Guest SafeTomorrow Posted October 17, 2006 Share Posted October 17, 2006 Ok, well I'm just starting a new store, I was having problems with 3.0.12, and upgraded to 3.0.13 and the problem still exists. The problem was trying to view the site as admin while it was offline.. ive tired some of the fixes mentioned in this forum, but none work... I spent a few hours looking the problem by myself and I found it. The Session/Cookie that is created when you log in as admin, sets the path to /Admin/. That means only PHP scripts that are run in the /Admin/ directory can use the cookie. Well, the index.php for the main store includes the session.inc.php file in the /includes/ directory and that figures out if you are an admin or not, and wether to display the offline.php page. Because the session.inc.php file is not in the /Admin/ it can not read the admin session/cookie. So you need to change the Session/Cookie to only have "/" for a path so everything can read the cookie. As a temp fix, I edited the admin/login.php. I have only studied the inner workings of CubeCart for a day so this might not be the most secure wayto make it work. So there might be another way... this is what I did... In /Admin/login.php look for this... session_name($sessionName); $sessionDomain = substr($GLOBALS['rootRel'],0, strlen($GLOBALS['rootRel'])-1); @ini_set("session.cookie_path",$sessionDomain); session_start(); $_SESSION['ccAdminPath'] = $GLOBALS['rootRel']; and I made it look like this.... session_name($sessionName); @ini_set("session.cookie_path","/"); session_start(); $_SESSION['ccAdminPath'] = $GLOBALS['rootRel']; So far it works perfect... but I am not complely familiar with all the code yet, so this may cause other problems.... even then... I FOUND THE PROBLEM! maybe since I helped CubeCart fix a problem..... I can have a FREE LICENSE KEY? :whistle: Quote Link to comment Share on other sites More sharing options...
Guest SafeTomorrow Posted October 18, 2006 Share Posted October 18, 2006 bump.... I need an official comment on this... The "fix" that was in the FAQ didn't help the problem, and this does. Can the programmers of CubeCart figure out why the admin session cookie is directory specific. And make sure there is a better way to fix this, than my crude hack that probably could be a security risk... Quote Link to comment Share on other sites More sharing options...
convict Posted October 18, 2006 Share Posted October 18, 2006 Unoficial of course: Your fix is not general but cart installed in site root folder only. The fix could be following (3.0.12 and older): admin/login.php if($glob['rootRel']=="/"){ $sessionName = "ccSID"; } else { $sessionName = "ccSID-".md5($glob['rootRel']); } session_name($sessionName); @ini_set("session.cookie_path",$GLOBALS['rootRel']); session_start(); $_SESSION['ccAdminPath'] = $GLOBALS['rootRel']; admin/includes/auth.inc.php if($glob['rootRel']=="/"){ $sessionName = "ccSID"; } else { $sessionName = "ccSID-".md5($glob['rootRel']); } session_name($sessionName); @ini_set("session.cookie_path",$GLOBALS['rootRel']); session_start(); I tested it before and it works on any folder. However path ends with / if store is installed in any sub folder $sessionDomain = substr($GLOBALS['rootRel'],0, strlen($GLOBALS['rootRel'])-1); gets rid of ending / however the result on site root folder store is BLANK, default PHP setting for session.cookie_path is /. It depends to server and browser probably. If the init session.cookie_path is called just before the session_name, some browser cookies get the curent store folder instead of default PHP setting /. Quote Link to comment Share on other sites More sharing options...
Guest SafeTomorrow Posted October 18, 2006 Share Posted October 18, 2006 You are right, my fix is only for CubeCarts installed in the main directory of the website. Your fix looks like it would work.. I will test it. $sessionDomain = substr($GLOBALS['rootRel'],0, strlen($GLOBALS['rootRel'])-1); gets rid of ending / however the result on site root folder store is BLANK, default PHP setting for session.cookie_path is /. It depends to server and browser probably. If the init session.cookie_path is called just before the session_name, some browser cookies get the curent store folder instead of default PHP setting /. I thought the Defualt cookie_path is the directory the php script that is setting the cookie is in. Because I believe that is what is happening. Both with IE and Mozilla FireFox, the cookie_path was becomeing /Admin/ because the php script making the cookie is in the Admin directory. I wasnt sure that the cookie_path needed to be /Admin/ or not. Thats why I am unsure if it has security risks. So is it supposed to be just "/"? If it is, than that is exactly why a lot of people are having the offline viewing problem.. it might be a server side thing... ---edit--- I tried your fix, and it works... I wasnt aware of admin/includes/auth.inc.php. I had trouble one time viewing the store offline with my fix, and I didnt know why, I couldnt reproduce it. I deleted cookies and it worked... I'm guessing it was because of the auth.inc.php. So this fix is 100% :w00t: Quote Link to comment Share on other sites More sharing options...
Al Brookbanks Posted October 19, 2006 Share Posted October 19, 2006 I just did a clean install of 3.0.13 and I can't replicate this issue. It works fine. @SafeTomorrow - Did you upload using the changelog or by uploading files over the existing ones? All that has changed in 3.0.13 is the session name to have the hypen removed. Quote Link to comment Share on other sites More sharing options...
Guest SafeTomorrow Posted October 19, 2006 Share Posted October 19, 2006 My hosting is from HostGator, a very good host service, and that has "Fantastico", which will automaticaly install CubeCart 3.0.12 with a security update. I installed that first, on the root directory for the website. I was able to view the store offline as admin, but now and then it wouldnt let me, and I would get really mad. I tried the fixes avalible on this forum, but nothing worked, and according to the forum it didnt work for others either. So, I tried to update the install to 3.0.13, but it actually was worse with this version. I couldnt view it at all, apose to 3.0.12 were SOMETIMES I was able to view it. Anyway, I must have upgrade installed 4 times. After that I just clean installed the full version of 3.0.13., and I still had the problem. That is when I set out to fix it on my own. Which I did, works like a charm now. I think it is a server side problem with the way cookies are set with PHP.. so.. I might as well compare server stuff.. Server: PHP Version: 4.4.4 MySQL Version: 4.1.21-standard Server Software: Apache/1.3.37 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.28 OpenSSL/0.9.7a PHP-CGI/0.1b What's your server stats? Quote Link to comment Share on other sites More sharing options...
Guest kathysshowtack Posted November 2, 2006 Share Posted November 2, 2006 Ok could some one put this in newbee terms so I may fix the problem I understand the first fix is that the one to use ? I do not under stand what part of the php to change to make it right when the second fix is explained could someone please give me the step by step instructions Please!!! Quote Link to comment Share on other sites More sharing options...
Guest SafeTomorrow Posted November 4, 2006 Share Posted November 4, 2006 Ok could some one put this in newbee terms so I may fix the problem I understand the first fix is that the one to use ? I do not under stand what part of the php to change to make it right when the second fix is explained could someone please give me the step by step instructions Please!!! kathysshowtack, in order to apply this fix you need to know how to open and edit a .php file. Some web hosting companies have "File Managers" that allow you to edit an existing file in a txt editor. Or you can edit the file on your computer and upload it to your web host later. Either way you need to open the file that we are referencing. This first is admin/login.php. This means we want you to find "login.php" that is inside of the /admin/ folder of your store. Once you find it, you need to edit it. Download it to your computer, open it with wordpad.exe or notepad.exe. Or use the web hosting text editor tool that comes with most good hosts. Find this section of code in the php file: if($glob['rootRel']=="/"){ $sessionName = "ccSID"; } else { $sessionName = "ccSID-".md5($glob['rootRel']); } Right below the code above should be something simular to this: session_name($sessionName); $sessionDomain = substr($GLOBALS['rootRel'],0, strlen($GLOBALS['rootRel'])-1); @ini_set("session.cookie_path",$sessionDomain); session_start(); $_SESSION['ccAdminPath'] = $GLOBALS['rootRel']; replace it with this below: session_name($sessionName); @ini_set("session.cookie_path",$GLOBALS['rootRel']); session_start(); $_SESSION['ccAdminPath'] = $GLOBALS['rootRel']; Save your work. Then upload it to the web host if needed. Unless you used a built in editor. Now do the same for "auth.inc.php" that is inside of the /admin/ then /includes/ folder. Find the same type of code as the last one, and replace it with this. if($glob['rootRel']=="/"){ $sessionName = "ccSID"; } else { $sessionName = "ccSID-".md5($glob['rootRel']); } session_name($sessionName); @ini_set("session.cookie_path",$GLOBALS['rootRel']); session_start(); Quote Link to comment Share on other sites More sharing options...
Guest kathysshowtack Posted November 4, 2006 Share Posted November 4, 2006 Ok could some one put this in newbee terms so I may fix the problem I understand the first fix is that the one to use ? I do not under stand what part of the php to change to make it right when the second fix is explained could someone please give me the step by step instructions Please!!! kathysshowtack, in order to apply this fix you need to know how to open and edit a .php file. Some web hosting companies have "File Managers" that allow you to edit an existing file in a txt editor. Or you can edit the file on your computer and upload it to your web host later. Either way you need to open the file that we are referencing. This first is admin/login.php. This means we want you to find "login.php" that is inside of the /admin/ folder of your store. Once you find it, you need to edit it. Download it to your computer, open it with wordpad.exe or notepad.exe. Or use the web hosting text editor tool that comes with most good hosts. Find this section of code in the php file: if($glob['rootRel']=="/"){ $sessionName = "ccSID"; } else { $sessionName = "ccSID-".md5($glob['rootRel']); } Right below the code above should be something simular to this: session_name($sessionName); $sessionDomain = substr($GLOBALS['rootRel'],0, strlen($GLOBALS['rootRel'])-1); @ini_set("session.cookie_path",$sessionDomain); session_start(); $_SESSION['ccAdminPath'] = $GLOBALS['rootRel']; replace it with this below: session_name($sessionName); @ini_set("session.cookie_path",$GLOBALS['rootRel']); session_start(); $_SESSION['ccAdminPath'] = $GLOBALS['rootRel']; Save your work. Then upload it to the web host if needed. Unless you used a built in editor. Now do the same for "auth.inc.php" that is inside of the /admin/ then /includes/ folder. Find the same type of code as the last one, and replace it with this. if($glob['rootRel']=="/"){ $sessionName = "ccSID"; } else { $sessionName = "ccSID-".md5($glob['rootRel']); } session_name($sessionName); @ini_set("session.cookie_path",$GLOBALS['rootRel']); session_start(); Ok could some one put this in newbee terms so I may fix the problem I understand the first fix is that the one to use ? I do not under stand what part of the php to change to make it right when the second fix is explained could someone please give me the step by step instructions Please!!! kathysshowtack, in order to apply this fix you need to know how to open and edit a .php file. Some web hosting companies have "File Managers" that allow you to edit an existing file in a txt editor. Or you can edit the file on your computer and upload it to your web host later. Either way you need to open the file that we are referencing. This first is admin/login.php. This means we want you to find "login.php" that is inside of the /admin/ folder of your store. Once you find it, you need to edit it. Download it to your computer, open it with wordpad.exe or notepad.exe. Or use the web hosting text editor tool that comes with most good hosts. Find this section of code in the php file: if($glob['rootRel']=="/"){ $sessionName = "ccSID"; } else { $sessionName = "ccSID-".md5($glob['rootRel']); } Right below the code above should be something simular to this: session_name($sessionName); $sessionDomain = substr($GLOBALS['rootRel'],0, strlen($GLOBALS['rootRel'])-1); @ini_set("session.cookie_path",$sessionDomain); session_start(); $_SESSION['ccAdminPath'] = $GLOBALS['rootRel']; replace it with this below: session_name($sessionName); @ini_set("session.cookie_path",$GLOBALS['rootRel']); session_start(); $_SESSION['ccAdminPath'] = $GLOBALS['rootRel']; Save your work. Then upload it to the web host if needed. Unless you used a built in editor. Now do the same for "auth.inc.php" that is inside of the /admin/ then /includes/ folder. Find the same type of code as the last one, and replace it with this. if($glob['rootRel']=="/"){ $sessionName = "ccSID"; } else { $sessionName = "ccSID-".md5($glob['rootRel']); } session_name($sessionName); @ini_set("session.cookie_path",$GLOBALS['rootRel']); session_start(); ok I did what you said but now I get this Parse error: syntax error, unexpected ')' in /home/kathys/public_html/admin/includes/auth.inc.php on line 58 now what do I do ??? Can I pay you to fix this for me ?? Quote Link to comment Share on other sites More sharing options...
Guest SafeTomorrow Posted November 4, 2006 Share Posted November 4, 2006 now what do I do ??? Can I pay you to fix this for me ?? PM me with details of your store and I will look at it. Quote Link to comment Share on other sites More sharing options...
Guest dpage44 Posted February 5, 2007 Share Posted February 5, 2007 Also works for version 3.0.15 Had the same issue with the function working in a test directory on the server but not working in the main directory. I have submitted my results and the link to this topic to the Help Desk. Maybe you'll get your free license key SafeTomorrow ;) Quote Link to comment Share on other sites More sharing options...
Guest offthehook Posted February 28, 2007 Share Posted February 28, 2007 Sorry I have this problem in 3.0.12 and the solutions above do NOT work for me. Very frustrating. Quote Link to comment Share on other sites More sharing options...
Guest Posted March 11, 2007 Share Posted March 11, 2007 so is this considered an official fix for this? does this work with the current version? Quote Link to comment Share on other sites More sharing options...
Guest tuffdude Posted March 29, 2007 Share Posted March 29, 2007 :) Ok I am using bluehost, and when I first upload CC it will let me use the view store offline for a couple hours, then I have the same problem. I tried this fix and just get the parse error when I try to log into admin. I'm using the newest version of CC 3.015. My files are in public_html, so they are also duplicated in the www. file. I would really like to get this working again, so when I'm making changes I don't have to keep the store online to view what I'm doing. If anyone has any code or fix that would correct this, please let me know. It would be much appreciated. Thank You!!!!!!!! Quote Link to comment Share on other sites More sharing options...
Guest tuffdude Posted March 30, 2007 Share Posted March 30, 2007 :) anyone? Quote Link to comment Share on other sites More sharing options...
Guest tuffdude Posted March 30, 2007 Share Posted March 30, 2007 :) bump Quote Link to comment Share on other sites More sharing options...
Guest Cellular Amps LLC Posted April 3, 2007 Share Posted April 3, 2007 Oddly enough I am on BlueHost as well, and it stopped working within a few hours for me. May have to look into this fix as well... but obviously I don't need issues like tuffdude is having Quote Link to comment Share on other sites More sharing options...
Guest tuffdude Posted April 4, 2007 Share Posted April 4, 2007 Well Amps guess we're S.O.L on this one! :wacko: Quote Link to comment Share on other sites More sharing options...
Guest webgaffer Posted April 6, 2007 Share Posted April 6, 2007 Just as an experiment I set-up CC 3.0.15 in the root and also in a subdirectory. Same everything for both. The result was that view store offline as admin didn't work on the CC in the root but worked fine on th CC in subdirectory. This tells me that there is a path correction to be made somewhere in the code which is dependant on whether the CC was installed in root or subdirectory. The subdirectory CC works so the change will have to be made in the root CC. I don't have enough savvy with PHP to sort this out but I am sure that experts out there like Sir William won't have a problem? Quote Link to comment Share on other sites More sharing options...
Guest Cellular Amps LLC Posted April 6, 2007 Share Posted April 6, 2007 I Just got around to doing some more testing on this as well. Firefox 2.0.0.3 will not allow me to view the store even with Admin logged in and set to allow. IE7 will allow me to view the store with Admin logged in. I Have test both with admin in Secure mode and unsecure (i.e. SSL turned on and off) P.S. my store is in the root. Quote Link to comment Share on other sites More sharing options...
Guest webgaffer Posted April 7, 2007 Share Posted April 7, 2007 Yes! it does seem that the problem occurs when the CC is in the root. As, in my test case, I am using the same host, same operating system, same browser, the same CC with two occurances one in the root and one in the sub-directory on the same host. It seems to me to be a path error in the code. Maybe a "/" that shouldn't be there? Quote Link to comment Share on other sites More sharing options...
Guest tuffdude Posted April 8, 2007 Share Posted April 8, 2007 Yup definitely a problem in CC, cause I can't view store offline in firefox or IE. Wish they'd come up with a fix for it. :w00t: Quote Link to comment Share on other sites More sharing options...
Guest dpage44 Posted April 8, 2007 Share Posted April 8, 2007 My 2 cents: Does this issue occur when you use another computer? I have the issue with my home computer in IE7, but not on my work computer. Just something to try. Quote Link to comment Share on other sites More sharing options...
Guest webgaffer Posted April 8, 2007 Share Posted April 8, 2007 My 2 cents: Does this issue occur when you use another computer? I have the issue with my home computer in IE7, but not on my work computer. Just something to try. It can't be a computer issue because I am using the same computer for the root CC and the subdirectory CC. Works in sub but not in root! Quote Link to comment Share on other sites More sharing options...
Guest RCautoworks Posted August 5, 2007 Share Posted August 5, 2007 That fix does not work for me either. I noticed I did get it to work when I typed in www.url instead of just http://url But that only worked for a few hours, same thing. Same issue Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.