Hi All,
We’ve had a custom Shopping Cart script developed and working on getting everything into Freeway. We are currently working on getting the scripts back end login into our customers dashboard.
Our setup is that the users log into their dashboard. Once logged in they have the option to login into there shopping carts back end. Our customer dashboard is on a different server then the shopping cart back end. As you can see the code below communicates with the database and retrieves the username and password. Once the user enters the correct username and password they are taken to the http://www.example.com/Script_Shopping/admin.php?ac=products.
The issue I am running into is that the script creates cookies to track if the user is still logged in. For example, if the user logs in to the back end through the dashboard and closes the browser. Then goes back to our customer dashboard and logs in, they will be directly taken back to the shopping cart back end not able to view our dashboard. How can we fix this, does anyone have any suggestions?
— CODE ABOVE —
<?php
session_start();
//TODO allways chenge error_reporting to 0
//error_reporting(E_ALL);
error_reporting(0);
$SETTINGS["script"]='http://www.example.com/Script_Shopping/';
$SETTINGS["mysql_user"]='username';
$SETTINGS["mysql_pass"]='password';
$SETTINGS["hostname"]='255.255.255.255';
$SETTINGS["mysql_database"]='database';
$SETTINGS["useCookie"] = false;
$SETTINGS["per_browse_page"] = 8;
$SETTINGS['pages_delta'] = 3;
$SETTINGS["pages_first_last"] = 2;
$SETTINGS["version"] = '3.0';
$SETTINGS["scriptid"] = '57';
$TABLES['OPTIONS'] = 'stiva_sc_options';
define('_SELF_', $_SERVER['PHP_SELF']);
if (!isset($install) || $install != '1') {
$connection = mysql_connect($SETTINGS["hostname"], $SETTINGS["mysql_user"], $SETTINGS["mysql_pass"]) or die ('Unable to connect to MySQL server.<br ><br >Please make sure you run the <a href="install.php">install.php</a> file and the login details in options.php file are correct.');
$db = mysql_select_db($SETTINGS["mysql_database"], $connection) or die ('request "Unable to select database."');
$sql = "SET NAMES 'utf8'";
$sql_result = mysql_query($sql, $connection) or die ('Could not execute SQL query:<br />'.$sql.'<br /><strong>'.mysql_error().'</strong>');
putenv('TZ=UTC');
$sql = "SET SESSION TIME_ZONE = '+0:00'";
$sql_result = mysql_query($sql, $connection) or die ('Could not execute SQL query:<br />'.$sql.'<br /><strong>'.mysql_error().'</strong>');
$sql = "SELECT * FROM ".$TABLES["OPTIONS"];
$sql_result = mysql_query($sql, $connection) or die ('Could not execute SQL query:<br />'.$sql.'<br /><strong>'.mysql_error().'</strong>');
$SETTINGS_DB = mysql_fetch_assoc($sql_result);
}
/**
*
* Check if the user is logged or not
* @return bool
*/
function isLogged() {
global $SETTINGS, $SETTINGS_DB;
$temp_sid = null;
if ( $SETTINGS["useCookie"] == false ){
if (isset($_SESSION["StivaShoppingCartLogin"])) {
$temp_sid = $_SESSION["StivaShoppingCartLogin"];
}
} else {
if (isset($_COOKIE["StivaShoppingCartLogin"])) {
$temp_sid = $_COOKIE["StivaShoppingCartLogin"];
}
}
$md_sumadmin = md5($SETTINGS_DB["admin_username"].$SETTINGS_DB["admin_password"]);
$md_resadmin = substr($temp_sid, 0, strlen($md_sumadmin));
if (strcmp($md_sumadmin, $md_resadmin) == 0) {
$ts = substr($temp_sid, strlen($md_sumadmin));
if ($ts>time()) {
return true;
}
}
$md_sumwebmaster = md5($SETTINGS_DB["webmaster_username"].$SETTINGS_DB["webmaster_password"]);
$md_reswebmaster = substr($temp_sid, 0, strlen($md_sumwebmaster));
if (strcmp($md_sumwebmaster, $md_reswebmaster) == 0) {
$ts = substr($temp_sid, strlen($md_sumwebmaster));
if ($ts>time()) {
return true;
}
}
return false;
}
function redirect($url) {
echo '<html><head><script type="text/javascript">window.location.href="'.$url.'";</script></head><body></body></html>';
exit(0);
}
// if logged redirect to admin.php
if (isLogged()) {
redirect($SETTINGS["script"].'admin.php?ac=products');
}
if (!empty($_SESSION['cartSysMessage'])) {
$sys_message = $_SESSION['cartSysMessage'];
unset($_SESSION['cartSysMessage']);
} else {
$sys_message = '';
}
if (!empty($_REQUEST['is_submited']) && $_REQUEST['is_submited'] == 1) {
if ($_REQUEST["uname"] == $SETTINGS_DB["admin_username"] && $_REQUEST["pass"] == $SETTINGS_DB["admin_password"]) {
$md_sum = md5($SETTINGS_DB["admin_username"].$SETTINGS_DB["admin_password"]);
$sess_id = $md_sum.strtotime("+1 hour");
if( $SETTINGS["useCookie"] == false ) {
$_SESSION["StivaShoppingCartLogin"] = $sess_id;
} else {
setCookie("StivaShoppingCartLogin", $sess_id, time()+3600);
$_COOKIE["StivaShoppingCartLogin"] = $sess_id;
}
redirect($SETTINGS["script"].'admin.php?ac=products');
} else {
$_SESSION['cartSysMessage'] = 'Incorrect login details.';
redirect(_SELF_);
}
}
?>
— CODE IN THE —
<div id="loginForm" style="position:absolute; left:161px; top:601px; width:281px; height:115px; z-index:2; overflow:visible">
<form name="AdminLogin" action="" method="post">
<div id="TitleUsername" style="position:absolute; left:0px; top:4px; width:79px; height:22px; z-index:1; overflow:visible">
<p class="f-lp">
<span class="Size16px"><img src="../Resources/titleusernamea.gif" border="0" width="74" height="14" alt="Username"/></span>
</p>
</div>
<div id="FieldUsername" style="position:absolute; left:80.858px; top:0px; width:200px; height:24px; z-index:2">
<input name="uname" size="16" class="form_element_FieldUsername"/>
</div>
<div id="TitlePassword" style="position:absolute; left:0.331px; top:44px; width:75px; height:22px; z-index:3; overflow:visible">
<p class="f-lp">
<span class="Size16px"><img src="../Resources/titlepassworda.gif" border="0" width="70" height="14" alt="Password"/></span>
</p>
</div>
<div id="FieldPassword" style="position:absolute; left:80.858px; top:41px; width:200px; height:24px; z-index:4">
<input type="password" name="pass" size="16" class="form_element_FieldUsername"/>
</div>
<div id="LoginBtn" style="position:absolute; left:137px; top:85px; width:58px; height:24px; z-index:5">
<input type="submit" name="submit" value="Login"/>
</div>
<input name="is_submited" value="1" type="hidden"/>
</form>
</div>
<div id="Error" style="position:absolute; left:462px; top:607px; width:376px; height:34px; z-index:3">
<h2 class="sysMessage"><?php echo $sys_message; ?></h2>
</div>
Christian
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options