lisajef Posted October 18, 2011 Share Posted October 18, 2011 Hi all, since yesterday in the back office of my shop, each time I click on a tab, make a change or do anything at all, I get asked again for my password. I introduce the password and enter again, but the same happens. Can anyone tell me why this may be happening? Thanks! Link to comment Share on other sites More sharing options...
Mike Kranzler Posted October 18, 2011 Share Posted October 18, 2011 Hi lisa, This sounds like an issue with your browser's cookies. Can you please try accessing your Back Office using a different one to see if the issue is restricted to that browser? -Mike Link to comment Share on other sites More sharing options...
mothershop Posted October 20, 2011 Share Posted October 20, 2011 I have exactly the same problem! I used different browsers, computers and even reset cookies. Link to comment Share on other sites More sharing options...
Mike Kranzler Posted October 20, 2011 Share Posted October 20, 2011 Hi lisajef and mothershop, Do you recall making any changes or edits in the days leading up to this issue appearing for the first time? And can you please each post a screenshot of your Back Office > Preferences settings for me? -Mike Link to comment Share on other sites More sharing options...
mothershop Posted October 24, 2011 Share Posted October 24, 2011 I found someone thaat has solved the problem but I can't find the line to edit. Have a look So here’s what you should do. Download the cookie.php file using your FTP software. The file is inside the /classes folder. For PrestaShop Version 1.3.x.x Open cookie.php and look for these codes and delete them (or preferably comment them out): 1 2 3 4 if ($this->id_employee AND Validate::isUnsignedId($this->id_employee) AND Employee::checkPassword(intval($this->id_employee), $this->passwd) AND (!isset($this->_content['remote_addr']) OR $this->_content['remote_addr'] == ip2long(Tools::getRemoteAddr()))) Replace the codes above with this: 1 2 if ($this->id_employee AND Validate::isUnsignedId($this->id_employee) AND Employee::checkPassword(intval($this->id_employee), $this->passwd)) For PrestaShop Version 1.4.x.x For version 1.4, look for the codes below and comment the first line out. 1 2 AND (!isset($this->_content['remote_addr']) OR $this->_content['remote_addr'] == ip2long(Tools::getRemoteAddr())) It should look like this: 1 2 //AND (!isset($this->_content['remote_addr']) OR $this->_content['remote_addr'] == ip2long(Tools::getRemoteAddr())) Now clear your browser cache and restart your browser. The auto-logout issues should be resolved now. It worked for me; I hope it does for you. Good luck! [/php] Link to comment Share on other sites More sharing options...
mothershop Posted October 24, 2011 Share Posted October 24, 2011 This is my cookie.php <?php /* * 2007-2011 PrestaShop * * NOTICE OF LICENSE * * This source file is subject to the Open Software License (OSL 3.0) * that is bundled with this package in the file LICENSE.txt. * It is also available through the world-wide-web at this URL: * http://opensource.org/licenses/osl-3.0.php * If you did not receive a copy of the license and are unable to * obtain it through the world-wide-web, please send an email * to [email protected] so we can send you a copy immediately. * * DISCLAIMER * * Do not edit or add to this file if you wish to upgrade PrestaShop to newer * versions in the future. If you wish to customize PrestaShop for your * needs please refer to http://www.prestashop.com for more information. * * @author PrestaShop SA <[email protected]> * @copyright 2007-2011 PrestaShop SA * @version Release: $Revision: 7398 $ * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0) * International Registered Trademark & Property of PrestaShop SA */ class CookieCore { /** @var array Contain cookie content in a key => value format */ protected $_content; /** @var array Crypted cookie name for setcookie() */ protected $_name; /** @var array expiration date for setcookie() */ protected $_expire; /** @var array Website domain for setcookie() */ protected $_domain; /** @var array Path for setcookie() */ protected $_path; /** @var array cipher tool instance */ protected $_cipherTool; /** @var array cipher tool initialization key */ protected $_key; /** @var array cipher tool initilization vector */ protected $_iv; protected $_modified = false; /** * Get data if the cookie exists and else initialize an new one * * @param $name Cookie name before encrypting * @param $path */ public function __construct($name, $path = '', $expire = NULL) { $this->_content = array(); $this->_expire = isset($expire) ? (int)($expire) : (time() + 1728000); $this->_name = md5($name); $this->_path = trim(__PS_BASE_URI__.$path, '/\\').'/'; if ($this->_path{0} != '/') $this->_path = '/'.$this->_path; $this->_path = rawurlencode($this->_path); $this->_path = str_replace('%2F', '/', $this->_path); $this->_path = str_replace('%7E', '~', $this->_path); $this->_key = _COOKIE_KEY_; $this->_iv = _COOKIE_IV_; $this->_domain = $this->getDomain(); if (Configuration::get('PS_CIPHER_ALGORITHM')) $this->_cipherTool = new Rijndael(_RIJNDAEL_KEY_, _RIJNDAEL_IV_); else $this->_cipherTool = new Blowfish($this->_key, $this->_iv); $this->update(); } protected function getDomain() { $r = '!(?\w+)://)?(?\w+)\\w+)@)?([^/:]+)?(?:\\d*))?([^#?]+)?(?:\?([^#]+))?(?:#(.+$))?!i'; preg_match ($r, Tools::getHttpHost(false, false), $out); if (preg_match('/^(((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]{1}[0-9]|[1-9]).)'. '{1}((25[0-5]|2[0-4][0-9]|[1]{1}[0-9]{2}|[1-9]{1}[0-9]|[0-9]).)'. '{2}((25[0-5]|2[0-4][0-9]|[1]{1}[0-9]{2}|[1-9]{1}[0-9]|[0-9]){1}))$/', $out[4])) return false; if (!strstr(Tools::getHttpHost(false, false), '.')) return false; $domain = $out[4]; $subDomains = SubDomain::getSubDomains(); if ($subDomains === false) die(Tools::displayError('Bad SubDomain SQL query.')); foreach ($subDomains AS $subDomain) { $subDomainLength = strlen($subDomain) + 1; if (strncmp($subDomain.'.', $domain, $subDomainLength) == 0) $domain = substr($domain, $subDomainLength); } return $domain; } /** * Set expiration date * * @param integer $expire Expiration time from now */ function setExpire($expire) { $this->_expire = (int)($expire); } /** * Magic method wich return cookie data from _content array * * @param $key key wanted * @return string value corresponding to the key */ public function __get($key) { return isset($this->_content[$key]) ? $this->_content[$key] : false; } /** * Magic method which check if key exists in the cookie * * @param $key key wanted * @return boolean key existence */ public function __isset($key) { return isset($this->_content[$key]); } /** * Magic method wich add data into _content array * * @param $key key desired * @param $value value corresponding to the key */ public function __set($key, $value) { if (is_array($value)) die(Tools::displayError()); if (preg_match('/¤|\|/', $key.$value)) throw new Exception('Forbidden chars in cookie'); if (!$this->_modified AND (!isset($this->_content[$key]) OR (isset($this->_content[$key]) AND $this->_content[$key] != $value))) $this->_modified = true; $this->_content[$key] = $value; $this->write(); } /** * Magic method wich delete data into _content array * * @param $key key wanted */ public function __unset($key) { if (isset($this->_content[$key])) $this->_modified = true; unset($this->_content[$key]); $this->write(); } /** * Check customer informations saved into cookie and return customer validity * * @return boolean customer validity */ public function isLogged($withGuest = false) { if (!$withGuest AND $this->is_guest == 1) return false; /* Customer is valid only if it can be load and if cookie password is the same as database one */ if ($this->logged == 1 AND $this->id_customer AND Validate::isUnsignedId($this->id_customer) AND Customer::checkPassword((int)($this->id_customer), $this->passwd)) return true; return false; } /** * Check employee informations saved into cookie and return employee validity * * @return boolean employee validity */ public function isLoggedBack() { /* Employee is valid only if it can be load and if cookie password is the same as database one */ return ($this->id_employee AND Validate::isUnsignedId($this->id_employee) AND Employee::checkPassword((int)$this->id_employee, $this->passwd) AND (!isset($this->_content['remote_addr']) OR $this->_content['remote_addr'] == ip2long(Tools::getRemoteAddr()) OR !Configuration::get('PS_COOKIE_CHECKIP')) ); } /** * Delete cookie */ public function logout() { $this->_content = array(); $this->_setcookie(); unset($_COOKIE[$this->_name]); $this->_modified = true; $this->write(); } /** * Soft logout, delete everything links to the customer * but leave there affiliate's informations */ public function mylogout() { unset($this->_content['id_customer']); unset($this->_content['id_guest']); unset($this->_content['is_guest']); unset($this->_content['id_connections']); unset($this->_content['customer_lastname']); unset($this->_content['customer_firstname']); unset($this->_content['passwd']); unset($this->_content['logged']); unset($this->_content['email']); unset($this->_content['id_cart']); unset($this->_content['id_address_invoice']); unset($this->_content['id_address_delivery']); $this->_modified = true; $this->write(); } function makeNewLog() { unset($this->_content['id_customer']); unset($this->_content['id_guest']); Guest::setNewGuest($this); $this->_modified = true; } /** * Get cookie content */ function update($nullValues = false) { if (isset($_COOKIE[$this->_name])) { /* Decrypt cookie content */ $content = $this->_cipherTool->decrypt($_COOKIE[$this->_name]); /* Get cookie checksum */ $checksum = crc32($this->_iv.substr($content, 0, strrpos($content, '¤') + 2)); /* Unserialize cookie content */ $tmpTab = explode('¤', $content); foreach ($tmpTab AS $keyAndValue) { $tmpTab2 = explode('|', $keyAndValue); if (sizeof($tmpTab2) == 2) $this->_content[$tmpTab2[0]] = $tmpTab2[1]; } /* Blowfish fix */ if (isset($this->_content['checksum'])) $this->_content['checksum'] = (int)($this->_content['checksum']); /* Check if cookie has not been modified */ if (!isset($this->_content['checksum']) OR $this->_content['checksum'] != $checksum) $this->logout(); if (!isset($this->_content['date_add'])) $this->_content['date_add'] = date('Y-m-d H:i:s'); } else $this->_content['date_add'] = date('Y-m-d H:i:s'); //checks if the language exists, if not choose the default language if (!Language::getLanguage((int)$this->id_lang)) $this->id_lang = Configuration::get('PS_LANG_DEFAULT'); } /** * Setcookie according to php version */ protected function _setcookie($cookie = NULL) { if ($cookie) { $content = $this->_cipherTool->encrypt($cookie); $time = $this->_expire; } else { $content = 0; $time = time() - 1; } if (PHP_VERSION_ID <= 50200) /* PHP version > 5.2.0 */ return setcookie($this->_name, $content, $time, $this->_path, $this->_domain, 0); else return setcookie($this->_name, $content, $time, $this->_path, $this->_domain, 0, true); } /** * Save cookie with setcookie() */ public function write() { $cookie = ''; /* Serialize cookie content */ if (isset($this->_content['checksum'])) unset($this->_content['checksum']); foreach ($this->_content AS $key => $value) $cookie .= $key.'|'.$value.'¤'; /* Add checksum to cookie */ $cookie .= 'checksum|'.crc32($this->_iv.$cookie); /* Cookies are encrypted for evident security reasons */ return $this->_setcookie($cookie); } /** * Get a family of variables (e.g. "filter_") */ public function getFamily($origin) { $result = array(); if (count($this->_content) == 0) return $result; foreach ($this->_content AS $key => $value) if (strncmp($key, $origin, strlen($origin)) == 0) $result[$key] = $value; return $result; } /** * */ public function unsetFamily($origin) { $family = $this->getFamily($origin); foreach (array_keys($family) AS $member) unset($this->$member); } /** * * @return String name of cookie */ public function getName() { return $this->_name; } } Link to comment Share on other sites More sharing options...
Mike Kranzler Posted October 24, 2011 Share Posted October 24, 2011 Hi mothershop, Per the discussion above, the change you are trying to make is below: <?php /* * 2007-2011 PrestaShop * * NOTICE OF LICENSE * * This source file is subject to the Open Software License (OSL 3.0) * that is bundled with this package in the file LICENSE.txt. * It is also available through the world-wide-web at this URL: * http://opensource.or...ses/osl-3.0.php * If you did not receive a copy of the license and are unable to * obtain it through the world-wide-web, please send an email * to [email protected] so we can send you a copy immediately. * * DISCLAIMER * * Do not edit or add to this file if you wish to upgrade PrestaShop to newer * versions in the future. If you wish to customize PrestaShop for your * needs please refer to http://www.prestashop.com for more information. * * @author PrestaShop SA <[email protected]> * @copyright 2007-2011 PrestaShop SA * @version Release: $Revision: 7398 $ * @license http://opensource.or...ses/osl-3.0.php Open Software License (OSL 3.0) * International Registered Trademark & Property of PrestaShop SA */ class CookieCore { /** @var array Contain cookie content in a key => value format */ protected $_content; /** @var array Crypted cookie name for setcookie() */ protected $_name; /** @var array expiration date for setcookie() */ protected $_expire; /** @var array Website domain for setcookie() */ protected $_domain; /** @var array Path for setcookie() */ protected $_path; /** @var array cipher tool instance */ protected $_cipherTool; /** @var array cipher tool initialization key */ protected $_key; /** @var array cipher tool initilization vector */ protected $_iv; protected $_modified = false; /** * Get data if the cookie exists and else initialize an new one * * @param $name Cookie name before encrypting * @param $path */ public function __construct($name, $path = '', $expire = NULL) { $this->_content = array(); $this->_expire = isset($expire) ? (int)($expire) : (time() + 1728000); $this->_name = md5($name); $this->_path = trim(__PS_BASE_URI__.$path, '/\\').'/'; if ($this->_path{0} != '/') $this->_path = '/'.$this->_path; $this->_path = rawurlencode($this->_path); $this->_path = str_replace('%2F', '/', $this->_path); $this->_path = str_replace('%7E', '~', $this->_path); $this->_key = _COOKIE_KEY_; $this->_iv = _COOKIE_IV_; $this->_domain = $this->getDomain(); if (Configuration::get('PS_CIPHER_ALGORITHM')) $this->_cipherTool = new Rijndael(_RIJNDAEL_KEY_, _RIJNDAEL_IV_); else $this->_cipherTool = new Blowfish($this->_key, $this->_iv); $this->update(); } protected function getDomain() { $r = '!(?\w+)://)?(?\w+)\\w+)@)?([^/:]+)?(?:\\d*))?([^#?]+)?(?:\?([^#]+))?(?:#(.+$))?!i'; preg_match ($r, Tools::getHttpHost(false, false), $out); if (preg_match('/^(((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]{1}[0-9]|[1-9]).)'. '{1}((25[0-5]|2[0-4][0-9]|[1]{1}[0-9]{2}|[1-9]{1}[0-9]|[0-9]).)'. '{2}((25[0-5]|2[0-4][0-9]|[1]{1}[0-9]{2}|[1-9]{1}[0-9]|[0-9]){1}))$/', $out[4])) return false; if (!strstr(Tools::getHttpHost(false, false), '.')) return false; $domain = $out[4]; $subDomains = SubDomain::getSubDomains(); if ($subDomains === false) die(Tools::displayError('Bad SubDomain SQL query.')); foreach ($subDomains AS $subDomain) { $subDomainLength = strlen($subDomain) + 1; if (strncmp($subDomain.'.', $domain, $subDomainLength) == 0) $domain = substr($domain, $subDomainLength); } return $domain; } /** * Set expiration date * * @param integer $expire Expiration time from now */ function setExpire($expire) { $this->_expire = (int)($expire); } /** * Magic method wich return cookie data from _content array * * @param $key key wanted * @return string value corresponding to the key */ public function __get($key) { return isset($this->_content[$key]) ? $this->_content[$key] : false; } /** * Magic method which check if key exists in the cookie * * @param $key key wanted * @return boolean key existence */ public function __isset($key) { return isset($this->_content[$key]); } /** * Magic method wich add data into _content array * * @param $key key desired * @param $value value corresponding to the key */ public function __set($key, $value) { if (is_array($value)) die(Tools::displayError()); if (preg_match('/¤|\|/', $key.$value)) throw new Exception('Forbidden chars in cookie'); if (!$this->_modified AND (!isset($this->_content[$key]) OR (isset($this->_content[$key]) AND $this->_content[$key] != $value))) $this->_modified = true; $this->_content[$key] = $value; $this->write(); } /** * Magic method wich delete data into _content array * * @param $key key wanted */ public function __unset($key) { if (isset($this->_content[$key])) $this->_modified = true; unset($this->_content[$key]); $this->write(); } /** * Check customer informations saved into cookie and return customer validity * * @return boolean customer validity */ public function isLogged($withGuest = false) { if (!$withGuest AND $this->is_guest == 1) return false; /* Customer is valid only if it can be load and if cookie password is the same as database one */ if ($this->logged == 1 AND $this->id_customer AND Validate::isUnsignedId($this->id_customer) AND Customer::checkPassword((int)($this->id_customer), $this->passwd)) return true; return false; } /** * Check employee informations saved into cookie and return employee validity * * @return boolean employee validity */ public function isLoggedBack() { /* Employee is valid only if it can be load and if cookie password is the same as database one */ return ($this->id_employee AND Validate::isUnsignedId($this->id_employee) AND Employee::checkPassword((int)$this->id_employee, $this->passwd) //AND (!isset($this->_content['remote_addr']) OR $this->_content['remote_addr'] == ip2long(Tools::getRemoteAddr()) OR !Configuration::get('PS_COOKIE_CHECKIP')) ); } /** * Delete cookie */ public function logout() { $this->_content = array(); $this->_setcookie(); unset($_COOKIE[$this->_name]); $this->_modified = true; $this->write(); } /** * Soft logout, delete everything links to the customer * but leave there affiliate's informations */ public function mylogout() { unset($this->_content['id_customer']); unset($this->_content['id_guest']); unset($this->_content['is_guest']); unset($this->_content['id_connections']); unset($this->_content['customer_lastname']); unset($this->_content['customer_firstname']); unset($this->_content['passwd']); unset($this->_content['logged']); unset($this->_content['email']); unset($this->_content['id_cart']); unset($this->_content['id_address_invoice']); unset($this->_content['id_address_delivery']); $this->_modified = true; $this->write(); } function makeNewLog() { unset($this->_content['id_customer']); unset($this->_content['id_guest']); Guest::setNewGuest($this); $this->_modified = true; } /** * Get cookie content */ function update($nullValues = false) { if (isset($_COOKIE[$this->_name])) { /* Decrypt cookie content */ $content = $this->_cipherTool->decrypt($_COOKIE[$this->_name]); /* Get cookie checksum */ $checksum = crc32($this->_iv.substr($content, 0, strrpos($content, '¤') + 2)); /* Unserialize cookie content */ $tmpTab = explode('¤', $content); foreach ($tmpTab AS $keyAndValue) { $tmpTab2 = explode('|', $keyAndValue); if (sizeof($tmpTab2) == 2) $this->_content[$tmpTab2[0]] = $tmpTab2[1]; } /* Blowfish fix */ if (isset($this->_content['checksum'])) $this->_content['checksum'] = (int)($this->_content['checksum']); /* Check if cookie has not been modified */ if (!isset($this->_content['checksum']) OR $this->_content['checksum'] != $checksum) $this->logout(); if (!isset($this->_content['date_add'])) $this->_content['date_add'] = date('Y-m-d H:i:s'); } else $this->_content['date_add'] = date('Y-m-d H:i:s'); //checks if the language exists, if not choose the default language if (!Language::getLanguage((int)$this->id_lang)) $this->id_lang = Configuration::get('PS_LANG_DEFAULT'); } /** * Setcookie according to php version */ protected function _setcookie($cookie = NULL) { if ($cookie) { $content = $this->_cipherTool->encrypt($cookie); $time = $this->_expire; } else { $content = 0; $time = time() - 1; } if (PHP_VERSION_ID <= 50200) /* PHP version > 5.2.0 */ return setcookie($this->_name, $content, $time, $this->_path, $this->_domain, 0); else return setcookie($this->_name, $content, $time, $this->_path, $this->_domain, 0, true); } /** * Save cookie with setcookie() */ public function write() { $cookie = ''; /* Serialize cookie content */ if (isset($this->_content['checksum'])) unset($this->_content['checksum']); foreach ($this->_content AS $key => $value) $cookie .= $key.'|'.$value.'¤'; /* Add checksum to cookie */ $cookie .= 'checksum|'.crc32($this->_iv.$cookie); /* Cookies are encrypted for evident security reasons */ return $this->_setcookie($cookie); } /** * Get a family of variables (e.g. "filter_") */ public function getFamily($origin) { $result = array(); if (count($this->_content) == 0) return $result; foreach ($this->_content AS $key => $value) if (strncmp($key, $origin, strlen($origin)) == 0) $result[$key] = $value; return $result; } /** * */ public function unsetFamily($origin) { $family = $this->getFamily($origin); foreach (array_keys($family) AS $member) unset($this->$member); } /** * * @return String name of cookie */ public function getName() { return $this->_name; } } I hope this helps! -Mike Link to comment Share on other sites More sharing options...
mothershop Posted October 24, 2011 Share Posted October 24, 2011 I copied and pasted it but now i can't login at all it just returns blank email and password field. Link to comment Share on other sites More sharing options...
Mike Kranzler Posted October 24, 2011 Share Posted October 24, 2011 Hi mothershop, Right now I'm just working off of the suggestion you posted at the top of this thread, but it looks like the issue could involve a missing line break in the code. Please try using this version instead and let me know if that works for you. <?php /* * 2007-2011 PrestaShop * * NOTICE OF LICENSE * * This source file is subject to the Open Software License (OSL 3.0) * that is bundled with this package in the file LICENSE.txt. * It is also available through the world-wide-web at this URL: * http://opensource.or...ses/osl-3.0.php * If you did not receive a copy of the license and are unable to * obtain it through the world-wide-web, please send an email * to [email protected] so we can send you a copy immediately. * * DISCLAIMER * * Do not edit or add to this file if you wish to upgrade PrestaShop to newer * versions in the future. If you wish to customize PrestaShop for your * needs please refer to http://www.prestashop.com for more information. * * @author PrestaShop SA <[email protected]> * @copyright 2007-2011 PrestaShop SA * @version Release: $Revision: 7398 $ * @license http://opensource.or...ses/osl-3.0.php Open Software License (OSL 3.0) * International Registered Trademark & Property of PrestaShop SA */ class CookieCore { /** @var array Contain cookie content in a key => value format */ protected $_content; /** @var array Crypted cookie name for setcookie() */ protected $_name; /** @var array expiration date for setcookie() */ protected $_expire; /** @var array Website domain for setcookie() */ protected $_domain; /** @var array Path for setcookie() */ protected $_path; /** @var array cipher tool instance */ protected $_cipherTool; /** @var array cipher tool initialization key */ protected $_key; /** @var array cipher tool initilization vector */ protected $_iv; protected $_modified = false; /** * Get data if the cookie exists and else initialize an new one * * @param $name Cookie name before encrypting * @param $path */ public function __construct($name, $path = '', $expire = NULL) { $this->_content = array(); $this->_expire = isset($expire) ? (int)($expire) : (time() + 1728000); $this->_name = md5($name); $this->_path = trim(__PS_BASE_URI__.$path, '/\\').'/'; if ($this->_path{0} != '/') $this->_path = '/'.$this->_path; $this->_path = rawurlencode($this->_path); $this->_path = str_replace('%2F', '/', $this->_path); $this->_path = str_replace('%7E', '~', $this->_path); $this->_key = _COOKIE_KEY_; $this->_iv = _COOKIE_IV_; $this->_domain = $this->getDomain(); if (Configuration::get('PS_CIPHER_ALGORITHM')) $this->_cipherTool = new Rijndael(_RIJNDAEL_KEY_, _RIJNDAEL_IV_); else $this->_cipherTool = new Blowfish($this->_key, $this->_iv); $this->update(); } protected function getDomain() { $r = '!(?\w+)://)?(?\w+)\\w+)@)?([^/:]+)?(?:\\d*))?([^#?]+)?(?:\?([^#]+))?(?:#(.+$))?!i'; preg_match ($r, Tools::getHttpHost(false, false), $out); if (preg_match('/^(((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]{1}[0-9]|[1-9]).)'. '{1}((25[0-5]|2[0-4][0-9]|[1]{1}[0-9]{2}|[1-9]{1}[0-9]|[0-9]).)'. '{2}((25[0-5]|2[0-4][0-9]|[1]{1}[0-9]{2}|[1-9]{1}[0-9]|[0-9]){1}))$/', $out[4])) return false; if (!strstr(Tools::getHttpHost(false, false), '.')) return false; $domain = $out[4]; $subDomains = SubDomain::getSubDomains(); if ($subDomains === false) die(Tools::displayError('Bad SubDomain SQL query.')); foreach ($subDomains AS $subDomain) { $subDomainLength = strlen($subDomain) + 1; if (strncmp($subDomain.'.', $domain, $subDomainLength) == 0) $domain = substr($domain, $subDomainLength); } return $domain; } /** * Set expiration date * * @param integer $expire Expiration time from now */ function setExpire($expire) { $this->_expire = (int)($expire); } /** * Magic method wich return cookie data from _content array * * @param $key key wanted * @return string value corresponding to the key */ public function __get($key) { return isset($this->_content[$key]) ? $this->_content[$key] : false; } /** * Magic method which check if key exists in the cookie * * @param $key key wanted * @return boolean key existence */ public function __isset($key) { return isset($this->_content[$key]); } /** * Magic method wich add data into _content array * * @param $key key desired * @param $value value corresponding to the key */ public function __set($key, $value) { if (is_array($value)) die(Tools::displayError()); if (preg_match('/¤|\|/', $key.$value)) throw new Exception('Forbidden chars in cookie'); if (!$this->_modified AND (!isset($this->_content[$key]) OR (isset($this->_content[$key]) AND $this->_content[$key] != $value))) $this->_modified = true; $this->_content[$key] = $value; $this->write(); } /** * Magic method wich delete data into _content array * * @param $key key wanted */ public function __unset($key) { if (isset($this->_content[$key])) $this->_modified = true; unset($this->_content[$key]); $this->write(); } /** * Check customer informations saved into cookie and return customer validity * * @return boolean customer validity */ public function isLogged($withGuest = false) { if (!$withGuest AND $this->is_guest == 1) return false; /* Customer is valid only if it can be load and if cookie password is the same as database one */ if ($this->logged == 1 AND $this->id_customer AND Validate::isUnsignedId($this->id_customer) AND Customer::checkPassword((int)($this->id_customer), $this->passwd)) return true; return false; } /** * Check employee informations saved into cookie and return employee validity * * @return boolean employee validity */ public function isLoggedBack() { /* Employee is valid only if it can be load and if cookie password is the same as database one */ return ($this->id_employee AND Validate::isUnsignedId($this->id_employee) AND Employee::checkPassword((int)$this->id_employee, $this->passwd) //AND (!isset($this->_content['remote_addr']) OR $this->_content['remote_addr'] == ip2long(Tools::getRemoteAddr()) OR !Configuration::get('PS_COOKIE_CHECKIP')) ); } /** * Delete cookie */ public function logout() { $this->_content = array(); $this->_setcookie(); unset($_COOKIE[$this->_name]); $this->_modified = true; $this->write(); } /** * Soft logout, delete everything links to the customer * but leave there affiliate's informations */ public function mylogout() { unset($this->_content['id_customer']); unset($this->_content['id_guest']); unset($this->_content['is_guest']); unset($this->_content['id_connections']); unset($this->_content['customer_lastname']); unset($this->_content['customer_firstname']); unset($this->_content['passwd']); unset($this->_content['logged']); unset($this->_content['email']); unset($this->_content['id_cart']); unset($this->_content['id_address_invoice']); unset($this->_content['id_address_delivery']); $this->_modified = true; $this->write(); } function makeNewLog() { unset($this->_content['id_customer']); unset($this->_content['id_guest']); Guest::setNewGuest($this); $this->_modified = true; } /** * Get cookie content */ function update($nullValues = false) { if (isset($_COOKIE[$this->_name])) { /* Decrypt cookie content */ $content = $this->_cipherTool->decrypt($_COOKIE[$this->_name]); /* Get cookie checksum */ $checksum = crc32($this->_iv.substr($content, 0, strrpos($content, '¤') + 2)); /* Unserialize cookie content */ $tmpTab = explode('¤', $content); foreach ($tmpTab AS $keyAndValue) { $tmpTab2 = explode('|', $keyAndValue); if (sizeof($tmpTab2) == 2) $this->_content[$tmpTab2[0]] = $tmpTab2[1]; } /* Blowfish fix */ if (isset($this->_content['checksum'])) $this->_content['checksum'] = (int)($this->_content['checksum']); /* Check if cookie has not been modified */ if (!isset($this->_content['checksum']) OR $this->_content['checksum'] != $checksum) $this->logout(); if (!isset($this->_content['date_add'])) $this->_content['date_add'] = date('Y-m-d H:i:s'); } else $this->_content['date_add'] = date('Y-m-d H:i:s'); //checks if the language exists, if not choose the default language if (!Language::getLanguage((int)$this->id_lang)) $this->id_lang = Configuration::get('PS_LANG_DEFAULT'); } /** * Setcookie according to php version */ protected function _setcookie($cookie = NULL) { if ($cookie) { $content = $this->_cipherTool->encrypt($cookie); $time = $this->_expire; } else { $content = 0; $time = time() - 1; } if (PHP_VERSION_ID <= 50200) /* PHP version > 5.2.0 */ return setcookie($this->_name, $content, $time, $this->_path, $this->_domain, 0); else return setcookie($this->_name, $content, $time, $this->_path, $this->_domain, 0, true); } /** * Save cookie with setcookie() */ public function write() { $cookie = ''; /* Serialize cookie content */ if (isset($this->_content['checksum'])) unset($this->_content['checksum']); foreach ($this->_content AS $key => $value) $cookie .= $key.'|'.$value.'¤'; /* Add checksum to cookie */ $cookie .= 'checksum|'.crc32($this->_iv.$cookie); /* Cookies are encrypted for evident security reasons */ return $this->_setcookie($cookie); } /** * Get a family of variables (e.g. "filter_") */ public function getFamily($origin) { $result = array(); if (count($this->_content) == 0) return $result; foreach ($this->_content AS $key => $value) if (strncmp($key, $origin, strlen($origin)) == 0) $result[$key] = $value; return $result; } /** * */ public function unsetFamily($origin) { $family = $this->getFamily($origin); foreach (array_keys($family) AS $member) unset($this->$member); } /** * * @return String name of cookie */ public function getName() { return $this->_name; } } I hope this helps. -Mike Link to comment Share on other sites More sharing options...
mothershop Posted October 25, 2011 Share Posted October 25, 2011 Now I cant even login to back office. Any suggestions ? Link to comment Share on other sites More sharing options...
Mike Kranzler Posted October 25, 2011 Share Posted October 25, 2011 Now I cant even login to back office. Any suggestions ? In this case, please roll back to the original version of this file you posted here. It appears that the fix suggested above will not work properly for your case. Do you have a link to that original post you pasted? I would like to look into this a little further. -Mike Link to comment Share on other sites More sharing options...
lisajef Posted November 3, 2011 Author Share Posted November 3, 2011 I have just installed a SSL certificate on my site....and the problem seems to have disappeared. Think it may have been a firewall problem. Thanks Link to comment Share on other sites More sharing options...
Mike Kranzler Posted November 3, 2011 Share Posted November 3, 2011 I'm glad that worked for you! I'll go ahead and mark this as solved for you. -Mike Link to comment Share on other sites More sharing options...
.png.022b5452a8f28f552bc9430097a16da2.png)
Recommended Posts