|
|
 |
 | Admin and Member area does not work |  |
 Posted: Fri Oct 31, 2003 9:57 pm |
 |
|
|
Hello. I have a problem with both the admin area and member area sections. After logging into each applicable section, the system just goes back to the login page, not the applicable member area.
I am running linux/apache. I am running version 2.2 of the randomizer.
Any solutions to this problem?
- Len  |
|
|
|
|
| Posted: Fri Oct 31, 2003 10:04 pm |
|
|
|
Len,
I suggest you read my next post. But, since you're running apache, I wonder if this is a bigger problem.
Dan thought the problem is fixable in Apache...maybe he means on a Unix box. |
|
|
|
|
| Posted: Fri Oct 31, 2003 10:05 pm |
|
|
|
Len,
By next post I meant the one STUCK IN MEMBER AREA |
|
|
|
|
| | |
| Posted: Sat Nov 01, 2003 2:02 am |
|
|
|
Len, You might consider attempting this fix Shadow created: It appears to work, except right now I'm on a IIS Windows box:
There is a security problem with access to files in the users directory but I have a solution for those of you on unix servers. (I don't know if it works on windows servers, I have never worked on one) I created a .htaccess file that you can load into your users directory that will only allow access from the payment processors sites and your own. For some reason when you login instead of giving the index page to the members area it gives the navigation for the members area but leaves the login up. Hopefully Daniel can fix this. I will tell you what I did to fix this later. Here is the .htaccess file
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://YOUR SITE.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.YOUR SITE.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.YOUR SITE.com/rand/ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.YOUR SITE.com/rand/users/ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.paypal.com/ [NC]
RewriteCond %{HTTP_REFERER} !^https://www.paypal.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://paypal.com/ [NC]
RewriteCond %{HTTP_REFERER} !^https://paypal.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.stormpay.com/ [NC]
RewriteCond %{HTTP_REFERER} !^https://www.stormpay.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://stormpay.com/ [NC]
RewriteCond %{HTTP_REFERER} !^https://stormpay.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.assuredpay.com/ [NC]
RewriteCond %{HTTP_REFERER} !^https://www.assuredpay.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://assuredpay.com/ [NC]
RewriteCond %{HTTP_REFERER} !^https://assuredpay.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.egold.com/ [NC]
RewriteCond %{HTTP_REFERER} !^https://www.egold.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://egold.com/ [NC]
RewriteCond %{HTTP_REFERER} !^https://egold.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.intgold.com/ [NC]
RewriteCond %{HTTP_REFERER} !^https://www.intgold.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://intgold.com/ [NC]
RewriteCond %{HTTP_REFERER} !^https://intgold.com/ [NC]
RewriteRule /* http://www.YOUR SITE.com/rand/login.php [R,L]
You need to copy and paste this into its own file, change the YOUR SITE to your site name, name it .htaccess and upload to your users directory.
IMPORTANT you must make sure that the file name is only .htaccess there can be no .txt after it. I find it easiest to change this in my FTP program.
Please notice that I have included all the lower level folders that I have it listed on my site and there is a version with the www and without the www for all the payment processors there is also a http and a https this should cover all the bases.
The last line is the page you want to send unauthorized people to as you see I send them to the login page.
OKAY now it is time for the work around I came up with for the login page re-appearing. It's not fancy but it works.
In the template/main.navigation.php file at line 22 you will see
<a href=<?=$CONFIG->siteurl?>/users/details.php>Account Details</a>
Above this line add another line that says
<a href=<?=$CONFIG->siteurl?>/users/index.php>Members Home</a>
This will add a Members Home link to the top of your members navigation bar.
Now to tell the people that they are actually logged in I edited the login.php
I changed line 22 from
<td colspan=\"2\" align=center class=text><strong>Members Login<br>!</strong></td>
To
<td colspan=\"2\" align=center class=text><strong>Members Login<br> If you already logged in and are seeing this again, look at the navigation bar to your left if you see the Members Home link click
on it. If not please log in!</strong></td>
Now it works and is secure. It will only let links that come from the payment processors or your site in. You can try it on my site if you like
<removed>
Shadow |
|
|
|
|
| I tried your solution, but got internal server error | |
| Posted: Sat Nov 01, 2003 6:31 pm |
|
|
|
Hi,
I tried your solution, but got an internal server error (??)
Also, would your solution be applicable to the admin area problem that I am having that is exactly like the problem with the member area, or should I be doing something different?
