"There was a security error when trying to login" - v1.3.8

[Keitex]

I managed to get this upgrade to work by disabling the "Recreate Session" feature in Session under Configuration. Not sure if this is the right thing to do though?

None of the suggestions seem to work for me in this read.

[Keitex]

The above fix has stopped working after a couple of hours.

This is what Ive done now.

I have managed to get my to work by modifying the file init_tlds.php in \includes\init_includes\ to look like this

<?php
/**
* set some top level domain variables
* see {@link http://www.zen-cart.com/wiki/index.p...als#InitSystem wikitutorials} for more details.
*
* @package initSystem
* @copyright Copyright 2003-2005 Zen Cart Development Team
* @copyright Portions Copyright 2003 osCommerce
* @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
* @version $Id: init_tlds.php 2753 2005-12-31 19:17:17Z wilt $
*/
if (!defined('IS_ADMIN_FLAG')) {
die('Illegal Access');
}
$http_domain = zen_get_top_level_domain(HTTP_SERVER);
$https_domain = zen_get_top_level_domain(HTTPS_SERVER);
$current_domain = $current_domain = (($request_type == 'NONSSL') ? $http_domain : $https_domain);
if (defined('HTTP_COOKIE_DOMAIN') && ($request_type == 'NONSSL'))
{
$current_domain = HTTP_COOKIE_DOMAIN;
} elseif (defined('HTTPS_COOKIE_DOMAIN') && ($request_type != 'NONSSL'))
{
$current_domain = HTTPS_COOKIE_DOMAIN;
}

This made the whole site function as it should. Not that I changed from cookieDomain to current_domain which is what it was in the new file.

[letimorlin]

... doesn't anyone ever read the instructions - NEVER NEVER NEVER upgrade your live site without doing a test upgrade and without backups.

Nope guess no, i upgraded from 1.3.8. to 1.3.9. g and it worked out perfect just right on top of the other!, guess i was lucky , but i had to change and move and find files that should be in other places! its good i can zen cart backwards by now, or i would never had done it!

[Picturemom]

Please let me know if this resolve has worked for you long term, because I just tried it and it worked like a charm for me. I had the same problem with the customer login after moving my zen cart from one server to another server on the same hosting company. I have been going crazy trying to get this corrected. Thank you so much for your post.

[DrByte]

YOU REALLY NEED TO UPGRADE to the latest version.
If you continue using the old version which has known security problems, you're setting yourself up to be hacked.

[SgtPepper]

Unfortunately I need to revive this thread (although I'm on 1.3.9h). I've read through every post in it as well as many other threads. These issues started on my client's site last week for no apparent reason. I have not made any changes to the site in two months. Currently there is an SEO expert executing some magic on the site but I doubt this was caused by his changes.

I'm experiencing the following issues:

• Admin Login:
  -Does not log you in, looks like a page refresh, no error message (even when the debugger is on), the securityToken does have a value
  -Forgot password does not send anything (not in junk mail, nothing is sent)
  
  
• Customer Login:
  -Says "There was a security error when trying to login."
  -Forgot password says the email address doesn't exist when it does exist in the DB. Does not send email.

Have tried:

• Deleting .htaccess in /admin
• Deleting my cookies
• In Chrome and Safari
• Turning SSL off
• SSL has not recently changed or been reissued
• Changed permissions for configure.phps to 644 (/includes/configure.php was on 444, /admin/configure.php was 705)
• I've never customized /includes/functions/sessions.php
• session.user_cookies are On
• session.use_only_cookies On

Host is GoDaddy
PHP 5.3.24
ZC 1.3.9h (can't upgrade until end of the year)

Any suggestions or pointings in the right direction is most appreciated.

[www.flaresbridal.com]

Please please I need urgent help!
Out of no where and without making any upgrades my ZEncart website went blank. When I click on the web link here what I see and what my customers see:Your database appears to need patching to a higher level. See Admin->Tools->Server Information to review patch levels.
I tried to log in to the admin but the password is not working. I tried to request a new password but my email is not being recognized.
I am desperate for help to be able to retrieve access to the admin. Any help is appreciated.

[DivaVocals]

Please please I need urgent help!
Out of no where and without making any upgrades my ZEncart website went blank. When I click on the web link here what I see and what my customers see:Your database appears to need patching to a higher level. See Admin->Tools->Server Information to review patch levels.
I tried to log in to the admin but the password is not working. I tried to request a new password but my email is not being recognized.
I am desperate for help to be able to retrieve access to the admin. Any help is appreciated.

Well SOMEONE attempted to run an upgrade on your site otherwise this error wouldn't come up at all.. Suggest you check with your host and see if they "auto-upgraded" your site.. Additionally your post REALLY should have been a NEW post, as your issue is very much NOT related to the subject of this post..