X-Cart: shopping cart software
Page 4 of 7 « First < 23 4 56 > Last »
Show 40 posts from this thread on one page

X-Cart forums (https://forum.x-cart.com/index.php)
-   Dev Questions (https://forum.x-cart.com/forumdisplay.php?f=20)
-   -   Making it so they don't have to re-login everytime (https://forum.x-cart.com/showthread.php?t=2752)

toonarific 07-30-2003 07:19 AM
and is there a way to only have the 'remember me' check box appear on the customer's home page, and not the admin page?

Jon 07-30-2003 09:36 AM
Re: One major bug I found
 
Quote:
Originally Posted by toonarific
if a customer doesn't check the box, no matter how many times they try and login, it doesnt recognize them. only after they check the box does the store realize they want to log in

I haven't had this problem.

Jon 07-30-2003 09:45 AM
Quote:
Originally Posted by toonarific
and is there a way to only have the 'remember me' check box appear on the customer's home page, and not the admin page?

I have my admin section on a secure url, so I have seperate auth.tpl's.

You could probably just edit your auth.tpl with something like this:

Code:
{if $redirect ne "admin"}


<input type="checkbox" name="remember" value="Y"> <font size="1">Remember Me</font>
{else}
<input type="hidden" name="remember" value="">
{/if}

toonarific 07-30-2003 09:56 AM
I just tried that. It does make the checkbox go away, but then when I try to login I get a cgi error. Also, I noticed that after I login with the checkbox, the only way it recoginzes when I logout is when I completely close the browser and reopen it.

Jon 08-01-2003 03:34 PM
I'm sure you've made errors in your coding.

I don't know how you get a cgi error when your working with php ?!?

bbf 08-17-2003 02:10 PM
Nice work, Jon.

I haven't looked at your code thoroughly, but right off the bat I'll give you some advice. The proper, secure way to store logins is to use sessions.

The only thing you store on the user's machine is a cookie with the SESSIONID. When that cookie expires, the user is logged out. You then store the username/password in the session that matches the SESSIONID in the cookie.

This way you don't need to work about encryption or any reverse engineering on the crypt method by a session hijacker.


Ideally, Xcart should leave the user logged in forever, but then authenticate if the user goes into sensitive areas like Checkout, Modify Profile, Modify Credit Card, etc. This is how most large sites do it (e.g. Amazon).

minorgod 09-23-2003 09:11 AM
X-Cart does use sessions to store auth info. Sessions generally expire. That's the point of all this cookie talk. Nobody wants to store inactive sessions in their database for months on end.

xcell67 05-09-2004 08:14 PM
Hmm, I had this working on 3.4.14 but can't get it to work on 3.5.x, anyone else have any luck using this for 3.5.x? If you did, can you please paste your code for login.php, check_useraccount.php and auth.tpl?

Thanks

g0t0pless 10-22-2004 09:48 PM
Jon: I am anxious to try this mod, but I have 2 things I want to discuss first.

1: Does it work woth 4.0.X?
2: Can you please repost in a single post, all the codes needed to be changed? I tried to follow along, but there are fixes for fixes posted later in the thread. An all-in-one reply would be great, so we can just follow along in a single post rather than jumping all around.

And hey, thanks for the awesome job. People like you keep this place alive.

Jon 10-23-2004 06:08 PM
I don't know what versions it will work on, likely it would need adaptation for the 3.5.x and 4.0.x versions. I don't have time to work on this.

Jon


All times are GMT -8. The time now is 08:42 AM.
Page 4 of 7 « First < 23 4 56 > Last »
Show 40 posts from this thread on one page

Powered by vBulletin Version 3.5.4
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.