BrandyC Posted December 8, 2010 Share Posted December 8, 2010 Hi, On login page load, (even before submitting user name and pass) Debugger finds "permission denied error", can see it here: goldpharm.co.il/authentication.php Now, when a user submit's user name and pass, nothing happens, it stays on the login page. I am not sure in what code the bug is , can you tell by the bug error in this page: goldpharm.co.il/authentication.php ? and how can it be fixed? , should I post the code? Thanks. Quote Link to comment Share on other sites More sharing options...
Buddski Posted December 8, 2010 Share Posted December 8, 2010 You should definitely post SOME code.. Not all.. But first you need to find out which part of the code is to blame for your error. Did you write the authentication system? Quote Link to comment Share on other sites More sharing options...
BrandyC Posted December 8, 2010 Author Share Posted December 8, 2010 I didn't write the code,code is from Prestashop open source, And I have no Idea in what line the bug is, Can you tell when opening debugger in explorer? Quote Link to comment Share on other sites More sharing options...
Buddski Posted December 8, 2010 Share Posted December 8, 2010 Unfortunately no, the code is server side which means it only outputs what it generated aka the error.. to fix the error you need to view the PHP source. Have you tried googling to see if anybody else using that application has the same problem? Quote Link to comment Share on other sites More sharing options...
BrandyC Posted December 8, 2010 Author Share Posted December 8, 2010 Google'd it but couldn't find something that I could use. Any how this is the code, 200+ lines <?php /* SSL Management */ $useSSL = true; include(dirname(__FILE__).'/config/config.inc.php'); include(dirname(__FILE__).'/init.php'); if ($cookie->isLogged()) Tools::redirect('my-account.php'); //CSS ans JS file calls $js_files = array( _THEME_JS_DIR_.'tools/statesManagement.js' ); $errors = array(); $back = Tools::getValue('back'); if (!empty($back)) $smarty->assign('back', Tools::safeOutput($back)); if (Tools::getValue('create_account')) { $create_account = 1; $smarty->assign('email_create', 1); } if (Tools::isSubmit('SubmitCreate')) { if (!Validate::isEmail($email = Tools::getValue('email_create'))) $errors[] = Tools::displayError('invalid e-mail address'); elseif (Customer::customerExists($email)) $errors[] = Tools::displayError('someone has already registered with this e-mail address'); else { $create_account = 1; $smarty->assign('email_create', Tools::safeOutput($email)); $_POST['email'] = $email; } } if (Tools::isSubmit('submitAccount')) { $create_account = 1; $smarty->assign('email_create', 1); if (!Validate::isEmail($email = Tools::getValue('email'))) $errors[] = Tools::displayError('e-mail not valid'); elseif (!Validate::isPasswd(Tools::getValue('passwd'))) $errors[] = Tools::displayError('invalid password'); elseif (Customer::customerExists($email)) $errors[] = Tools::displayError('someone has already registered with this e-mail address'); elseif (!@checkdate(Tools::getValue('months'), Tools::getValue('days'), Tools::getValue('years')) AND !(Tools::getValue('months') == '' AND Tools::getValue('days') == '' AND Tools::getValue('years') == '')) $errors[] = Tools::displayError('invalid birthday'); else { $customer = new Customer(); if (Tools::isSubmit('newsletter')) { $customer->ip_registration_newsletter = pSQL($_SERVER['REMOTE_ADDR']); $customer->newsletter_date_add = pSQL(date('Y-m-d H:i:s')); } $customer->birthday = (empty($_POST['years']) ? '' : intval($_POST['years']).'-'.intval($_POST['months']).'-'.intval($_POST['days'])); /* Customer and address, same fields, caching data */ $addrLastname = isset($_POST['lastname']) ? $_POST['lastname'] : $_POST['customer_lastname']; $addrFirstname = isset( $_POST['firstname']) ? $_POST['firstname'] : $_POST['customer_firstname']; $_POST['lastname'] = $_POST['customer_lastname']; $_POST['firstname'] = $_POST['customer_firstname']; $errors = $customer->validateControler(); $_POST['lastname'] = $addrLastname; $_POST['firstname'] = $addrFirstname; $address = new Address(); $address->id_customer = 1; $errors = array_unique(array_merge($errors, $address->validateControler())); if (!sizeof($errors)) { if (!$country = new Country($address->id_country) OR !Validate::isLoadedObject($country)) die(Tools::displayError()); if (intval($country->contains_states) AND !intval($address->id_state)) $errors[] = Tools::displayError('this country require a state selection'); else { $customer->active = 1; if (!