoff.php file when I go to access the website.

 

Thanks,

Tony

"The price of success is perseverance. The price of failure comes much cheaper."

Link to comment
Share on other sites

Just to clarify my last e-mail.

 

I don't need the autologon feature to work for users without cookies enabled. All I need is for my site to work for them... as mentioned above I get a constant loop of the logoff.php file when they come to my site.

 

Thanks,

Tony

"The price of success is perseverance. The price of failure comes much cheaper."

Link to comment
Share on other sites

Try this:

 

Find in the autologon changes in application_top.php:

if (!tep_session_is_registered('customer_id')) {

 

Replace with:

if ( ($session_started) && (!tep_session_is_registered('customer_id')) ) {

I didn't test this. Please report back the results.[/b]

Greetings from Marcel

|Current version|Documentation|Contributions|

Link to comment
Share on other sites

Thanks Marcel!

 

All appears to be working fine now... though I've only done a quick test.

 

So... let take it as though the code changes work fine... if otherwise, I'll post to this thread.

 

Thanks again!

Tony

"The price of success is perseverance. The price of failure comes much cheaper."

Link to comment
Share on other sites

Update to testing...

 

I've some more testing on the updated code and these are the results:

User with cookies working fine, all aspects.

User without cookies, login in to cart ok. Can navigate site ok, though they get logged off if they click on 'Top' on the breadcrumb (ie. Looses the session id.)

 

For me though, this is working ok as I have force_cookies enabled which stops a non-cookie user from logging in, and a guest can now view the site with the updated code.

 

As a suggestion though, if work is going to be done to allow the module to work without force_cookies (ie. cookie and non-cookie users) a check should be done for cookies and if it returns false, to remove the 'Remember Me' option similar to what happens when you disable autologon.

 

Cheers,

Tony

"The price of success is perseverance. The price of failure comes much cheaper."

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...