Jump to content
Chadduck

OSC and .htaccess

Recommended Posts

I am moving my store to a new server - 

My NEW SYSTEM operating environment

Ubuntu 18.04.2 LTS
PHP version: 7.2.19-0ubuntu0.18.04.1
mysql  Ver 14.14 Distrib 5.7.27
OSCommerce 2.3.4

Before anyone points out that the OSC bootstrap version is better - I am simply moving the store from one server to another.

My question involves the usage of .htaccess to password protect the access to the admin section

ASSUME 
OSC admin username is CharlesDuncan
OSC admin password is Duncan2345

WHY is it if those are entered in the .htpasswd file that the OSC login screen is bypassed and the user is placed on the administration screen of OSC?

ANY OTHER user name and password combination for .htaccess puts the user on the login screen called by
login.php?action=process

To verifiy this I went to my existing production server and tested it.  The production server operates with older versions of Ubuntu, php, and MySql but the same OSC version.  It does the same thing.

Obviously I immediately removed the new entry in .htpasswd BUT I was wondering if others have ran into this.
 

Share this post


Link to post
Share on other sites

This auto login with the HTTP Authentication values if it exists

This is because you clicked the logoff link

Add code in footer file login.php

var_dump($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);

You will see the password and login

Share this post


Link to post
Share on other sites
On ‎8‎/‎2‎/‎2019 at 1:39 PM, Chadduck said:

WHY is it if those are entered in the .htpasswd file that the OSC login screen is bypassed and the user is placed on the administration screen of OSC?

It's because the path to the .htpasswd file is different between the two servers. The easy fix is to rest the password for the popup login in your control panel. But you could also edit the admin/.htaccess file and change the path to the correct one for the new server.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×