$customer->add()) $errors[] = Tools::displayError('an error occurred while creating your account'); else { $address->id_customer = intval($customer->id); if (!$address->add()) $errors[] = Tools::displayError('an error occurred while creating your address'); else { if (!Mail::Send(intval($cookie->id_lang), 'account', 'Welcome!', array('{firstname}' => $customer->firstname, '{lastname}' => $customer->lastname, '{email}' => $customer->email, '{passwd}' => Tools::getValue('passwd')), $customer->email, $customer->firstname.' '.$customer->lastname)) $errors[] = Tools::displayError('cannot send email'); $smarty->assign('confirmation', 1); $cookie->id_customer = intval($customer->id); $cookie->customer_lastname = $customer->lastname; $cookie->customer_firstname = $customer->firstname; $cookie->passwd = $customer->passwd; $cookie->logged = 1; $cookie->email = $customer->email; Module::hookExec('createAccount', array( '_POST' => $_POST, 'newCustomer' => $customer )); if ($back) Tools::redirect($back); } } } } } } if (Tools::isSubmit('SubmitLogin')) { $passwd = trim(Tools::getValue('passwd')); $email = trim(Tools::getValue('email')); if (empty($email)) $errors[] = Tools::displayError('e-mail address is required'); elseif (!Validate::isEmail($email)) $errors[] = Tools::displayError('invalid e-mail address'); elseif (empty($passwd)) $errors[] = Tools::displayError('password is required'); elseif (Tools::strlen($passwd) > 32) $errors[] = Tools::displayError('password is too long'); elseif (!Validate::isPasswd($passwd)) $errors[] = Tools::displayError('invalid password'); else { $customer = new Customer(); $authentication = $customer->getByemail(trim($email), trim($passwd)); /* Handle brute force attacks */ sleep(1); if (!$authentication OR !$customer->id) $errors[] = Tools::displayError('authentication failed'); else { $cookie->id_customer = intval($customer->id); $cookie->customer_lastname = $customer->lastname; $cookie->customer_firstname = $customer->firstname; $cookie->logged = 1; $cookie->passwd = $customer->passwd; $cookie->email = $customer->email; if (Configuration::get('PS_CART_FOLLOWING') AND (empty($cookie->id_cart) OR Cart::getNbProducts($cookie->id_cart) == 0)) $cookie->id_cart = intval(Cart::lastNoneOrderedCart(intval($customer->id))); $id_address = intval(Address::getFirstCustomerAddressId(intval($customer->id))); $cookie->id_address_delivery = $id_address; $cookie->id_address_invoice = $id_address; Module::hookExec('authentication'); if ($back = Tools::getValue('back')) Tools::redirect($back); Tools::redirect('my-account.php'); } } } if (isset($create_account)) { /* Generate years, months and days */ if (isset($_POST['years']) AND is_numeric($_POST['years'])) $selectedYears = intval($_POST['years']); $years = Tools::dateYears(); if (isset($_POST['months']) AND is_numeric($_POST['months'])) $selectedMonths = intval($_POST['months']); $months = Tools::dateMonths(); if (isset($_POST['days']) AND is_numeric($_POST['days'])) $selectedDays = intval($_POST['days']); $days = Tools::dateDays(); /* Select the most appropriate country */ if (isset($_POST['id_country']) AND is_numeric($_POST['id_country'])) $selectedCountry = intval($_POST['id_country']); elseif (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { $array = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']); if (Validate::isLanguageIsoCode($array[0])) { $selectedCountry = Country::getByIso($array[0]); if (!$selectedCountry) $selectedCountry = intval(Configuration::get('PS_COUNTRY_DEFAULT')); } } if (!isset($selectedCountry)) $selectedCountry = intval(Configuration::get('PS_COUNTRY_DEFAULT')); $countries = Country::getCountries(intval($cookie->id_lang), true); $smarty->assign(array( 'years' => $years, 'sl_year' => (isset($selectedYears) ? $selectedYears : 0), 'months' => $months, 'sl_month' => (isset($selectedMonths) ? $selectedMonths : 0), 'days' => $days, 'sl_day' => (isset($selectedDays) ? $selectedDays : 0), 'countries' => $countries, 'sl_country' => (isset($selectedCountry) ? $selectedCountry : 0) )); /* Call a hook to display more information on form */ $smarty->assign('HOOK_CREATE_ACCOUNT_FORM', Module::hookExec('createAccountForm')); } include(dirname(__FILE__).'/header.php'); $smarty->assign('errors', $errors); Tools::safePostVars(); $smarty->display(_PS_THEME_DIR_.'authentication.tpl'); include(dirname(__FILE__).'/footer.php'); ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.