I am getting this error as well. The store does not have SSL installed. Can the Place Order button be used without SSL installed?
Quote:
Originally Posted by torvista
Printable View
I am getting this error as well. The store does not have SSL installed. Can the Place Order button be used without SSL installed?
Quote:
Originally Posted by torvista
I do my local development using xampp without SSL and don't have an issue using the "Place Order" button from one of my test installations. Are you sure that your admin's /includes/configure.php file doesn't indicate that your store-front uses SSL? If you're not using SSL, then your admin's configure.php file should look similar to:Quote:
Originally Posted by Danielle
Code:/**
* WE RECOMMEND THAT YOU USE SSL PROTECTION FOR YOUR ENTIRE ADMIN:
* To do that, make sure you use a "https:" URL for BOTH the HTTP_SERVER and HTTPS_SERVER entries:
*/
define('HTTP_SERVER', 'http://www.example.com');
define('HTTPS_SERVER', 'https://www.example.com');
define('HTTP_CATALOG_SERVER', 'http://www.example.com');
define('HTTPS_CATALOG_SERVER', 'https://www.example.com');
// secure webserver for admin? Valid choices are 'true' or 'false' (including quotes).
define('ENABLE_SSL_ADMIN', 'false');
// secure webserver for storefront? Valid choices are 'true' or 'false' (including quotes).
define('ENABLE_SSL_CATALOG', 'false');
No, they are both set to false. I just discovered that the login page on the front end is blank even for regular customers though, it's not actually the place order button that is the issue. The problem is with the code in the login/header_php.php file, but I have been unable to determine the cause. No log files are being generated. The site is on version 1.5.1.
Quote:
Originally Posted by lat9
I suggest that you open a new thread about your login page issue; post the contents of your /includes/modules/pages/login/header_php.php file using the 'code' tag (the # symbol in the formatting bar) and check your /logs (or /cache if you're running v1.5.0) folder for any debug-log files.
OK thanks, I will do that then. I just thought it was supposed to go in this thread since it's the code from this module that is making the page go blank. As soon as I remove these code edits, it works fine. No logs are being generated whatsoever though, it's really strange.
Quote:
Originally Posted by lat9
OK, that's different; if removing the module's code corrects your overall login problem, then the issue (obviously) lies with the code you've installed for this module!Quote:
Originally Posted by Danielle
Specifically, which "code edits" do you remove to cause your login page to work again? What version of Encrypted Master Password are you running? What Zen Cart version?
Yes, I just reread my post where I first mentioned my blank login and realized I said I didn't know the cause, but I knew it was this mod, just not what in the mod was causing the issue. So I didn't do a very good job of explaining what was going on. Sorry for the confusion!
I am using the most recent version of the mod as it said it was for 1.5.2 but backwards compatible. The site is running Zen-Cart 1.5.1.
This is the block of code that is breaking the login:
PHP Code:// Check that password is good
//-bof-Encrypted Master Password by stagebrace *** 1/1
//- Start modifications by lat9:
//-bof-a-v1.6.0
} elseif ($emp_login === true) {
$ProceedToLogin = true;
$_SESSION['emp_admin_login'] = true;
$_SESSION['emp_admin_id'] = (int)$_POST['aID'];
//-bof-a-v1.7.0
$sql_data_array = array( 'access_date' => 'now()',
'admin_id' => $_SESSION['emp_admin_id'],
'page_accessed' => 'login.php',
'page_parameters' => '',
'ip_address' => substr($_SERVER['REMOTE_ADDR'],0,45),
'gzpost' => gzdeflate( json_encode( array ( 'action' => 'emp_admin_login' )), 7),
'flagged' => 0,
'attention' => '',
);
zen_db_perform(TABLE_ADMIN_ACTIVITY_LOG, $sql_data_array);
//-eof-a-v1.7.0
//-eof-a-v1.6.0
} else {
//--- Either specific admin ID or an admin within a specific admin profile can use their password to login.
if (!defined('EMP_LOGIN_ADMIN_ID')) define ('EMP_LOGIN_ADMIN_ID', 1); /*lat9-a/c*/
$get_admin_query = "SELECT admin_id, admin_pass
FROM " . TABLE_ADMIN . "
WHERE admin_id = " . (int)EMP_LOGIN_ADMIN_ID; /*lat9-c*/
$check_administrator = $db->Execute($get_admin_query);
$customer = (zen_validate_password($password, $check_customer->fields['customers_password']));
$administrator = (zen_validate_password($password, $check_administrator->fields['admin_pass']));
if ($customer) {
$ProceedToLogin = true;
} elseif ($administrator) {
$ProceedToLogin = true;
$_SESSION['emp_admin_login'] = true; /*lat9-a*/
$_SESSION['emp_admin_id'] = EMP_LOGIN_ADMIN_ID;
} else {
//-bof-lat9-a
if (!defined('EMP_LOGIN_ADMIN_PROFILE_ID')) define ('EMP_LOGIN_ADMIN_PROFILE_ID', 1); /*lat9-a*/
$admin_profile_query = "SELECT admin_id, admin_pass
FROM " . TABLE_ADMIN . "
WHERE admin_profile = " . (int)EMP_LOGIN_ADMIN_PROFILE_ID;
$admin_profiles = $db->Execute($admin_profile_query);
//-eof-lat9-a
$ProceedToLogin = false;
//-bof-lat9-a
while (!$admin_profiles->EOF && !$ProceedToLogin) {
$ProceedToLogin = zen_validate_password($password, $admin_profiles->fields['admin_pass']);
if ($ProceedToLogin) {
$_SESSION['emp_admin_login'] = true;
$_SESSION['emp_admin_id'] = $admin_profiles->fields['admin_id'];
}
$admin_profiles->MoveNext();
}
//-eof-lat9-a
}
}
if (!($ProceedToLogin)) {
//-eof-Encrypted Master Password by stagebrace *** 1/1
Quote:
Originally Posted by lat9
Danielle, I'll have to investigate further tomorrow. Do you have any myDebug*.log files in your /logs folder? Those usually accompany a blank screen.
No, that is really strange too, there are no debug logs at all. I've tried all kinds of permissions settings, but nothing is showing up.
Quote:
Originally Posted by lat9
Danielle, on a hunch, could/would you try commenting out a couple of lines in the /includes/modules/pages/login/header_php.php and let me know if that corrects the issue?
Code:// Check that password is good
//-bof-Encrypted Master Password by stagebrace *** 1/1
//- Start modifications by lat9:
//-bof-a-v1.6.0
} elseif ($emp_login === true) {
$ProceedToLogin = true;
$_SESSION['emp_admin_login'] = true;
$_SESSION['emp_admin_id'] = (int)$_POST['aID'];
//-bof-a-v1.7.0
/*
$sql_data_array = array( 'access_date' => 'now()',
'admin_id' => $_SESSION['emp_admin_id'],
'page_accessed' => 'login.php',
'page_parameters' => '',
'ip_address' => substr($_SERVER['REMOTE_ADDR'],0,45),
'gzpost' => gzdeflate( json_encode( array ( 'action' => 'emp_admin_login' )), 7),
'flagged' => 0,
'attention' => '',
);
zen_db_perform(TABLE_ADMIN_ACTIVITY_LOG, $sql_data_array);
*/
//-eof-a-v1.7.0
//-eof-a-v1.6.0
} else {
//--- Either specific admin ID or an admin within a specific admin profile can use their password to login.
if (!defined('EMP_LOGIN_ADMIN_ID')) define ('EMP_LOGIN_ADMIN_ID', 1); /*lat9-a/c*/
$get_admin_query = "SELECT admin_id, admin_pass
FROM " . TABLE_ADMIN . "
WHERE admin_id = " . (int)EMP_LOGIN_ADMIN_ID; /*lat9-c*/
$check_administrator = $db->Execute($get_admin_query);
$customer = (zen_validate_password($password, $check_customer->fields['customers_password']));
$administrator = (zen_validate_password($password, $check_administrator->fields['admin_pass']));
if ($customer) {
$ProceedToLogin = true;
} elseif ($administrator) {
$ProceedToLogin = true;
$_SESSION['emp_admin_login'] = true; /*lat9-a*/
$_SESSION['emp_admin_id'] = EMP_LOGIN_ADMIN_ID;
} else {
//-bof-lat9-a
if (!defined('EMP_LOGIN_ADMIN_PROFILE_ID')) define ('EMP_LOGIN_ADMIN_PROFILE_ID', 1); /*lat9-a*/
$admin_profile_query = "SELECT admin_id, admin_pass
FROM " . TABLE_ADMIN . "
WHERE admin_profile = " . (int)EMP_LOGIN_ADMIN_PROFILE_ID;
$admin_profiles = $db->Execute($admin_profile_query);
//-eof-lat9-a
$ProceedToLogin = false;
//-bof-lat9-a
while (!$admin_profiles->EOF && !$ProceedToLogin) {
$ProceedToLogin = zen_validate_password($password, $admin_profiles->fields['admin_pass']);
if ($ProceedToLogin) {
$_SESSION['emp_admin_login'] = true;
$_SESSION['emp_admin_id'] = $admin_profiles->fields['admin_id'];
}
$admin_profiles->MoveNext();
}
//-eof-lat9-a
}
}
if (!($ProceedToLogin)) {
//-eof-Encrypted Master Password by stagebrace *** 1/1