havenswift-hosting Posted June 21, 2017 Posted June 21, 2017 You really need to give a bit more information as there is absolutely nothing to go on in your original post Quote
vidmarc Posted June 21, 2017 Author Posted June 21, 2017 I recently upgraded to 6.1.8 and now admin won't load. Quote
Dirty Butter Posted June 21, 2017 Posted June 21, 2017 Check your file structure for your store. There should only be one file named admin_XXX.php and one folder named admin_XXX, Both of those names should match what is in your includes/global.inc.php file. And the admin_XXX file and folder should be at the same directory level the includes folder is in. Quote
havenswift-hosting Posted June 21, 2017 Posted June 21, 2017 The likelihood is that you tried to do an auto upgrade (rather than doing it manually) and it has not completed correctly - if you have any discrepancies in admin file / directory names or those have changed, then that will be the case Ian Quote
vidmarc Posted June 21, 2017 Author Posted June 21, 2017 (edited) I always do manual upgrades. I have admin_XXX.php and an admin folder. I just checked the includes/global.inc.php file andchanged the name of admin to admin_XXX, as per the file. It now works fine, thank you  Strange that the upgrade didn't do this? I spoke too soon! I now get : Security Alert: Possible Cross-Site Request Forgery (CSRF) or browser back button used. when attempting to login. Edited June 21, 2017 by vidmarc Quote
havenswift-hosting Posted June 21, 2017 Posted June 21, 2017 If you had to change the name of the admin file and directory then the upgrade wasnt completed correctly - did you upload /admin directory as is (the likelihood is that this is what you did) or upload the contents of the new /admin directory into your already renamed admin_XXXXXX directory. Check you have 6.1.8 files in the admin directory and if in any doubt, re-upload them Quote
vidmarc Posted June 21, 2017 Author Posted June 21, 2017 (edited) All checked - I really can't work out why it's doing this. Edited June 21, 2017 by vidmarc Quote
vidmarc Posted June 21, 2017 Author Posted June 21, 2017 In php-errors.log: [21-Jun-2017 15:23:17 UTC] PHP Warning:Â Invalid Security Token in htdocs/classes/sanitize.class.php on line 150 Quote
Christopher Short Posted June 21, 2017 Posted June 21, 2017 I think you need https:// for the admin page. You are using SSL for the site? Quote
vidmarc Posted June 21, 2017 Author Posted June 21, 2017 Don't think I've ever used https:// When I do, I get "Unable to connect" Quote
Dirty Butter Posted June 21, 2017 Posted June 21, 2017 OK - SSL shouldn't be the issue. Can you tell if your admin_XXX files are dated when you did the 6.1.8 upgrade? Assuming that's not the problem - please clear ALL cache from within CC except your images. Then clear all your browser cache. Clear your Error_log Try opening your storeURL/admin_XXX.php. Report any error messages and what happens. If you get the CRSF message again on the login screen, try logging in anyway (I see that one frequently myself). Quote
vidmarc Posted June 21, 2017 Author Posted June 21, 2017 admin: Wed, 21 Jun 2017 15:46 I already tried deleting all the cache files, it still gives the same error. Also cleared browser cache. Not sure how to clear the error log. Quote
Dirty Butter Posted June 21, 2017 Posted June 21, 2017 The error_log is at the root of your store (same level with includes and admin_XXX folders in it). Open it and delete all entries. Then try accessing admin again, even if you see the CSRF notice. Report on error_log entries. Do you have any other sites at this level of your domain? I run into CSRF issues because of a Wordpress install on the store domain. Quote
vidmarc Posted June 21, 2017 Author Posted June 21, 2017 (edited) I re-named the errors log, and the system just created a new file with the same error as above. No other sites at this domain. The error only begain after the last upgrade. I am completely unable to access my control panel whilst this error persists. Edited June 21, 2017 by vidmarc Quote
Dirty Butter Posted June 21, 2017 Posted June 21, 2017 I want to try to find a specific admin file that would be different in 6.1.8 compared to what you upgraded from. What did you upgrade from? Quote
Dirty Butter Posted June 21, 2017 Posted June 21, 2017 Check these files to see if the 6.1.8 changes were made: admin_XXX\skins\default\js\admin.js line 72 "matrix_include" == c ? h.attr("name", "option_add[" + c + "][" + options_added + "]") : "set_enabled" == c ? (h.removeAttr("disabled"), h.attr("checked", "checked"), h.parent().addClass("selected"), h.val(1), 1 == d && (h.parent().addClass("selected"), h.attr("checked", "checked")), h.attr("name", "option_add[" + c + "][" + options_added + "]")) : "default" == c || "negative" == c || "absolute_price" == c ? (h.removeAttr("disabled"), $(l[i]).is(":checked") && (h.parent().addClass("selected"), h.attr("checked", "checked"), $(l[i]).removeAttr("checked").parent().removeClass("selected")), h.attr("name", "option_add[" + c + "][" + options_added + "]")) : (d = parseFloat(d, 10).toFixed(2), $(o).find("." + c).append(d).find("input:first").val(parseFloat(d)).removeAttr("disabled")), $(l[i]).val("") admin_XXX\skins\default\templates\dashboard.index.php line 133 <td>{$THEAD_ORDERS.cart_order_id}</td> admin_XXX\skins\default\templates\settings.admins.php line 67 <td><strong>{$section.name}</strong> - {$section.info}</td> admin_XXX\sources\dashboard.index.inc.php lines 40-53 ## Delete admin folder if it exists and shouldn't if($glob['adminFolder']!=='admin' && file_exists(CC_ROOT_DIR.'/admin')) { recursiveDelete(CC_ROOT_DIR.'/admin'); if(file_exists(CC_ROOT_DIR.'/admin')) { $GLOBALS['main']->setACPWarning($lang['dashboard']['delete_admin_folder']); } } ## Delete admin file if it exists and shouldn't if($glob['adminFile']!=='admin.php' && file_exists(CC_ROOT_DIR.'/admin.php')) { unlink(CC_ROOT_DIR.'/admin.php'); if(file_exists(CC_ROOT_DIR.'/admin.php')) { $GLOBALS['main']->setACPWarning($lang['dashboard']['delete_admin_file']); } } Â Quote
vidmarc Posted June 25, 2017 Author Posted June 25, 2017 (edited) I can confirm that all those files are as you've quoted above. And I'm still unable to login due to the same error. Quote  Security Alert: Possible Cross-Site Request Forgery (CSRF) or browser back button used.   Edited June 25, 2017 by vidmarc Quote
Dirty Butter Posted June 25, 2017 Posted June 25, 2017 I can't think of anything else to try, except to rename your .htacess file and let CC create a new one. Assuming that doesn't help, I am out of ammunition. You had problems upgrading to 6.1.7, if I'm remembering correctly, so whatever the issue is, it's probably been around for a while. Quote
vidmarc Posted June 25, 2017 Author Posted June 25, 2017 (edited) I've tried this and again, same error. I just re-checked the php error log and I'm now seeing these warnings: Quote [24-Jun-2017 01:10:21 UTC] PHP Fatal error:Â User dbo462610712 already has more than 'max_user_connections' active connections in /homepages/40/d121509422/htdocs/classes/db/mysqli.class.php on line 38 Quote [24-Jun-2017 01:10:21 UTC] PHP Warning:Â mysqli_options(): Couldn't fetch mysqli in /homepages/40/d121509422/htdocs/classes/db/mysqli.class.php on line 35 Quote [24-Jun-2017 16:40:14 UTC] PHP Warning:Â Security Warning: Illegal array key "amp;products_id" was detected and was removed. in /homepages/40/d121509422/htdocs/classes/sanitize.class.php on line 111 Quote [24-Jun-2017 22:16:53 UTC] PHP Warning:Â Security Warning: Illegal array key "redirect:${#matt=_#context_get('com_opensymphony_xwork2_dispatcher_HttpServletResponse'),#matt_setContentType('text/plain'),#matt_getWriter()_println_('successsuccess'),#matt_getWriter()_flush(),#matt_getWriter()_close()}" was detected and was removed. in /homepages/40/d121509422/htdocs/classes/sanitize.class.php on line 111 Quote [25-Jun-2017 02:08:55 Europe/London] PHP Warning:Â Cannot use a scalar value as an array in /homepages/40/d121509422/htdocs/classes/cubecart.class.php on line 1400 Â Edited June 25, 2017 by vidmarc Quote
Dirty Butter Posted June 25, 2017 Posted June 25, 2017 Hopefully that will give someone clues as to the root problem. Some of that sounds like a host setting issue???? Quote
vidmarc Posted June 26, 2017 Author Posted June 26, 2017 Looks like I'll have to pay for a support package Quote
havenswift-hosting Posted June 26, 2017 Posted June 26, 2017 That might be a good idea but you also need to look at your hosting account - several of the error messages you are getting are serious hosting resource issues Ian Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.