[Customer unable to log in]

Now, go to admin, and reset that customer's password. Now try to log in. The last time you did this, you got a failed attempt.

 

This works fine, I can log in using the password reset by admin. 

 

Does the 32 character password mean they joined when it was CC3?

[Customer unable to log in]

Please create a new test account in your store. Then, in phpMyAdmin, change these values in the CubeCart_customer table for that new customer record:

* delete the 'salt' value

* set the 'new_password' value to 0

* replace the 'password value' with 084e0343a0486ff05530df6c705c8bb4

 

This is a hash that represents the word guest. This will be what CC3 would have had.

 

Now try to log in using guest as the password.

 

Done! And logged in successfully as guest

[Customer unable to log in]

Sadly, it sounds like this is a wait and see situation. As I see it, you can hope it won't happen again, or you could add some wording to the login page to indicate a contact link if they have trouble, or you could pre-emptively email all your clients with an announcement about your new store look and use that as an opportunity to offer help if they run into any issues.

 

Well this is rather annoying, maybe I'm making too much of it, but currently this makes me feel like looking for another shopping cart solution that may be more reliable. 

Even with notices or mass mailouts (which i don't like), I think some customers frustrated by not being able to login may well just go elsewhere to buy something.

[Customer unable to log in]

In America, John Doe and John Smith are typical and obvious replacement names for use in examples of what to do or try.

 

John Smith

 

Ah, I knew about John Doe of course. I was confused because the customer with the problem is John E. Smith

 

So are you saying this is just a strange hopefully one-off occurrence, and nothing I can do to stop it happening, or it is unlikely to happen to loads of customers.

[Customer unable to log in]

 

In phpMyAdmin, you can filter for only the records where a column has a certain value. So, among all the 'spam' and robots in the access table, there will be the '[email protected]' username (email) we are looking for.

 

"there are also a few legit users denied access"

 

Do these records have a salt? A 32 or 128 character password?

 

Not quite sure what you mean by the [email protected]

 

I checked a couple of member with  unsuccessful attempts:

 

4 unsuccessful = 8 character salt and 128 character password

 

2 unsuccessful = 8 character salt and 128 character password

 

2 unsuccessful followed by successful = 8 character salt and 128 character password

 

At this stage, can anyone tell me if I should worry about this? ie are there likely to be a lot of customers unable to login for reasons other than they got the wrong password?

 

Thanks

[Customer unable to log in]

That's what mine looks like, too. I've never been in that table before. Can you tell if a legitimate looking one tried more than three times to login, rather than using the forgot password link? If you do, they blocked themselves as CC should have, although I'm not sure if CC provides a warning about that to the customer or not.

Yes, I can see one that looks like they tried unsuccessfully 4 times

[Customer unable to log in]

It's in phpMyAdin - probably your first table in your database.

Yrs, of course I was thinking it was in Cubecart.

OK, I can see a lot of Ns, but most look like bots or spammers: eg Aeugnf, OceagoMeedo, Jbagsfdnalsf

 

But there are also a few legit users denied access,

[Customer unable to log in]

I'm sure I have a test account of my own that i started back in v3, but have forgotten the password though presumably I can use the retrieve password form to find it.

 

Where do I find CubeCart_access_log ?

[Customer unable to log in]

Then this customer had (attempted, at least) to log-in prior to the 18th, which, during that attempt, CubeCart 5 upgraded his password from the CC3 encoding to the CC5 encoding. But it still should have worked.

Ok, but at one stage after he contacted me I changed his password in the admin section and attempted to log in as him, and still got the error.

[Customer unable to log in]

Would you happen to have a backup of your CC5 database from last week?

 

You are one of the few CC5 users who have upgraded from CC3, so please forgive us if it seems we are tasking you to assist us in figuring this out when, truly, you just want a solution.

 

If you have a backup, find the customer's record (who caused you to initiated this thread) and I would like to know the values of just a few columns:

password: is the value 32 characters or something else

salt: is the value 'null', six characters, or eight characters

new_password: is the value 0 or 1

status: 0 or 1

type: 0, 1, or 2

 

 

Password wasmany more than 32 , seems to be 128

 

was 8 characters

 

New password is 1

 

Status is 1

 

type is 1

[Customer unable to log in]

Thanks, this is what I see:

 

 

[Customer unable to log in]

"I reset the customer's password and tested this and true enough, when logging in to their account using the stored email address and password, I get this error."

 

Using phpMyAdmin, please report the parameters of the CubeCart_customer table, the 'salt', 'password', and 'new_password' columns.

 

Here is what they should be now:

salt: VARCHAR(32) NULL

password: VARCHAR(128) NULL

new_password: TINYINT(1) DEFAULT 1

 

In CC430, the 'salt' column was added, but was only VARCHAR(6). In CC500b1, that was changed to VARCHAR(32). In CC500b6, the new_password column was added and the password column was changed to VARCHAR(128).

 

Thanks very much, but can you explain in phpmyadmin beginner's steps

 

e.g. I don't know what report means.

 

I solved the one customer issue by deleting the salt as advised by Dirty Butter, however it would be good to know that it won't happen again.

