Jump to content

Archived

This topic is now archived and is closed to further replies.

grandpaj

Suspected configure.php incorrectly set up

Recommended Posts

@@ArtcoInc

 

Malcolm, I don't think it's possible in it's current form. I've also been looking. Don't know if there is a way to encrypt the modal???

 

Scary thing is, there are add-ons which potentially could have the same issue. For example, I remember seeing an add-on (for osc234) which placed a login box in the left or right column. Unless you're site is totally SSL you creating a security concern.

 

I'm toying with the idea of loading the modal using ajax/javascript. It may be possible to do it this way via accessing a secure page in the background. The only problem is that you still won't see the security lock in the browser's address bar until after you are logged in. This could be a concern for customers that look for that lock when entering login details. I've seen examples where they place an image of a lock along side the login details within the modal. Don't like that idea either.

 

The other way is to go back to the original login_redirect option but I didn't like the fact that you were still reloading the page to get a login modal to appear, which defeats the purpose of a quick modal type login. If you have to reload another page then you may as well just load the standard login form.

 

cheers


My Add-ons
Advanced Cache Control Tool for osCommerce 2.3.x (non-bootstrap) Download Support
Ajax Product Listing for osC 2.3.4 (bootstrap) Download Support
Category New Products Carousel for osC 2.3.4 (bootstrap) Download Support
Category Popular Products Carousel for osC 2.3.4 (bootstrap) Download Support
Customer Testimonials for osCommerce 2.3.4 (bootstrap and non-bootstrap) Download Support
Front Page New Products Carousel for osC 2.3.4 (bootstrap) Download Support

Index Nested - Product Listing for osC 2.3.4 (bootstrapDownload Support
Match Categories in Search Results for osCommerce versions 2.3.x (non-bootstrap) Download Support
Modular Category Page for osC 2.3.4 (bootstrap)
Download Support

NEW Australia Post Shipping Modules for osCommerce 2.3.x (non-bootstrap) Download Support
NEW Equal Height Module for osC 2.3.4 (bootstrapDownload Support
Products Low Stock Report for osC 2.3.x (bootstrap and non-bootstrap) Download Support
Twitter Typeahead Autocomplete Search for osCommerce 2.3.4 (bootstrap and non-bootstrap)
Download Support

Upcoming Products Modules for osC 2.3.4 (bootstrap) Download Support

 
Assisted Add-ons
Scroll Boxes for osCommerce 2.3.x (bootstrap and non-bootstrap) Download Support
 
Bootstrap Add-ons created by other members
osCommerce Bootstrap Addons and Code

Share this post


Link to post
Share on other sites

Continued in the relevant thread for the Login Modal here:

http://forums.oscommerce.com/topic/399771-faster-login-with-bootstrap-modal/page-4#entry1735929

 


My Add-ons
Advanced Cache Control Tool for osCommerce 2.3.x (non-bootstrap) Download Support
Ajax Product Listing for osC 2.3.4 (bootstrap) Download Support
Category New Products Carousel for osC 2.3.4 (bootstrap) Download Support
Category Popular Products Carousel for osC 2.3.4 (bootstrap) Download Support
Customer Testimonials for osCommerce 2.3.4 (bootstrap and non-bootstrap) Download Support
Front Page New Products Carousel for osC 2.3.4 (bootstrap) Download Support

Index Nested - Product Listing for osC 2.3.4 (bootstrapDownload Support
Match Categories in Search Results for osCommerce versions 2.3.x (non-bootstrap) Download Support
Modular Category Page for osC 2.3.4 (bootstrap)
Download Support

NEW Australia Post Shipping Modules for osCommerce 2.3.x (non-bootstrap) Download Support
NEW Equal Height Module for osC 2.3.4 (bootstrapDownload Support
Products Low Stock Report for osC 2.3.x (bootstrap and non-bootstrap) Download Support
Twitter Typeahead Autocomplete Search for osCommerce 2.3.4 (bootstrap and non-bootstrap)
Download Support

Upcoming Products Modules for osC 2.3.4 (bootstrap) Download Support

 
Assisted Add-ons
Scroll Boxes for osCommerce 2.3.x (bootstrap and non-bootstrap) Download Support
 
Bootstrap Add-ons created by other members
osCommerce Bootstrap Addons and Code

Share this post


Link to post
Share on other sites
Posted · Hidden by burt, November 29, 2015 - xpost
Hidden by burt, November 29, 2015 - xpost

Comment configurer?

L'explication est-elle faite quelque part en français? J'ai du mal à comprendre l'anglais.

Mais, j'ai déjà une autre boutique http://www.cdiscounta.com en cloud chez un autre fournisseur. Je désire avoir une autre chez oscommerce. Que faire?

http://www.cdiscounta.com

Share this post


Link to post

Well like they Houston we have a problem. Maybe someone can help. been away from Oscommerce for awhile with health issues.

At the age of 66, just glad I am still upright.

My admin section shows the green padlock but index going to a secure page shows the green padlock for a second and then turns white. I am sure it is a config problem. Thanks in adavance

 
  define('HTTP_SERVER', 'http://jackies-nutz-pats-krazy.com');
  define('HTTPS_SERVER', 'https://jackies-nutz-pats-krazy.com');
  define('ENABLE_SSL', true);
  define('HTTP_COOKIE_DOMAIN', '.jackies-nutz-pats-krazy.com');
  define('HTTPS_COOKIE_DOMAIN', '.jackies-nutz-pats-krazy.com');
  define('HTTP_COOKIE_PATH', '/');
  define('HTTPS_COOKIE_PATH', '/xxxxx');
  define('DIR_WS_HTTP_CATALOG', '/');
  define('DIR_WS_HTTPS_CATALOG', '/');
 
 
 define('HTTP_SERVER', 'https://jackies-nutz-pats-krazy.com');
  define('HTTPS_SERVER', 'https://jackies-nutz-pats-krazy.com');
  define('ENABLE_SSL', true);
  define('HTTP_COOKIE_DOMAIN', '.jackies-nutz-pats-krazy.com');
  define('HTTPS_COOKIE_DOMAIN', '.jackies-nutz-pats-krazy.com');
  define('HTTP_COOKIE_PATH', '/xxxx');
  define('HTTPS_COOKIE_PATH', '/xxxx');
  define('HTTP_CATALOG_SERVER', 'https://jackies-nutz-pats-krazy.com');
  define('HTTPS_CATALOG_SERVER', 'https://jackies-nutz-pats-krazy.com');
  define('ENABLE_SSL_CATALOG', 'true');
 
Thanks Bo

Share this post


Link to post
Share on other sites

It may be pulling somethign from a non ssl page if you can see the page but just aren't getting the green padlock.  Using FireFox go to the page in question and press cntrl+shift+Q all at the same time and it iwll bring up the network panel.  When you press reload it will show you the responses for each file and if it's secure or not.  Likely a pic is being source nonssl.


I'm not really a dog.

Share this post


Link to post
Share on other sites

It may be pulling somethign from a non ssl page if you can see the page but just aren't getting the green padlock.  Using FireFox go to the page in question and press cntrl+shift+Q all at the same time and it iwll bring up the network panel.  When you press reload it will show you the responses for each file and if it's secure or not.  Likely a pic is being source nonssl.

Thanks John, it was in the advanced_search.php causing the problem Has to change nonssl to ssl

Share this post


Link to post
Share on other sites

Whats in your .htaccess file?any re-directs?

 

I had this very same problem when using a subdirectory. However I think my problem was twofold. 1. the subdirectory worked for the first access but somehow OSC changed it to the direct route. i.e. access by shop.blah.co...  and the attempted login page had reverted to http://blah.co.../shop.

 

Second I had a redirect in my .htaccess file for non subdomain that redirected any access to https://   so http://blah.co/shop/admin became https://blah.co/shop/admin.

 

OSC knows what the referrer is and wht it should be and I suspect that when they do not match it re-directs to the login page Oh joy http://blah.co/shop/admin/login.php and round we go again

 

Your server is looping on re-directs and firefox will time that out after a few.  You could try setting the non ssl server to the same as the ssl server.

Share this post


Link to post
Share on other sites

I having a similar problem, after I used plesk to install phpbb forum, the installer I had assumed would install in a sub-directory because it didn't ask what level to install as far as I could remember. But it replace the confine.php file in the home directory thus no access to the website from a browser as it directed to the forum. 

