| ||||||||||
Shopping cart software Solutions for online shops and malls | ||||||||||
|
X-Cart Home | FAQ | Forum rules | Calendar | User manuals | Login |
Making it so they don't have to re-login everytime | ||||
|
|
Thread Tools | Search this Thread |
#21
|
|||||||
|
|||||||
Quote:
If that's true it means you gotta encrypt the password - ugh.
__________________
Following the signature guidelines : xcart pro 3.5.8 - [RedHat] |
|||||||
#22
|
|||||||||
|
|||||||||
Got that worked out.
The crypted password is stored as a variable, so I stored it in a cookie. I then included the login, logintype, and password to query the database. Since the password in the database is crypted, I didn't have to decrypt it. If the query returns null, the person is not logged in. Changes to previous code: reset_cookie.php Code:
set_cookie.php Code:
include/check_useraccount.php Code:
|
|||||||||
#23
|
|||||||
|
|||||||
This is definitely a worthy mod. Can someone bump this to the Custom Templates. Also, have you check to see if this works after implementation? I would like to use this, but don't want to risk hacking my site to screw something else up. Thanks for you hard work and for posting it.
Chris
__________________
Never take life too seriously, cause none of us are getting out of here alive! |
|||||||
#24
|
|||||||||
|
|||||||||
I installed this and it seemed to work just great.
Actually it worked perfect! But, our worst dreams have come true. There is a major security flaw. If you go on the website and login and then go to /admin you are logged in as admin as a normal user. From there I was able to access admin functions and look at orders, make product changes... Not good! ACK! |
|||||||||
#25
|
|||||||||
|
|||||||||
Sorry, i did find that error in my beta testing but didn't think to post up the fix.
I believe I fixed this by adding current_area to my check_useraccount.php Code:
|
|||||||||
#26
|
|||||||||
|
|||||||||
^^ The last part of that code I use to change the welcome back message, as I didn't want to greet them by their login name. Instead: Welcome back, firstname lastname!
If you want to use that as well, you can edit your authbox.tpl to use: Code:
|
|||||||||
#27
|
|||||||||
|
|||||||||
I believe that takes care of everything. If anybody sees anything else, please let me know asap.
|
|||||||||
#28
|
|||||||
|
|||||||
I tried this feature, and I followed every step, including the updates for security, and this is what happened
Code:
I reverted back to the normal state until this error goes away. Any help is greatly appreciated. |
|||||||
#29
|
|||||||
|
|||||||
nevermind. I found my error
|
|||||||
#30
|
|||||||
|
|||||||
One major bug I found
if a customer doesn't check the box, no matter how many times they try and login, it doesnt recognize them. only after they check the box does the store realize they want to log in
|
|||||||
|
|||
X-Cart forums © 2001-2020
|