Please advise and elaborate if possible. (thanks)
Thanks,
- Len
| supersonicusa wrote: | Len, You might consider attempting this fix Shadow created: It appears to work, except right now I'm on a IIS Windows box:
There is a security problem with access to files in the users directory but I have a solution for those of you on unix servers. (I don't know if it works on windows servers, I have never worked on one) I created a .htaccess file that you can load into your users directory that will only allow access from the payment processors sites and your own. For some reason when you login instead of giving the index page to the members area it gives the navigation for the members area but leaves the login up. Hopefully Daniel can fix this. I will tell you what I did to fix this later. Here is the .htaccess file
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://YOUR SITE.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.YOUR SITE.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.YOUR SITE.com/rand/ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.YOUR SITE.com/rand/users/ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.paypal.com/ [NC]
RewriteCond %{HTTP_REFERER} !^https://www.paypal.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://paypal.com/ [NC]
RewriteCond %{HTTP_REFERER} !^https://paypal.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.stormpay.com/ [NC]
RewriteCond %{HTTP_REFERER} !^https://www.stormpay.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://stormpay.com/ [NC]
RewriteCond %{HTTP_REFERER} !^https://stormpay.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.assuredpay.com/ [NC]
RewriteCond %{HTTP_REFERER} !^https://www.assuredpay.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://assuredpay.com/ [NC]
RewriteCond %{HTTP_REFERER} !^https://assuredpay.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.egold.com/ [NC]
RewriteCond %{HTTP_REFERER} !^https://www.egold.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://egold.com/ [NC]
RewriteCond %{HTTP_REFERER} !^https://egold.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.intgold.com/ [NC]
RewriteCond %{HTTP_REFERER} !^https://www.intgold.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://intgold.com/ [NC]
RewriteCond %{HTTP_REFERER} !^https://intgold.com/ [NC]
RewriteRule /* http://www.YOUR SITE.com/rand/login.php [R,L]
You need to copy and paste this into its own file, change the YOUR SITE to your site name, name it .htaccess and upload to your users directory.
IMPORTANT you must make sure that the file name is only .htaccess there can be no .txt after it. I find it easiest to change this in my FTP program.
Please notice that I have included all the lower level folders that I have it listed on my site and there is a version with the www and without the www for all the payment processors there is also a http and a https this should cover all the bases.
The last line is the page you want to send unauthorized people to as you see I send them to the login page.
OKAY now it is time for the work around I came up with for the login page re-appearing. It's not fancy but it works.
In the template/main.navigation.php file at line 22 you will see
<a href=<?=$CONFIG->siteurl?>/users/details.php>Account Details</a>
Above this line add another line that says
<a href=<?=$CONFIG->siteurl?>/users/index.php>Members Home</a>
This will add a Members Home link to the top of your members navigation bar.
Now to tell the people that they are actually logged in I edited the login.php
I changed line 22 from
<td colspan=\"2\" align=center class=text><strong>Members Login<br>!</strong></td>
To
<td colspan=\"2\" align=center class=text><strong>Members Login<br> If you already logged in and are seeing this again, look at the navigation bar to your left if you see the Members Home link click
on it. If not please log in!</strong></td>
Now it works and is secure. It will only let links that come from the payment processors or your site in. You can try it on my site if you like
<removed>
Shadow |
|
|
|
|
|
| | |
| Posted: Sat Nov 01, 2003 8:34 pm |
|
|
| shadow |
| Addict |
|
|
| Joined: 16 Oct 2003 |
| Posts: 171 |
| Location: Virgin Islands |
|
|
|
|
 |
|
Hi Saxcollector,
Forget the .htaccess and delete from your system. It only works on unix with apache. My guess is that you are running on a different backbone. For more information on this see the following post.
http://www.itwebteamsupport.com/viewtopic.php?t=51
Shadow |
|
|
|
|
| But I am using Linux and apache | |
| Posted: Sat Nov 01, 2003 11:41 pm |
|
|
|
Hello,
However I am running linux and apache. Should this not be the same as unix and apache??
- Len
| shadow wrote: | Hi Saxcollector,
Forget the .htaccess and delete from your system. It only works on unix with apache. My guess is that you are running on a different backbone. For more information on this see the following post.
http://www.itwebteamsupport.com/viewtopic.php?t=51
Shadow |
|
|
|
|
|
| Posted: Sun Nov 02, 2003 12:23 am |
|
|
| shadow |
| Addict |
|
|
| Joined: 16 Oct 2003 |
| Posts: 171 |
| Location: Virgin Islands |
|
|
|
|
|
|
Hi again Len,
Are you upgrading or doing a new install?
Shadow |
|
|
|
|
| I am doing a new install | |
| Posted: Sun Nov 02, 2003 4:17 am |
|
|
|
Hello again,
I am doing a new install. This is getting very frustrating.  Daniel says that it is because I am not running a unix server, but I do not see the difference between a unix server running apache and a linux server running apache.
Any help you can provide, and have provided, is very appreciated.
- Len
| shadow wrote: | Hi again Len,
Are you upgrading or doing a new install?
Shadow |
|
|
|
|
|
| Re: But I am using Linux and apache | |
| Posted: Mon Nov 03, 2003 9:39 am |
|
|
| LittleFoot_1 |
| Visitor |
|
|
| Joined: 23 Oct 2003 |
| Posts: 20 |
| Location: US |
|
|
|
|
|
|
| saxcollector wrote: | | However I am running linux and apache. Should this not be the same as unix and apache?? |
My server has:
Operating system: Linux
Apache version: 1.3.28 (Unix)
I think they all work together. 
Jaime |
|
|
|
|
|
|