 

I tried replacing the config.php file from the admin directory, as I understood its the same. But it must not be because I'm getting "file not found". 

 

I have a vps and just installed a SSL certificate. I have backups of admin, but I recently changed host and never backup the config.php in the home directory. 

 

This is what I have now for config.php:

 

 define('HTTP_SERVER', 'http://icustomsofa.com');

  define('HTTPS_SERVER', 'https://icustomsofa.com');

  define('ENABLE_SSL', true);

  define('HTTP_COOKIE_DOMAIN', '');

  define('HTTPS_COOKIE_DOMAIN', '');

  define('HTTP_COOKIE_PATH', '/');

  define('HTTPS_COOKIE_PATH', '/');

  define('DIR_WS_HTTP_CATALOG', '/');

  define('DIR_WS_HTTPS_CATALOG', '/');

  define('DIR_WS_IMAGES', 'images/');

  define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

  define('DIR_WS_INCLUDES', 'includes/');

  define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

  define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

  define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

  define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

  define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

  define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

  define('DIR_FS_CATALOG', $_SERVER["DOCUMENT_ROOT"] . '/');

  define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

  define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

  define('DIR_WS_CATALOG_OPTIONS', DIR_WS_IMAGES . 'options/');

  define('DIR_WS_CATALOG_SAMPLES', DIR_WS_IMAGES . 'samples/');

  define('DIR_WS_CATALOG_PRODUCTS', DIR_WS_IMAGES . 'products/');

  define('DIR_WS_CATALOG_STYLE', DIR_WS_CATALOG_OPTIONS . 'STYLE/');

  define('DIR_WS_CATALOG_ARM_STYLE', 'ARM_STYLE/');

  define('DIR_WS_CATALOG_COM', DIR_WS_IMAGES . 'COM/');

  define('DIR_FS_CATALOG_COM', DIR_FS_CATALOG . DIR_WS_IMAGES . 'COM/');

  

  define('DB_SERVER', 'localhost');

  define('DB_SERVER_USERNAME', 'sofa_admin');

  define('DB_SERVER_PASSWORD', 'zVto65!4');

  define('DB_DATABASE', 'sofa_data_2015');

  

  define('USE_PCONNECT', 'false');

  define('STORE_SESSIONS', 'mysql');

  define('RECEIVE_EMAIL', 'heltonsdesigns@gmail.com');

  define('RECEIVE_NAME', 'info');

 

  define('THROW_PILLOW_14', '5');

  define('THROW_PILLOW_18', '6');

  define('THROW_PILLOW_21', '7');

?>

 

I hoping someone can help with trying to get my website back up and running? Many thanks....

Share this post


Link to post
Share on other sites

@@rmanbike First, since you posted the url and login for the database on a public forum, you need to change those as soon as you can or you may find your problems will increase.

 

Second, the file names between the shop and the foums are mostly different so only a few need to be considered. Most likely the main file that was affected is the .htaccess file in the root. If you rename that and it is the problem, then the shop should load again. It may not work correctly, depending on what is in that file but it will help you troubleshoot. The other file that may have been changed is index.php. If you visit some other page of your shop, like privacy.php, it will show if that is a problem.

 

The configure files for oscommerce in the admin and the shop are not the same so you cannot share them like it seems you did so that will need to be fixed.

 

The best thing to do, if possible, is to ask your host to do a restore from before you installed the forum.

Share this post


Link to post
Share on other sites

Thanks Jack, first how do I edit a post here??

 

Too late, hotplate! For a few minutes after posting, you should see an "Edit" button (I think that's the word) next to the Report, Quote, etc. buttons. If you had your real DB access information up for more than 15 seconds or so, assume the hackers of the world have it now, and immediately change at least your DB password (and also in the two configure.php files).

Share this post


Link to post
Share on other sites

You can edit a post if it is within 15 minutes of posting it. After that, you would need to contact a team member.

 

The deny statement is blocking everyone from the site. It shouldn't be there unless that is your intention.

Share this post


Link to post
Share on other sites

Actually its a good thing thing it was their, since I was brain-dead and posted the password to the DB. Its been changed now. 

Share this post


Link to post
Share on other sites

×