Is a Permanent Login (Auto-Login) Possible?

[ryhn]

Ok, I have tried this a couple of times now and I wonder if I could get some help.

I fooled around with the first go around, and I could not get my computer to stay logged in, and I tried it at two different locations.

I then went and downloaded the final version from the contributions. This did not work either. Here is what is happening.

Under the "Create a Customer Profile" I get "TEXT_REMEMBER_ME" next to the tick box at the end of the new customer information. The other logon (login) area has the correct text.

I log in on either side, with a new sign up and a new login and it logs me in fine, but when I leave and come back, I am logged out again.

I have checked and updated the admin to turn on the automatic login in the "Customer Details" area, which was already reading true.

I submitted my sql database changes, so hopefully that is fine as well.

I get the cookie "zencart_cookie_permlogin"

Does anyone have any ideas what may be happening?

Thanks Pat

copy create_account.php
from:
includes\languages\english\
to:
includes\languages\english\your template

add:
define('TEXT_REMEMBER_ME', 'the text you want to add');

[pdprenty]

copy create_account.php
from:
includes\languages\english\
to:
includes\languages\english\your template

add:
define('TEXT_REMEMBER_ME', 'the text you want to add');

Thanks for that ryhn, that did get the text fixed, but it did not fix the actual problem getting logged in permanently.

I think I have spent way too much time on this (hours) going over each line of code, I even tried the other headers that were included in the down load, but I have to give up.

Bottom line, this package/module does not work. I have downloaded from the link on this thread and from the package on the downloads section and after it is all said and done, I do not stay logged on.

I get the cookie but when I return I am not logged in. I have tried it from two different computers/ operating systems and still no go.

Back to pumping in my products,
Pat

[Ryk]

Bottom line, this package/module does not work.

Please be accurate - this does not work for you. I have it working perfectly for a client at www.fastlec.co.uk - or to be accurate myself, I stay logged in and there's been no complaints from his customers that I'm aware of.

[pdprenty]

Please be accurate - this does not work for you. I have it working perfectly for a client at www.fastlec.co.uk - or to be accurate myself, I stay logged in and there's been no complaints from his customers that I'm aware of.

I understand what you are saying and I don't doubt that you have the permlogon working. I would speculate though that you did not get it working from the posted mod.

If I am wrong I apologize.

Seriously though, I have installed quite a few mods and I have every one working. I don't know php, but I do understand the file structure and the basics of how it all works. I can get almost anything working, but for the life of me I can not get this mod to keep me logged in.

I would be interested to hear that someone else has got this mod working from the mod package or the download on this link.


Thanks Pat

[Ryk]

I was the one who packaged this up following the coding work of crazy_chris and kuroi, and the packaging was done after ensuring it worked.

The mod has been downloaded 211 times - apart from yourself, no-one else has posted to say they've had problems. Now I'm not saying that means that nobody HAS had trouble, but with no other issues reported, it does look as if there is something unique to yourself.

Don't forget, people rarely post to say something IS working - which means that the successful ones may not see your request as they won't be subscribed to this thread.

All I can suggest is that you re-download and re-install, just in case something got corrupted.

[pdprenty]

Thanks Ryk for keeping an eye on this thread.

I have downloaded each of the packages (from this thread and the main download area) twice each and tried installing it four different times from two different pysical pc locations and still no luck. I have run the sql quite a few times in different ways and after the first time it says that this has already been done.

After none of that worked, I tried fixing the files by hand from the notes on this thread, still with no effect.

As for the downloading that many times, it is possible that people are downloading it for a later install which is why I was interested in hearing if anyone else had installed it successfully.

It is very possible that the problem is specific to my cart, so hearing that someone else has installed it and it worked would help me troubleshoot.

I went to the site that you have working and you are right, it works perfectly.

I did notice that when I looked at my cookies that my permlogon from my site imbeds a cookie (which doesn't work) but the other site did not. Curious and baffling. I guess it would help if I was more familiar with how cookies/logon really work.

When I have more time I will try again, I would really like this mod for my someday to be cart. I also really appreciate the work you, crazy_chris and kuroi(and many others) have done.

Pat

[BlindSide]

@crazy_chris, kuroi, ryk: Kudos and great job to all of you for a fine addition! This is a must-have feature for Zen Cart, IMO, and I'll be pushing the team to include this feature in 1.4.

To that end I did make some adjustments; just a few issues that would have to be resolved before it would even be considered. I'll send along my revisions shortly, but wanted to let you know the highlights...

• Removed switch for optionally removing the cookie at logoff.
  The cookie is now killed at all logoffs. It's assumed that, when a person logs off, they are indeed off. This also presents something of a security issue if the person logs in from a public terminal; if they check the box, you've now removed any ability for them to remove the cookie, aside from manually removing it from the browser.
  
• Added a switch to change the cookie name.
  Even though cookies are domain-based, they should always have instance-specific names to avoid any possible naming conflicts (e.g. two stores under the same domain).
  
• Added a switch to change the cookie lifetime.
  This is just one of those things that, if you don't have it, someone will ask for it. For a good example of this phenomenon, search the forums for "checkout without account" . Default time is still 1 year, as you had it.

[hareslade]

Hi ryk and all
Well I downloaded whats in 'other' and the contrib works ok for me

Two things
1) If it doesn't work for you, remember that different browsers operate slightly differently when reading instructions to create a cookie. Try a different browser.. works ok on ie6 and firefox for me on my windows pc..

If it gives trouble on a browser, it could the way the browser interprets the cookie path (domain), and if it can't understand it, no cookie gets made.

2) I noticed that starting on home page ('for me') the code which creates the new customer session doesn't tell the page that the session is up and running, presumably because perhaps the session variables are updated after the page has been written.

You can tell this because you still see the 'log in' link at page top, even though the contrib code has made a session and the user has been auto-logged in..

This offering below seems to work, it makes the page refresh after the session is created, so then you get the 'my account' link etc showing as it should, in the site's header.

Find the line with session in as shown, in the index\header_php.php file, add the extra line.

Please note that redirects fail (blank page etc) , if one's got any test 'echo' statements anywhere in the code before it redirects. I guessed the bit with 'zen_get_all_get_params', but it does seem to redirect the page 'back to itself'.

Of course if the customer session didn't get made properly, this system could loop for ever, redirecting.. maybe someone has a fix for that (just in case) if I can't think of one.

Code:

 $_SESSION['cart']->restore_contents();
        zen_redirect( zen_href_link( $_GET['main_page'], zen_get_all_get_params() ) );

[hareslade]

(non-coders please skip?)

..and another odd thing happened, I came back to a page which is part of a thing I'm developing, and the time out page came up, ... as it should, because I'd gone away having been auto logged on, but not returned until after the customer session variable had cleared itself.

This is more for the developers really.. currently the time out page asks you to log on, but of course the auto-log on coding (index\header_php.php) has worked, (in my version redirecting, so the 'my account' link is present at top)

...but theres no point in logging on!

The only thing I tried was transferring the whole code block that starts

Code:

 if (PERMANENT_LOGIN == 'true' ....

into the end of init_sessions file, which is well 'above' the index\header_php.php file.

What I got then, (because the session was now correctly sensed as present) in time_out page, is 'sorry you're not allowed to do that' which is a bit more realistic than demanding a log on.

I see the only way to avoid time_out page appearing ever, is to change all the files which call it to suit auto-log on, that's changing all the cart process files - and even if you did that, I bet the current cart session / process would be affected, as the cart presumably has session variables as well..

So... I think its a good idea putting the re-directing auto log on code into the init_sessions file, rather than the index header, at least I don't get led into logging on when I'm already logged on.

[hareslade]

Well I'm suitably self-chastised now.. the mods I suggested above did have an effect on the operation of auto log in, but there's possibly something else going on with the way servers process and store changed values in session variables.

(My intuition says, 'they' were not expecting people to change session values then use them immediately for decison making, on the same page?)

What my shared server was doing yesterday, is not what its doing today.. I reckon those that have trouble with auto log in have servers like mine, not consistent.
Or alternatively I'm going bonkers and imagining the whole thing?

I've been testing the standard contrib download with an added 'echo' that displays the session value for customer i.d, just after the auto login code section retrieves the cookie and sets the session value. This using only the first page that the browser displays after a re-start of browser.

.. I'll swear blind that sometimes the session customer i.d is still empty, sometimes it is correct. The rest of the page follows suit, giving a log in page when the echo says the session is empty, and not when the echo says the session has a value.

This appears to happen with any browser, so is it to do with how the server physically updates the session variables that the auto log in code has demanded to be set.

so I'm not being much help in this thread :) am I, other than to say, sometimes the server appears not to obey the order to fill the session with values in time, but its hard to believe it ever happened, after one tests again, and it then starts to work properly for ages without a glitch.

But it does possibly explain why some people are having probs with auto login..