Post by michaelsen » Sat Mar 14, 2015 12:45 am

I'm getting this error when I go into any order (placed from the front end) and hit the continue button, or if I try to create a new order from admin.

Any ideas?


Image

New member

Posts

Joined
Tue May 03, 2011 3:17 am

Post by michaelsen » Sat Mar 14, 2015 5:49 am

Ok, i'm moving to OC from Oscommerce and it turns out that the error is caused by a mod which will make it possible for my old customers to login in my OC store with their imported OSC login info.

I guess the order edit is using the same function.

Here is the mod I found on these forums. I modified it to (partly) work with 2.0.1.1

Maybe someone here can see if there is a way around it?

Code: Select all

<modification>
  <id>osCommerce Password Checking</id>
  <version>1.0.0</version>
  <vqmver>1.0.8</vqmver>
  <author>Stephen Owens ( http://www.Studio-Owens.com )</author>
  <file name="system/library/customer.php">
    <operation error="skip">
      <search position="before"><![CDATA[
public function login($email, $password, $override = false) { 
      ]]></search>
      <add trim="false"><![CDATA[
public function owens_md5osc($email, $password) {
  $md5pw_results = $this->db->query("SELECT c.password 
    FROM " . DB_PREFIX . "customer AS c 
    WHERE LOWER(c.email) = '" . $this->db->escape(strtolower($email))."' 
    LIMIT 1");
  if ($md5pw_results->num_rows) {
    $md5pw = $md5pw_results->row['password'];
    $md5pw_arr = explode(':', $md5pw);
    if (sizeof($md5pw_arr) != 2) {
      return $this->db->escape(md5($password));
    } else {
      // Owens : osCommerce password verification with the salt
      // from osC: $password = md5($salt . $plain_text_password) . ':' . $salt;
      if ($md5pw = md5($md5pw_arr[1].$this->db->escape($password)).':'.$md5pw_arr[1]) {
        return $this->db->escape($md5pw);
      } else {
        return $this->db->escape(md5($password));
      }
    }
  } else {
    return $this->db->escape(md5($password));
  }
}
      ]]></add>
    </operation>
    <operation error="skip">
      <search position="after"><![CDATA[
public function login($email, $password, $override = false) { 
      ]]></search>
      <add trim="false"><![CDATA[
$owens_password = $this->owens_md5osc($email, $password);
      ]]></add>
    </operation>
    <operation error="skip">
      <search position="replace"><![CDATA[
$customer_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE LOWER(email) = '" . $this->db->escape(utf8_strtolower($email)) . "' AND status = '1'");
      ]]></search>
      <add trim="false"><![CDATA[
$customer_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE LOWER(email) = '" . $this->db->escape(utf8_strtolower($email)) . "' AND password = '" . $owens_password . "' AND status = '1'");
      ]]></add>
    </operation>
    <operation error="skip">
      <search position="replace"><![CDATA[
$customer_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE LOWER(email) = '" . $this->db->escape(utf8_strtolower($email)) . "' AND (password = SHA1(CONCAT(salt, SHA1(CONCAT(salt, SHA1('" . $this->db->escape($password) . "'))))) OR password = '" . $this->db->escape(md5($password)) . "') AND status = '1' AND approved = '1'");
      ]]></search>
      <add trim="false"><![CDATA[
$customer_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE LOWER(email) = '" . $this->db->escape(utf8_strtolower($email)) . "' AND (password = SHA1(CONCAT(salt, SHA1(CONCAT(salt, SHA1('" . $this->db->escape($password) . "'))))) OR password = '" . $owens_password . "') AND status = '1' AND approved = '1'");
      ]]></add>
    </operation>
  </file>
</modification>

New member

Posts

Joined
Tue May 03, 2011 3:17 am

Post by AmericanFizz » Mon May 11, 2015 5:18 pm

I'm also experiencing this issue but I do not have the above mod.

Are their any troubleshooting steps for this?

New member

Posts

Joined
Fri Dec 13, 2013 9:56 pm
Who is online

Users browsing this forum: No registered users and 39 guests