Results 1 to 7 of 7
  1. #1

    Default access denied on index.php

    I've found a strange issue with my install. Whenever a customer clicks on Log In, put in their credentials, and click login, they get the following:

    You don't have permission to access /zencart/index.php on this server
    However, if they go back to the main page via bookmark or address bar, it takes them to the main page and they are logged in.

    If they click on Log Out, they again get the permission denied. But, again, if they manually go back to the main page, it is working and they are logged out.

    I found out what it is doing, but what I do not know is why.

    The URL on my store is:

    [FONT="Courier New"]mydomain.com/zencart/index.php (which works fine)[/FONT]

    The URL on the address bar which gives them the error when they log out is:

    [FONT="Courier New"]myhostingcompany.com/zencart/index.php?main_page=index......[/FONT]

    when in reality, it SHOULD be:

    [FONT="Courier New"]myhostingcompany.com/MYDOMAIN/zencart/index.php?main_page=index....[/FONT] (if I manually type in the "mydomain/" in the URL, it works).

    I must have changed something somewhere which is causing this behavior, but I don't know what it is. Help!

  2. #2
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: access denied on index.php

    Please post your /includes/configure.php file here ... but skip the database password.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  3. #3

    Default Re: access denied on index.php

    <?php
    /**
    *
    * @package Configuration Settings
    * @copyright Copyright 2003-2006 Zen Cart Development Team
    * @copyright Portions Copyright 2003 osCommerce
    * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
    */


    // Define the webserver and path parameters
    // HTTP_SERVER is your Main webserver: eg, http://www.yourdomain.com
    // HTTPS_SERVER is your Secure webserver: eg, https://www.yourdomain.com
    define('HTTP_SERVER', 'http://justclickplay.net');
    define('HTTPS_SERVER', 'https://plus24.safe-order.net');

    // Use secure webserver for checkout procedure?
    define('ENABLE_SSL', 'true');

    // NOTE: be sure to leave the trailing '/' at the end of these lines if you make changes!
    // * DIR_WS_* = Webserver directories (virtual/URL)
    // these paths are relative to top of your webspace ... (ie: under the public_html or httpdocs folder)
    define('DIR_WS_CATALOG', '/zencart/');
    define('DIR_WS_HTTPS_CATALOG', '/justclickplay/zencart/');

    define('DIR_WS_IMAGES', 'images/');
    define('DIR_WS_INCLUDES', 'includes/');
    define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
    define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
    define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
    define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
    define('DIR_WS_DOWNLOAD_PUBLIC', DIR_WS_CATALOG . 'pub/');
    define('DIR_WS_TEMPLATES', DIR_WS_INCLUDES . 'templates/');

    define('DIR_WS_PHPBB', '/www/justclickplay/zencart/');

    // * DIR_FS_* = Filesystem directories (local/physical)
    //the following path is a COMPLETE path to your Zen Cart files. eg: /var/www/vhost/accountname/public_html/store/
    define('DIR_FS_CATALOG', '/www/justclickplay/zencart/');

    define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
    define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');
    define('DIR_WS_UPLOADS', DIR_WS_IMAGES . 'uploads/');
    define('DIR_FS_UPLOADS', DIR_FS_CATALOG . DIR_WS_UPLOADS);
    define('DIR_FS_EMAIL_TEMPLATES', DIR_FS_CATALOG . 'email/');

    // define our database connection
    define('DB_TYPE', 'mysql');
    define('DB_PREFIX', 'zen_');
    define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty
    define('DB_SERVER_USERNAME', '****');
    define('DB_SERVER_PASSWORD', '****');
    define('DB_DATABASE', 'justclickplay_net_-_zencart');
    define('USE_PCONNECT', 'false'); // use persistent connections?
    define('STORE_SESSIONS', 'db'); // leave empty '' for default handler or set to 'db'

    // The next 2 "defines" are for SQL cache support.
    // For SQL_CACHE_METHOD, you can select from: none, database, or file
    // If you choose "file", then you need to set the DIR_FS_SQL_CACHE to a directory where your apache
    // or webserver user has write privileges (chmod 666 or 777). We recommend using the "cache" folder inside the Zen Cart folder
    // ie: /path/to/your/webspace/public_html/zen/cache -- leave no trailing slash
    define('SQL_CACHE_METHOD', 'file');
    define('DIR_FS_SQL_CACHE', '/www/justclickplay/zencart/cache');

    ?>

  4. #4
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: access denied on index.php

    Two things:

    1. I'd suggest making this change:
    Code:
    define('HTTPS_SERVER', 'https://plus24.safe-order.net');
    define('DIR_WS_HTTPS_CATALOG', '/justclickplay/zencart/');
    becomes:
    Code:
    define('HTTPS_SERVER', 'https://plus24.safe-order.net/justclickplay');
    define('DIR_WS_HTTPS_CATALOG', '/zencart/');
    2. You are using a very old copy of Zen Cart. Many bugs have been fixed since the version you're using ... perhaps even the logout problem you mentioned. I strongly recommend upgrading to the latest version before progressing much further.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  5. #5

    Default Re: access denied on index.php

    1. Thanks, DrByte! You are the man (woman? ). I really appreciate your assistance. That change seems to have helped.

    2. I thought so. The version installed is what my provider had pre-packaged. I actually downloaded 1.3.8a last night. Is that the newest version? I've just been hesitant to upgrade because, although I am a computer tech, my specialty is Windows Server and I'm a little shakey on my knowledge of Linux (which is what my hosting company uses), not to mention I'm not too proficient with PHP and CSS. I plan on working on the upgrade.

    How complicated is it? Do you think, based on your perception of my technical skills, it is something I should be able to handle with relative ease? I've printed out these instructions; should that get me going?

    Thanks again for your help!!

  6. #6

    Default Re: access denied on index.php

    Help, Doc!

    I'm working on upgrading to 1.3.8a. I did a clean install into a new dir/db and have gotten as far as installing it (haven't even chmod'd configure.phps yet) and I can't access my admin site -- I get a 403 Forbidden. Here's my admin/includes/configure.php:

    <?php
    /**
    * @package Configuration Settings circa 1.3.8
    * @copyright Copyright 2003-2007 Zen Cart Development Team
    * @copyright Portions Copyright 2003 osCommerce
    * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
    */


    /*************** NOTE: This file is similar, but DIFFERENT from the "store" version of configure.php. ***********/
    /*************** The 2 files should be kept separate and not used to overwrite each other. ***********/

    // Define the webserver and path parameters
    // Main webserver: eg-http://www.your_domain.com -
    // HTTP_SERVER is your Main webserver: eg-http://www.your_domain.com
    // HTTPS_SERVER is your Secure webserver: eg-https://www.your_domain.com
    // HTTP_CATALOG_SERVER is your Main webserver: eg-http://www.your_domain.com
    // HTTPS_CATALOG_SERVER is your Secure webserver: eg-https://www.your_domain.com
    /*
    * URLs for your site will be built via:
    * HTTP_SERVER plus DIR_WS_ADMIN or
    * HTTPS_SERVER plus DIR_WS_HTTPS_ADMIN or
    * HTTP_SERVER plus DIR_WS_CATALOG or
    * HTTPS_SERVER plus DIR_WS_HTTPS_CATALOG
    * ...depending on your system configuration settings
    *
    * If you desire your *entire* admin to be SSL-protected, make sure you use a "https:" URL for all 4 of the following:
    */
    define('HTTP_SERVER', 'http://justclickplay.net');
    define('HTTPS_SERVER', 'https://plus24.safe-order.net');
    define('HTTP_CATALOG_SERVER', 'http://justclickplay.net');
    define('HTTPS_CATALOG_SERVER', 'https://plus24.safe-order.net');

    // Use secure webserver for catalog module and/or admin areas?
    define('ENABLE_SSL_CATALOG', 'true');
    define('ENABLE_SSL_ADMIN', 'true');

    // NOTE: be sure to leave the trailing '/' at the end of these lines if you make changes!
    // * DIR_WS_* = Webserver directories (virtual/URL)
    // these paths are relative to top of your webspace ... (ie: under the public_html or httpdocs folder)
    define('DIR_WS_ADMIN', '/candles/admin/');
    define('DIR_WS_CATALOG', '/candles/');
    define('DIR_WS_HTTPS_ADMIN', '/justclickplay/admin/');
    define('DIR_WS_HTTPS_CATALOG', '/justclickplay/');

    define('DIR_WS_IMAGES', 'images/');
    define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
    define('DIR_WS_CATALOG_IMAGES', HTTP_CATALOG_SERVER . DIR_WS_CATALOG . 'images/');
    define('DIR_WS_CATALOG_TEMPLATE', HTTP_CATALOG_SERVER . DIR_WS_CATALOG . 'includes/templates/');
    define('DIR_WS_INCLUDES', 'includes/');
    define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
    define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
    define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
    define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
    define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
    define('DIR_WS_CATALOG_LANGUAGES', HTTP_CATALOG_SERVER . DIR_WS_CATALOG . 'includes/languages/');

    // * DIR_FS_* = Filesystem directories (local/physical)
    //the following path is a COMPLETE path to your Zen Cart files. eg: /var/www/vhost/accountname/public_html/store/
    define('DIR_FS_ADMIN', '/home/www/justclickplay/candles/admin/');
    define('DIR_FS_CATALOG', '/home/www/justclickplay/candles/');

    define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');
    define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');
    define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');
    define('DIR_FS_CATALOG_TEMPLATES', DIR_FS_CATALOG . 'includes/templates/');
    define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');
    define('DIR_FS_EMAIL_TEMPLATES', DIR_FS_CATALOG . 'email/');
    define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

    // define our database connection
    define('DB_TYPE', 'mysql');
    define('DB_PREFIX', '');
    define('DB_SERVER', 'localhost');
    define('DB_DATABASE', 'sbcandles');
    define('USE_PCONNECT', 'false');
    define('STORE_SESSIONS', 'db');
    // for STORE_SESSIONS, use 'db' for best support, or '' for file-based storage

    // The next 2 "defines" are for SQL cache support.
    // For SQL_CACHE_METHOD, you can select from: none, database, or file
    // If you choose "file", then you need to set the DIR_FS_SQL_CACHE to a directory where your apache
    // or webserver user has write privileges (chmod 666 or 777). We recommend using the "cache" folder inside the Zen Cart folder
    // ie: /path/to/your/webspace/public_html/zen/cache -- leave no trailing slash
    define('SQL_CACHE_METHOD', 'none');
    define('DIR_FS_SQL_CACHE', '/home/www/justclickplay/candles/cache');

    // EOF

  7. #7
    Join Date
    Oct 2006
    Location
    Alberta, Canada
    Posts
    4,571
    Plugin Contributions
    1

    Default Re: access denied on index.php

    // Use secure webserver for catalog module and/or admin areas?
    define('ENABLE_SSL_CATALOG', 'true');
    define('ENABLE_SSL_ADMIN', 'true');

    For testing purposes, both the above should be set to 'false' -- same for your other config file.


    Also, you should change this line in both config files.

    from
    define('SQL_CACHE_METHOD', 'none');

    to
    define('SQL_CACHE_METHOD', 'database');

 

 

Similar Threads

  1. v139h Access Denied error at admin/customers.php
    By fakeDecoy in forum General Questions
    Replies: 5
    Last Post: 14 Sep 2015, 08:53 PM
  2. v150 Cannot access admin/index.php
    By jameyo in forum Upgrading to 1.5.x
    Replies: 8
    Last Post: 4 May 2012, 07:08 PM
  3. Access Denied In Index.php
    By misty16 in forum General Questions
    Replies: 2
    Last Post: 31 Dec 2007, 03:56 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR