Results 1 to 7 of 7
  1. #1
    Join Date
    Nov 2011
    Posts
    37
    Plugin Contributions
    0

    red flag *[Done v1.5.2] Extra long session hash causing troubles on Mountain Lion Server

    Hi,
    I upgraded my server from Lion to Mountain lion, and to my surprise the sql database was deleted in the process. I had a backup of the file structure from time-machine, so I took a new installation of MySQL and restored the contents from the data folder.

    On my server I run one ZenCart installation, one WordPress installation and the Piwik analyses program. Piwik and WordPress are fine, but my ZenCart shows some strange behavior and is unusable. At this moment I have noticed 4 different bugs:

    1) When adding products to a shopping cart, I get a 404 page not found error.
    2) When trying to log in, I get some times a 404 page error, but whatever happened - I am never logged in.
    3) Not able to access the admin part of ZC. When going to the ZC login page, it shows the following text at the bottom: "WARNING: An Error occurred, please refresh the page and try again." Any attempts to sign in just reloads the same page - no matter if I use real or wrong usernames and passwords.
    4) The site is not able to remember the language choice. When I switch from Norwegian to English and choose a product, the site goes back to Norwegian.

    I see that the ZC database includes all users and administrators.

    The site address is www.altikost.no

    Examples from a couple of debug files from cache:
    ---------------------------------

    [29-Dec-2012 08:49:57 UTC] PHP Fatal error: 1062uplicate entry '21f6e63jqd0087scuhljgg5c0d6hmj4cbkr6gslf15936mkln9kvsbqv643acpca' for key 'PRIMARY' :: insert into sessions
    values ('21f6e63jqd0087scuhljgg5c0d6hmj4cbkr6gslf15936mkln9kvsbqv643acpcafjke6rm0p9nehe uhoff2k9oi7c4hhj3jibsngo0', '1356771897', 'c2VjdXJpdHlUb2tlbnxzOjMyOiJiYjU3NmMyZGNjNGYyYTI3OWQ1NjU3Y2E4YjMzYTIxOCI7') in /www/livetstre_net/altikost/includes/classes/db/mysql/query_factory.php on line 101
    ---------------------------------

    [29-Dec-2012 08:46:50 UTC] PHP Fatal error: 1062uplicate entry 'u4ggv7pgjip7ue1pbdjp2ikrjg4rub8671sbfr563l6m4gns9klautktn9b8qe95' for key 'PRIMARY' :: insert into sessions
    values ('u4ggv7pgjip7ue1pbdjp2ikrjg4rub8671sbfr563l6m4gns9klautktn9b8qe95le8ufsmittvihg buo3rod0hq6kq0cf2ddun7dv3', '1356772250', 'c2VjdXJpdHlUb2tlbnxzOjMyOiI1NWI3OTA3NGUwNjJjMjk5NjljZmFjNTNhNmNmMjM0MiI7Y3VzdG9 tZXJzX2hvc3RfYWRkcmVzc3xzOjEyOiIxOTIuMTY4LjEwLjEiO2NhcnRJRHxzOjA6IiI7Y2FydHxPOjE yOiJzaG9wcGluZ0NhcnQiOjc6e3M6ODoiY29udGVudHMiO2E6MDp7fXM6NToidG90YWwiO2k6MDtzOjY 6IndlaWdodCI7aTowO3M6MTI6ImNvbnRlbnRfdHlwZSI7YjowO3M6MTg6ImZyZWVfc2hpcHBpbmdfaXR lbSI7aTowO3M6MjA6ImZyZWVfc2hpcHBpbmdfd2VpZ2h0IjtpOjA7czoxOToiZnJlZV9zaGlwcGluZ19 wcmljZSI7aTowO31uYXZpZ2F0aW9ufE86MTc6Im5hdmlnYXRpb25IaXN0b3J5IjoyOntzOjQ6InBhdGg iO2E6MDp7fXM6ODoic25hcHNob3QiO2E6MDp7fX1jaGVja192YWxpZHxzOjQ6InRydWUiO2xhbmd1YWd lfHM6OToibm9yd2VnaWFuIjtsYW5ndWFnZXNfaWR8czoxOiIyIjtsYW5ndWFnZXNfY29kZXxzOjI6Im5 vIjtjdXJyZW5jeXxzOjM6Ik5PSyI7dG9kYXlfaXN8czoxMDoiMjAxMi0xMi0yOSI7dXBkYXRlRXhwaXJ hdGlvbnN8YjoxO3Nlc3Npb25fY291bnRlcnxiOjE7Y3VzdG9tZXJzX2lwX2FkZHJlc3N8czoxMjoiMTk yLjE2OC4xMC4xIjs=') in /www/livetstre_net/altikost/includes/classes/db/mysql/query_factory.php on line 101
    ---------------------------------

    Really hope someone can help me regarding this!

  2. #2
    Join Date
    Nov 2011
    Posts
    37
    Plugin Contributions
    0

    Default Re: Need help with a mysterious problem

    ps: this is the error according to the :: Zen Cart® Setup - System Inspection.

    When I installed the MySQL database I followed the instructions here:
    http://www.macminivault.com/mysql-mountain-lion/

    In the last step, it says:
    user@computer:$ sudo mkdir /var/mysql; sudo ln -s /tmp/mysql.sock /var/mysql/mysql.sock

    When I run this command in Terminal, it says:
    mkdir: /var/mysql: File exists
    ln: /var/mysql/mysql.sock: File exists

    This command is supposed to "will allow Apache and PHP to access MySQL:"

    Any relevance?

  3. #3
    Join Date
    Nov 2011
    Posts
    37
    Plugin Contributions
    0

    Default Re: Need help with a mysterious problem

    ok - so now I have installed a clean new version of ZC 1.5, using a new empty DB - filled with the demo products. It still has the except same problems! 404 error when adding products to cart and 404 error when trying to register - and errormessage on the login to admin screen. see:
    www.barneland.no

    ------------------
    To start from the beginning:
    Everything was working fine. Sadly - I decided to update my Lion server to Mountain Lion. This for some reason deleted my MySQL databases and removed all my server settings (users, websites, e-mail etc.). I redid all my server settings and installed a new version of MySQL and tried to restore the database files from a backup (file backup - not database backup). After doing this, my site was online again, but had the problems earlier described.

    I have now unistalled MySQL and reinstalled a clean version. I have also now tried to install a clean version of ZenCart to use with my new installation of MySql. Still, both my old previously OK site (altikost.no) and my new clean ZenCart site (barneland.no) have the same problems.

    I have tried various settings for my website (see attachment).

    The new and clean ZC-installation (barneland.no) is rapporting the same problems as my store (I did cut out some of the rambling text):

    [29-Dec-2012 18:40:25 UTC] PHP Fatal error: 1062: Duplicate entry 'vuq8pklqvkgd7898a0p5eun1atp1lvfbl4bnue7651l2hf7jm5bkoo39f1vekeo8' for key 'PRIMARY' :: insert into sessions
    values ('vuq8pklqvkgd7898a0p5eun1atp1lvfbl4bnue7651l2hf7jm5bkoo39f1vekeo8mff36b0j40dpmd thvknkros9sp433c3d6oomql2', '1356807865', ...
    ...EyLTEyLTI5Ijt1cGRhdGVFeHBpcmF0aW9uc3xiOjE7c2Vzc2lvbl9jb3VudGVyfGI6MTtjdXN0b21 lcnNfaXBfYWRkcmVzc3xzOjEyOiIxOTIuMTY4LjEwLjEiOw==') in /www/livetstre_net/altikost2/includes/classes/db/mysql/query_factory.php on line 101


    I have tried about everything I can think of now. Hope anyone can give me more ideas to try...

    Thanx!

    Click image for larger version. 

Name:	web-settings.jpg 
Views:	144 
Size:	62.1 KB 
ID:	11671
    Last edited by einarso; 29 Dec 2012 at 08:37 PM. Reason: attachment added.

  4. #4
    Join Date
    Jun 2003
    Location
    Newcastle UK
    Posts
    2,896
    Blog Entries
    2
    Plugin Contributions
    2

    Default Re: Need help with a mysterious problem

    Hi,

    It does look like a session problem. Specifically the session key length.

    if you know the location of your php.ini, can you please post here the values for:
    session.hash_bits_per_character
    session.hash_function

    From the error it looks like your session id is 96 bytes long, and currently the db definition for Zen Cart only allows for 64 bytes.
    You could increase the field length

    TWO CHANGES:
    1. SQL updates:
    Code:
    ALTER TABLE sessions MODIFY sesskey varchar(255) NOT NULL default '';
    ALTER TABLE whos_online MODIFY session_id varchar(255) NOT NULL default '';
    2. Small edit to /includes/application_top.php
    Code:
          if (isset($_GET[$key]) && strlen($_GET[$key]) > 43) {
    Replace that line with these two lines:
    Code:
          $len = (in_array($key, array('zenid', 'error_message', 'payment_error'))) ? 255 : 43;
          if (isset($_GET[$key]) && strlen($_GET[$key]) > $len) {
    Last edited by wilt; 30 Dec 2012 at 09:41 AM.

  5. #5
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: Need help with a mysterious problem

    Ah, yes, that would be a result of the newer version of PHP in your new server software, which defaults to a longer session key length than what ZC was originally designed for.

    Fix posted: https://github.com/zencart/zencart/c...b4f1b63daefb62
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  6. #6
    Join Date
    Nov 2011
    Posts
    37
    Plugin Contributions
    0

    Default Re: Need help with a mysterious problem

    Here are the lines I can find:

    ; session.hash_bits_per_character
    ; Default Value: 4
    ; Development Value: 5
    ; Production Value: 5

    session.hash_bits_per_character = 5


    session.hash_function = sha512

    ############################################################___

    Running your suggested code on my database actually worked :)
    Attached Images Attached Images  

  7. #7
    Join Date
    Jun 2003
    Location
    Newcastle UK
    Posts
    2,896
    Blog Entries
    2
    Plugin Contributions
    2

    Default Re: Need help with a mysterious problem

    Good to see your session problems are fixed :)

 

 

Similar Threads

  1. Replies: 2
    Last Post: 17 Dec 2014, 12:15 PM
  2. v151 Duplicate entry error on sessions table with new install on Mountain Lion Server
    By jeffmic in forum Installing on a Mac Server
    Replies: 4
    Last Post: 26 Mar 2013, 08:37 AM
  3. v139h MD5 hash key too long - but no hash
    By shqipo in forum Built-in Shipping and Payment Modules
    Replies: 3
    Last Post: 9 Mar 2013, 05:13 AM
  4. v150 SSL on Mac Lion Server
    By einarso in forum Installing on a Mac Server
    Replies: 6
    Last Post: 27 Sep 2012, 09:08 AM
  5. What is causing these extra images?
    By meljen in forum Setting Up Categories, Products, Attributes
    Replies: 2
    Last Post: 16 Jul 2012, 06:53 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR