Page 13 of 14 FirstFirst ... 311121314 LastLast
Results 121 to 130 of 138
  1. #121
    Join Date
    Sep 2010
    Posts
    24
    Plugin Contributions
    0

    Default Re: "There was a security error when trying to login" - v1.3.8

    xshaanx -

    That worked perfect. Thanks!

  2. #122
    Join Date
    Apr 2006
    Location
    London, UK
    Posts
    10,569
    Plugin Contributions
    25

    Default Re: "There was a security error when trying to login" - v1.3.8

    A better solution would be to remove the tpl_login file that's already there.

    If this worked it suggests that you're using one of those templates that mistaken copies all the files from template_default and so overrides new versions released with security fixes.

    By simply copying the new file in there instead, you'll then override any future changes to these files and have the same problem again in the future.
    Kuroi Web Design and Development | Twitter

    (Questions answered in the forum only - so that any forum member can benefit - not by personal message)

  3. #123
    Join Date
    Aug 2011
    Posts
    1
    Plugin Contributions
    0

    Default Re: "There was a security error when trying to login" - v1.3.8

    Well I have been having this issue with my zencart and when I checked for that coding, it was in fact already on those pages/scripts, yet I am still getting the security error for customers who try to log in. I have read through the thread, and still not sure why it continues to do this?
    If anyone would like to help me out, with fixing my site, I'd gladly pay for your time and help. I just don't know what else to do at this point.

  4. #124
    Join Date
    Jan 2007
    Location
    Los Angeles, California, United States
    Posts
    10,023
    Plugin Contributions
    32

    Default Re: "There was a security error when trying to login" - v1.3.8

    www . lanikshair . com

    My client's site recently started having this issue. Her site is hosted with Netfirms and they recently did a major server migration of a number of their clients which is when the trouble began. (Prior to the migration all was FINE!!)

    Initially we thought that the issue was due to the fact that Netfirms had not properly re-installed her SSL certificate, but now they have corrected the SSL issue.
    However the error persists..

    I tried disabling SSL in the store to see if the security error goes away, and it does indeed persist whether SSL is on or not.. So I'm fairly certain that the SSL certificate is no longer the issue..

    This store does not use a packaged template, it is a custom template but it was built following all the proper guidelines for creating a custom template, and it does NOT have customized template "login" files. So I checked the following files in the default template:

    • /includes/templates/default_template/templates/tpl_login_default.php
    • /includes/templates/default_template/templates/tpl_timeout_default.php


    I verified that the required security code was in place, but to be safe I deleted and then replaced both files with ones from the Zen Cart zip file download.

    And though I wasn't encountering the error in the Admin area, I deleted and replaced this file as well:

    • /admin/login.php


    I did delete and replace one additional file (based on a suggestion I saw DrByte had posted in another thread on this topic.. http://www.zen-cart.com/forum/showthread.php?t=88106)

    • /includes/functions/sessions.php


    If I switch to the Classic template, instead of the custom template, the problem continues.. This store does not have FEC or COWOA installed. Clearing browser and cookies doesn't help, and I have confirmed that others still have the same issue..

    Server Information:
    Zen Cart 1.3.8a
    Server OS: Linux 2.6.35.8-nx
    Database: MySQL 5.0.91-log
    HTTP Server: Apache/2
    PHP Version: 5.2.17 (Zend: 2.2.0)

    I am plum out of ideas, and could use another set of eyes here (Kuroi, DrByte??? PLEASE!!!)
    My Site - Zen Cart & WordPress integration specialist
    I don't answer support questions via PM. Post add-on support questions in the support thread. The question & the answer will benefit others with similar issues.

  5. #125
    Join Date
    Apr 2006
    Location
    London, UK
    Posts
    10,569
    Plugin Contributions
    25

    Default Re: "There was a security error when trying to login" - v1.3.8

    Not my area of expertise, but it looks to me as though the site may be having problems reading or writing to visitor's session data or creating a session.

    When I look at the login form code being sent to the browser, the hidden security token is declared, but has no value. The value should be taken from the session array, but if that's not accessible, then no value can be assigned.

    The security error then arises because when the form is submitted, Zen Cart checks for the security token, ready to compare it back to the value being held in the session for this visitor. But because it's not there, concludes that this is probably a fraudulent submission.

    So the issue most likely comes back to why cart couldn't read the session to get the original token, or why it couldn't put it in the session in the first place.

    At this point my knowledge runs out and I can suggest only that you ask the webhost what changes they've made that could affect session handling.
    Kuroi Web Design and Development | Twitter

    (Questions answered in the forum only - so that any forum member can benefit - not by personal message)

  6. #126
    Join Date
    Jan 2007
    Location
    Los Angeles, California, United States
    Posts
    10,023
    Plugin Contributions
    32

    Default Re: "There was a security error when trying to login" - v1.3.8

    **sigh** I had already communicated to my client that I suspected that Netfirms has modified something which is the root cause of the issue.. I suggested it was either files, or server settings, but I'm clueless as well.. **sigh**I get that my client is frustrated, but she seems to think there is something magical that I can do to resolve all of these issues.. I am out of ideas..

    Thanks for the insight though.. I've passed the information back on to my client.. Maybe DrByte will pass though and offer some additional insights..

    Quote Originally Posted by kuroi View Post
    Not my area of expertise, but it looks to me as though the site may be having problems reading or writing to visitor's session data or creating a session.

    When I look at the login form code being sent to the browser, the hidden security token is declared, but has no value. The value should be taken from the session array, but if that's not accessible, then no value can be assigned.

    The security error then arises because when the form is submitted, Zen Cart checks for the security token, ready to compare it back to the value being held in the session for this visitor. But because it's not there, concludes that this is probably a fraudulent submission.

    So the issue most likely comes back to why cart couldn't read the session to get the original token, or why it couldn't put it in the session in the first place.

    At this point my knowledge runs out and I can suggest only that you ask the webhost what changes they've made that could affect session handling.
    My Site - Zen Cart & WordPress integration specialist
    I don't answer support questions via PM. Post add-on support questions in the support thread. The question & the answer will benefit others with similar issues.

  7. #127
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: "There was a security error when trying to login" - v1.3.8

    I met the friendly guys at Netfirms at a networking event a couple years ago, and from that conversation opted to try them out for a site I wanted to set up. I found their unconventional control panel to be slow and confusing at best, and most of the time quite useless. When I finally got a store up and running it was obvious that the servers were very poorly tuned and couldn't handle running database-driven sites with any degree of speed or reliability. They seem to serve static pages fine, but that's an extremely limited market.
    I took the site to a shared hosting account on another server and it immediately sprang to life, and have had no issues with it running reliably there.

    I lost some money in wasted months of hosting that I didn't use, and overpriced domain-name-registration fees. But the move to reliable and speedy hosting more than made up for that loss. I probably should have gone back and asked for money back, but I chose to keep the service until the paid months expired. I tested a few other experimental Zen Cart coding ideas with it, and various caching and other addons, but nothing could fix or overcome the performance problems on their servers.

    I suggest you do the same, given that their problems are even worse and from I'm seeing posted lately it doesn't look like they know how to fix what they've broken.

    How many sales have you lost? How long has your store been down? How does that equate to the costs of changing?
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  8. #128
    Join Date
    Jan 2007
    Location
    Los Angeles, California, United States
    Posts
    10,023
    Plugin Contributions
    32

    Default Re: "There was a security error when trying to login" - v1.3.8

    Preaching to the choir sir.. **sigh** That is my recommendation, but she is STUCK on these folks. I've been on her case about Netfirms since the day I took over this site from her previous web developer (who built a static website and could not figure out how to "connect" it to the old osCommerce store). She has a TON of other sites hosted here (I think she let's "friends" host their sites on her hosting account) and she is reluctant to pay money to fix the problem..

    I've pointed out (again) that her hosting company is problematic AND the need to upgrade to Zen Cart 1.3.9, but she is trying to save money. All the while her store is down and she has lost far more than she has saved.. (Store's been down since Friday.. WHO KNOWS how many sales she's lost..)

    Since this posting I discovered that they (Netfirms) screwed up a number of things in this migration:

    • Not re-installing the SSL cert (initially they told my client she didn't have one..)
    • They made a modification to the /includes/functions/sessions.php file which looked like some sort of temporary change to explicitly call out a file path. I have replaced that file with a clean one I had in my site backups for this client.
    • They mucked up the FTP settings so that I could not access the site via FTP and was relegated to using their crappy cPanel FileManager until they fixed that.
    • Somehow in trying to fix the SSL or FTP issues they did something which caused a 500 error when accessing the site admin.
    • Today they removed the sideboxes folder from the default_template (rendering all her WordPress sideboxes INOPERABLE)

    **sigh** will try ONE MORE TIME to convince her to let me move and upgrade this site..

    Thanks for weighing in DrByte.. I've passed on what you an Kuroi have posted here.. She's passed it on to Netfirms..

    Though I'm pretty sure I'll see a live unicorn before they (Netfirms) fixes this..
    My Site - Zen Cart & WordPress integration specialist
    I don't answer support questions via PM. Post add-on support questions in the support thread. The question & the answer will benefit others with similar issues.

  9. #129
    Join Date
    Apr 2006
    Location
    London, UK
    Posts
    10,569
    Plugin Contributions
    25

    Default Re: "There was a security error when trying to login" - v1.3.8

    It's tough being a small professional services business. But there comes a time when you have to ask whether you can really add value to the business of a client who refuses to take your advice.

    We've resigned an account like that in the past year, and it was a big relief once we'd done so. We've also had to say "change your web host, or change your developer, twice". Happily both clients chose the developer!
    Kuroi Web Design and Development | Twitter

    (Questions answered in the forum only - so that any forum member can benefit - not by personal message)

  10. #130
    Join Date
    Jan 2007
    Location
    Los Angeles, California, United States
    Posts
    10,023
    Plugin Contributions
    32

    Default Re: "There was a security error when trying to login" - v1.3.8

    Quote Originally Posted by kuroi View Post
    It's tough being a small professional services business. But there comes a time when you have to ask whether you can really add value to the business of a client who refuses to take your advice.
    Don't I know it..

    I've "resigned" a few clients over the years because it was the best thing for my peace of mind and my business.. In fact I just recently "resigned" a client.. This client refused to take my advice, failed to provide required materials for the site build, failed to make crucial business decesions which would inform the site build and then questioned me about why the site build was not going as planned.. They mistakenly thought that since I was a small business I would just "take it".. They were wrong.. I've had NO regrets at all about ending that contract and setting them free..

    Quote Originally Posted by kuroi View Post
    We've resigned an account like that in the past year, and it was a big relief once we'd done so. We've also had to say "change your web host, or change your developer, twice". Happily both clients chose the developer!
    Sadly this may the place where I am at here too..
    My Site - Zen Cart & WordPress integration specialist
    I don't answer support questions via PM. Post add-on support questions in the support thread. The question & the answer will benefit others with similar issues.

 

 
Page 13 of 14 FirstFirst ... 311121314 LastLast

Similar Threads

  1. Replies: 6
    Last Post: 6 Nov 2011, 05:26 AM
  2. 1.3.9d "There was a security error when trying to login"
    By noderaser in forum General Questions
    Replies: 1
    Last Post: 17 Aug 2010, 07:26 AM
  3. "There was a security error when trying to login" - v1.3.9c
    By lafhaha in forum Upgrading from 1.3.x to 1.3.9
    Replies: 2
    Last Post: 13 Jul 2010, 05:39 PM
  4. "There was a security error when trying to login"
    By TurtleDove in forum General Questions
    Replies: 1
    Last Post: 9 Feb 2010, 04:18 AM
  5. Users cannot login after upgrade - "There was a security error when trying to login"
    By rob.chevalier in forum Upgrading from 1.3.x to 1.3.9
    Replies: 19
    Last Post: 9 Jun 2008, 08:04 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR