Plaincart e-commerce HELP, Problems with admin login

elmalote

Hi everybody,

I am new to PHP, and this is the first time trying to work with it, so please bear with me.

I'm making a e commerce site for fun just to get a little a insight to PHP because I looks pretty interesting.

Well I followed a tutorial from:
http://www.phpwebcommerce.com/php-mysql-sh...rt-tutorial.php

And started to code.
Everything works, except the admin login. It keps saying wrong username or password.
I even tried downloading his code, still no luck.
I am running this on my localhost IIS with PHP and MySQL.

If someone can help, it would be greatly appreciated.

The source code can be downloaded from:
http://www.phpwebcommerce.com/download/plaincart.zip

Thanks a lot.

mmonaco

Place extensive trace messages in your code. Ensure that your post/get variables are being passed, ensure your mysql connection, make sure the user you're connecting with has permissions to the table.

homchz

My guess is that your issue may be with IIS and the sessions being set for validation. I thought I read somewhere that IIS had a few issues setting php sessions. I heard of a Microsoft update that disabled sessions by default.

Just a guess though as I have not taken the time to try and run the code on my server.

elmalote

The user which connect to the database has all the access, still doesn't work.

I've checked the IIS, and I enabled everywhere I could find an option with session, still no luck :-(

_theworks

I'm making a e commerce site for fun just to get a little a insight to PHP because I looks pretty interesting.

Coding an entire E-commerce solution in php would not be an easy task especially if you are new to php

you should try using ZenCart its an opensource e-commerce solution that i am using for a job right now its really amazing to see what you can do with it i dont suggest trying to build your own e-commerce package for small jobs simply bcuz of how long it would take and secondly vunderability issues.

http://zencart.com

elmalote

_theworks wrote:
Coding an entire E-commerce solution in php would not be an easy task especially if you are new to php

you should try using ZenCart its an opensource e-commerce solution that i am using for a job right now its really amazing to see what you can do with it i dont suggest trying to build your own e-commerce package for small jobs simply bcuz of how long it would take and secondly vunderability issues.

http://zencart.com

Looks very nice.. Thanks for the link..

But using that won't help me understand PHP better, I made that Plaincart e commerce by the help of a tutorial, which explained everything..

Polyhedras

The problem seems to be with one line in this SQL query:

   $sql = "SELECT user_id
          FROM tbl_user
          WHERE user_name = '$userName' AND
                user_password = PASSWORD('$password')";

The login process works fine if you change the last line to just:

                user_password = '$password'";

For an explanation why, check http://archives.postgresql.org/pgsql-php/2003-01/msg00030.php

elmalote

Polyhedras wrote:
The problem seems to be with one line in this SQL query:
   $sql = "SELECT user_id
          FROM tbl_user
          WHERE user_name = '$userName' AND
                user_password = PASSWORD('$password')";
The login process works fine if you change the last line to just:
                user_password = '$password'";
For an explanation why, check http://archives.postgresql.org/pgsql-php/2003-01/msg00030.php

IT WORKED!!!!
I've tried looking for the error for about 6 weeks now, even my friends who are pretty good with PHP and MySQL didn't crack the nut!!
I can't thank you enough, THANKS A LOT!!! 😃 🙂

chcikenyd

I have the same problem i tried changing the last line but it still did not work for me. maybe because i set the browser to remember the password when i was trying to login so maybe it saved thge wrong password.

chcikenyd

wow it works now!!!

jarek

hi everybody
i downloaded and install to localhost the PLAINCART system http://www.phpwebcommerce.com/

url is
http://localhost/www.olympic-armatura.com.pl/index.php

base dir is
c:/usr/serwis/www/www.olympic-armatura.com.pl/

and a have problem to enter admin sectiom. When i click to admin/index.php
i have error 404. In error log is text

////////////
[Fri May 05 17:29:29 2006] [error] [client 127.0.0.1] File does not exist: c:/usr/serwis/www/www.olympic-armatura.com.pl/admin/www.olympic-armatura.com.pl/admin/login.php
///////////////

probable is error to library/config.php file

///////////////
$thisFile = str_replace('\', '/', FILE);
$docRoot = $_SERVER['DOCUMENT_ROOT'];

$webRoot = str_replace(array($docRoot, 'library/config.php'), '', $thisFile);
$srvRoot = str_replace('library/config.php', '', $thisFile);

define('WEB_ROOT', $webRoot);
define('SRV_ROOT', $srvRoot);
//////////////

please help !

lisa007

hi i'm createing a website i've seen the plaincart site but i really just need the modify part any idea which files can just grab and adjust to my site my database has the following fields
image name email phone campustype select3 i just want the files that will alow me to modify the image form my database, and does catid is the same meaning has cat_id because i see alot catid but i dnt see any field called that

dagon

lisa007, this is a 4 year old thread, you should start your own, also when dealing with a third-party script the support site they offer is more likely to be able to assist

jakfrench

elmalote;10682327 wrote:
IT WORKED!!!!
I've tried looking for the error for about 6 weeks now, even my friends who are pretty good with PHP and MySQL didn't crack the nut!!
I can't thank you enough, THANKS A LOT!!! 😃 🙂

I had same problem... except its not working for me 🙁
But i changed the
INSERT INTO tbl_user VALUES(1, 'admin', PASSWORD('admin'), NOW(), NOW());
query and not the select one as i cant find it!!!????
can anyone help?

jakfrench

I had the same problem...
changed the password problem.
now it doesnt say wrong password but redirects me to the same page again!
wat could be the problem as im really really stuck!!!!????

hollettster

The created password field from the plaincart.sql file creates a varchar field at 32 characters.

It puts in the hashed password 43e9a4ab75570f5b

If you change the password field length (I did 255) and put in *4ACFE3202A5FF5CF467898FC58AAB1D615029441 on the admin user record password field you can now login with user: admin password: admin

Once in the admin backend, you can change the password.

You can also easily run a MySQL query like SELECT PASSWORD('whateveryouwanthere');
This will generate a hashed password to match whatever you put between the single quotes. That way it will still remain a bit more secure.

If you remove the line as stated above, you can make your script a bit easier to hack through.

jakfrench

CREATE TABLE tbl_user (
user_id INTEGER UNSIGNED NOT NULL AUTO_INCREMENT,
user_name VARCHAR(20) NOT NULL DEFAULT '',
user_password VARCHAR(255) NOT NULL DEFAULT '',
user_regdate DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00',
user_last_login DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00',
PRIMARY KEY (user_id),
UNIQUE KEY user_name (user_name)
);

INSERT INTO tbl_user VALUES(1, 'admin', PASSWORD('admin'), NOW(), NOW());

this is wat i put in and it still dont work, can anyone help!!!????