 

And it would be good to do it without changing existing customers password

[Customer unable to log in]

You'd better check a few more of your older customers, particularly if you have no reason to think they would buy from you again,

 

Do you mean "particularly if you have a reason to think they would buy from you again" ?

 

I think I have to assume anybody might buy from me again so this is a bit of a worry. I will check a few at random.

[Exporting specific details from database]

Thanks guys, very useful. Also I found another way thanks toi Dirty Butter's reply to my other current question. 

[Customer unable to log in]

Go to phpMyAdmin to the CubeCart_customer table and click on the Search choice in that row. Then put the customer's email address in the email row. Scroll down to the GO button. When it pulls up the entry, double click in the salt entry and delete it and save.

 

Then go into Admin and re-create a password.

 

As far as this customer goes, I, too, just create a PP invoice and then try to figure out what happened, rather than delay the sale. We have very few repeat customers due to our type of inventory, so this hasn't been an issue for us. But if you DO get a lot of repeat business, obviously this is going to be a problem for you. Hopefully Bsmither will be along soon with a better solution.

Thanks, that worked a treat. (I think) At least I can now log in as him, just waiting to see if the customer can buy something

[Customer unable to log in]

 

Ah - just found this in an old thread -

 

SOLVED.

Removed the salt altogether through phpmyadmin.

Then created a new password through Admin backend.

Seems to have solved the problem.

 

 

 

I have no idea what salt value is. I have already changed the password in the admin CP while I was testing.

 

So I still don't really know what to do. It's beginning to make me feel like I should ditch Cubecart and get something else, I am losing sales. And this isn't the first time this has happened. The last time I just sent the customer a paypal invoice and apologise for the store not working properly.

 

[Customer unable to log in]

Please check the database via phpMyAdmin to see if the current customer data did update properly. I assume this is a customer from when you were using v4?

 

Indeed he is. I am slightly familiar with phpmyadmin but only for exporting and backing up, could you please explain how I would check the customer data has updated and what to do if not.

[Exporting specific details from database]

What I want to do is extract details of all orders with a specific product ID between two specific dates. The details I would need are basically the customer name and email address. Even just the email addresses would be fine.

 

Can  anyone please tell me if this is something that is possible and how to do it?

[Customer unable to log in]

I got an email from an existing registered customer saying:

 

"Your order page will not accept my user name or pass word.I can`t place my order and I can`t register a new account.I just want to buy a CD."

 

I reset the customer's password and tested this and true enough, when logging in to their account using the storede email address and password, I get this error:

 

The following errors were detected:

• Invalid Username and/or Password

 

 

 

This is a serious issue, can anyone help please?

 

 

 

[Customer able to cancel order?]

"that under their statutory rights they can cancel ask for a refund up to a week (or is it 2?) anyway."

 

In what country? And what does your country's statutes say as to how you can ameliorate financial damage to your business? Re-stocking Fees?

 

 

In the UK

 

http://www.which.co.uk/consumer-rights/regulation/distance-selling-regulations/

 

I'm unsure exactly what the legal position is on restocking fees, though that article seems to suggest they should not be charged. Bummer.

 

In the case of this post, restocking fees don't apply as the cancellation was done before dispatch of the order. 

[Customer able to cancel order?]

 

So, based on how you have expressed your scenario, I understand that WorldPay settles a transaction almost immediately?

 

Not quite, they have a 20 minute window in which I can manually cancel the payment without incurring fees.

 

But to use this effectively I would need to sit by my computer watching out for customers paying and then cancel.

 

Of course I understand that under their statutory rights they can cancel ask for a refund up to a week (or is it 2?) anyway. 

[Customer able to cancel order?]

You might want to ask this on the 3rd party forum as well - as you'll likely find more people there using Worldpay.

 

Except that Worldpay said it is not their issue. Unless they receive a  cancellation communication from Cubecart, they obviously don't cancel, which seems fair enough as all they got was the order. They told me it was a shopping cart issue.

 

I suppose another question should be "is it right that a customer can cancel an order?" What happens if I've already dispatched the item and they cancel?

[many many duplicate pages]

Try adding this to your robots.txt file:

 

Disallow: /*?set_currency

 

There's a place in the Google Webmaster tools where you can test to see if that fixed it for you.

 

 

Just tested, it works for all pages except this:

 

http://tamingthesaxophone.com/store/index.php?_a=basket&set_currency=AUD

http://tamingthesaxophone.com/store/index.php?_a=basket&set_currency=GBP

http://tamingthesaxophone.com/store/index.php?_a=basket&set_currency=USD

[many many duplicate pages]

Try adding this to your robots.txt file:

 

Disallow: /*?set_currency

 

There's a place in the Google Webmaster tools where you can test to see if that fixed it for you.

 

 

Thanks, I'll try that. Any ideas on the other issue?

[Customer able to cancel order?]

I just received an email from a customer who had cancelled their order, but the payment had been captured from their debit card by Worldpay.

 

WP customer support told me that when I refund I still have to pay the Worldpay fee.

 

How is it possible for this to happen? Surely the customer should not be able to cancel a payment, or if they do then Cubecart should notify Worldpay immediately. (Within 20 minutes, Worldpay would have been able to cancel without a fee)