Post by Plueki » Tue Nov 10, 2020 4:40 am

Hello everyone,

I'm desperately looking for support for a problem which i have been trying to solve for days.

Problem description:
About a week or two ago, i migrated my webshop to a new server.
Both the old and the new server are running on WHM/CPanel.
My webshop was running fine on the old server except for the site speed so i migrated to a new one.
Everything is working fine on the new server except the api.
When i try to request a token, i get the following message:

Code: Select all

Notice: Undefined index: key in /home/lynuxms/public_html/oc/catalog/controller/api/login.php on line 14[]
This problem seems to be a server problem because even a new, fresh Opencart installation on the new server has this problem.
The API worked fine on the old server and the new server is almost a copy of the old (i copied the most settings) and somehow the API is not working on the new server.
I really really need the API and i was hoping someone could help me look into.

I check the following things on the server, and they seemed to be OK just like on the old server:
- htacces file (check)
- config (check)
- Php modules (check)
- Apache modules (check)
- I turned of the firewall to check if it was firewall related.
- Opencart requirements (check)

Is there anyone who can help me with this?
PROBLEM SOLVED!

I feel ashamed of my stupidity.
But i learned my lesson.

This was the problem:
The account on CPanel where the laravel project is running on is being hosted on a dedicated IP on the server.
So i whitelisted the dedicated IP in Opencart and did my POST requests.
I found out that the POST request is being sent from the server's hostname IP instead of the dedicated or the public server IP.
So after i whitelisted the hostname IP in the API credentials in Opencart, everything worked again.


I wanna thank everyone for your kind support!
I'll leave the thread open for other people in the future who encounter the same issue.
Last edited by Plueki on Sat Nov 14, 2020 7:13 pm, edited 2 times in total.

Newbie

Posts

Joined
Wed Apr 15, 2020 3:30 am

Post by thekrotek » Tue Nov 10, 2020 6:54 am

If you can not solve the issue yourself, you can always ask for commercial support.

Professional OpenCart extensions, support and custom work.
Contact me via email or Skype by support@thekrotek.com


User avatar
Expert Member

Posts

Joined
Sun Jul 03, 2016 12:24 am


Post by straightlight » Tue Nov 10, 2020 7:03 am

- htacces file (check)
- config (check)
- Php modules (check)
- Apache modules (check)
- I turned of the firewall to check if it was firewall related.
- Opencart requirements (check)
While all these might have been checked already, have you also checked in the right locations? viewtopic.php?f=202&t=215936&p=776017#p776017

The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.


Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by paulfeakins » Tue Nov 10, 2020 5:40 pm

Plueki wrote:
Tue Nov 10, 2020 4:40 am

Code: Select all

Notice
It's just a notice and they can often be safely ignored.

It sounds like your new server is set to display notices and the old one wasn't.

For quick, professional OpenCart support please email info@antropy.co.uk


User avatar
Guru Member

Posts

Joined
Mon Aug 22, 2011 11:01 pm
Location - Reigate, Surrey, United Kingdom

Post by straightlight » Tue Nov 10, 2020 7:47 pm

Undefined index is not a notice to ignore.

The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.


Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by codeeshop » Wed Nov 11, 2020 12:26 pm

You can disable the display error from the setting configuration as can be seen in the below screenshot.
https://prnt.sc/vh5avz

Regards
Code-E-Shop

Newbie

Posts

Joined
Sun Jul 12, 2020 6:54 pm

Post by paulfeakins » Wed Nov 11, 2020 6:59 pm

straightlight wrote:
Tue Nov 10, 2020 7:47 pm
Undefined index is not a notice to ignore.
I tend to agree with you actually, but in this case it looks like it's suddenly appearing after a server move which suggests the site has been running with this issue for a long time.

I would agree that it should be fixed properly and I'd echo the comments above that posting in Commercial Support for help might be best.

For quick, professional OpenCart support please email info@antropy.co.uk


User avatar
Guru Member

Posts

Joined
Mon Aug 22, 2011 11:01 pm
Location - Reigate, Surrey, United Kingdom

Post by straightlight » Wed Nov 11, 2020 8:38 pm

paulfeakins wrote:
Wed Nov 11, 2020 6:59 pm
straightlight wrote:
Tue Nov 10, 2020 7:47 pm
Undefined index is not a notice to ignore.
I tend to agree with you actually, but in this case it looks like it's suddenly appearing after a server move which suggests the site has been running with this issue for a long time.

I would agree that it should be fixed properly and I'd echo the comments above that posting in Commercial Support for help might be best.
Yeah, that's because of the server settings while using the backward compatibility, assuming the key data is definitely in the move inclusively.

The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.


Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by Plueki » Fri Nov 13, 2020 4:15 am

Thank you guys for your replies!
I really appreciate your comments!

I would like to say that it's not just a notice.
I have tried to turn off the setting of opencart to not display errors anymore but i don't think that, that is the problem.
Enabled or not, i'm not getting an api token anymore which i did get before the server migration.
After playing with the code, it seems like my parameters are not being sent with the POST request.

As soon as i change the following code, the error stops occuring and i start getting my API tokens again.
How ever, im not sure if this is save and it's not how it used to work. I'd like to keep the original code.
Also, when i change the code below, my other code in my client some how can't detect the json body.

Edit: See how i changed POST to GET

Code: Select all

// Login with API Key
if(isset($this->request->post['username'])) {
	$api_info = $this->model_account_api->login($this->request->post['username'], $this->request->post['key']);
} else {
	$api_info = $this->model_account_api->login('Default', $this->request->post['key']);
}
To this :

Code: Select all

// Login with API Key
if(isset($this->request->get['username'])) {
	$api_info = $this->model_account_api->login($this->request->get['username'], $this->request->get['key']);
} else {
	$api_info = $this->model_account_api->login('Default', $this->request->get['key']);
}
The code in my client:

Code: Select all

$result = $client->request('POST', 'https://XXXXX.XX/index.php?route=api/login', [
	'forms_params' => [
        'username' => 'XXXXXX',
        'key' => 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXX',
         ]
]);

$login_data = json_decode($result->getBody()->getContents(), true);
$api_token = $login_data['api_token'];

Newbie

Posts

Joined
Wed Apr 15, 2020 3:30 am

Post by sw!tch » Fri Nov 13, 2020 5:29 am

You should not use $_GET for authentication!

Assuming you are using GuzzleHttp. - Note: form_params and not forms_params

Code: Select all

$result = $client->request('POST', 'https://domain.com/index.php?route=api/login', [
    'form_params' => [
        'username' => 'user',
        'key' => 'key'
    ]
]);

$login_data = json_decode($result->getBody()->getContents(), true);

echo $login_data['api_token'];

Full Stack Web Developer :: Send a PM for Custom Work.
Backup and learn how to recover before you make any changes!


Active Member

Posts

Joined
Sat Apr 28, 2012 2:32 pm
Location - USA

Post by straightlight » Fri Nov 13, 2020 7:05 am

sw!tch wrote:
Fri Nov 13, 2020 5:29 am
You should not use $_GET for authentication!

Assuming you are using GuzzleHttp. - Note: form_params and not forms_params

Code: Select all

$result = $client->request('POST', 'https://domain.com/index.php?route=api/login', [
    'form_params' => [
        'username' => 'user',
        'key' => 'key'
    ]
]);

$login_data = json_decode($result->getBody()->getContents(), true);

echo $login_data['api_token'];
Interesting ...

The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.


Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by Plueki » Fri Nov 13, 2020 3:49 pm

sw!tch wrote:
Fri Nov 13, 2020 5:29 am
You should not use $_GET for authentication!

Assuming you are using GuzzleHttp. - Note: form_params and not forms_params
Hello,

Thank you for your reply!
I changed GET to POST as the original code had, and i changed forms_params to form_params.
The POST method brings back the error.

I played with the code again.
I added the following code in the login api script of Opencart:

Code: Select all

echo "<pre>";
print_r($this->request);
echo "</pre>";
And this is the output:
NOTE i censored some information.
See how [post] is empty and [get] is filled while i did a POST request.

Code: Select all

Request Object
(
    [get] => Array
        (
            [route] => api/login
            [username] => XXXXXX
            [key] => XXXXXXXXXXXXXXXX
        )

    [post] => Array
        (
        )

    [cookie] => Array
        (
            [OCSESSID] => ffae5607a4c688613775fe60ec
            [language] => en-gb
            [currency] => USD
        )

    [files] => Array
        (
        )

    [server] => Array
        (
            [USER] => XXXX
            [HOME] => /home/XXXX
            [SCRIPT_NAME] => /index.php
            [REQUEST_URI] => /index.php?route=api/login&username=XXXXX&key=XXXXXXXXXXXXXXXXXXX
            [QUERY_STRING] => route=api/login&username=XXXXXXX&key=XXXXXXXXXXXXXXXXXXX
            [REQUEST_METHOD] => POST
            [SERVER_PROTOCOL] => HTTP/2.0
            [GATEWAY_INTERFACE] => CGI/1.1
            [AUTH_TYPE] => Basic
            [REMOTE_USER] => XXXXXXX
            [REMOTE_PORT] => 52905
            [SCRIPT_FILENAME] => /home/XXXXXXXXX/public_html/oc/index.php
            [SERVER_ADMIN] => webmaster@oc.XXXXXX.XX
            [CONTEXT_DOCUMENT_ROOT] => /home/XXXXXXXXX/public_html/oc
            [CONTEXT_PREFIX] => 
            [REQUEST_SCHEME] => https
            [DOCUMENT_ROOT] => /home/XXXXXXXX/public_html/oc
            [REMOTE_ADDR] => XXXXXXXXXXXXX
            [SERVER_PORT] => 443
            [SERVER_ADDR] => XXXXXXXXXX
            [SERVER_NAME] => oc.xxxxxxxx.xx
            [SERVER_SOFTWARE] => Apache
            [SERVER_SIGNATURE] => 
            [PATH] => /usr/local/jdk/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/usr/local/bin:/usr/X11R6/bin:/root/bin:/opt/bin
            [HTTP_HOST] => oc.xxxxx.xx
            [HTTP_COOKIE] => OCSESSID=ffae5607a4c688613775fe60ec; language=en-gb; currency=USD
            [HTTP_ACCEPT_LANGUAGE] => nl-NL,nl;q=0.9,en-US;q=0.8,en;q=0.7
            [HTTP_ACCEPT_ENCODING] => gzip, deflate, br
            [HTTP_SEC_FETCH_DEST] => document
            [HTTP_SEC_FETCH_USER] => ?1
            [HTTP_SEC_FETCH_MODE] => navigate
            [HTTP_SEC_FETCH_SITE] => none
            [HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
            [HTTP_USER_AGENT] => Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36
            [HTTP_UPGRADE_INSECURE_REQUESTS] => 1
            [HTTP_CACHE_CONTROL] => max-age=0
            [proxy-nokeepalive] => 1
            [H2_STREAM_TAG] => 130-1
            [H2_STREAM_ID] => 1
            [H2_PUSHED_ON] => 
            [H2_PUSHED] => 
            [H2_PUSH] => on
            [H2PUSH] => on
            [HTTP2] => on
            [SSL_TLS_SNI] => oc.xxxxxx.xx
            [HTTPS] => 1
            [UNIQUE_ID] => X644dLgtsLnuHtd4JSqahAAAggg
            [FCGI_ROLE] => RESPONDER
            [PHP_SELF] => /index.php
            [REQUEST_TIME_FLOAT] => 1605253236.4013
            [REQUEST_TIME] => 1605253236
            [argv] => Array
                (
                    [0] => route=api/login&username=XXXXXXX&key=XXXXXXXXXXXXXXXX
                )

            [argc] => 1
        )

    [request] => Array
        (
            [route] => api/login
            [username] => XXXXXXXXX
            [key] => XXXXXXXXXXXXXXXXXXX
        )

)

Newbie

Posts

Joined
Wed Apr 15, 2020 3:30 am

Post by sw!tch » Fri Nov 13, 2020 4:28 pm

Post your full code that consumes the opencart API. You are using GuzzleHttp\Client ?

Check your .htacesss. Do you have the site password protected? Maybe some rewrite/redirect is happening.

The only way I can duplicate the undefined index is by sending the request as get. Sending via post works fine on OC 3.0.3.6 and Laravel.

Full Stack Web Developer :: Send a PM for Custom Work.
Backup and learn how to recover before you make any changes!


Active Member

Posts

Joined
Sat Apr 28, 2012 2:32 pm
Location - USA

Post by Plueki » Fri Nov 13, 2020 5:10 pm

sw!tch wrote:
Fri Nov 13, 2020 4:28 pm
Post your full code that consumes the opencart API. You are using GuzzleHttp\Client ?

Check your .htacesss. Do you have the site password protected? Maybe some redirect is happening.

The only way I can duplicate the undefined index is by sending the request as get. Sending via post works fine on OC 3.0.3.6 and Laravel.
Hello again!

Thanks for another reply!
Yes, i am using GuzzleHttp\Client in Laravel.
My .htacess is the default .htacess file which is provided by Opencart as i am testing it on a fresh installation of Opencart.
I have a few OC installations on my server and all of my installations are having this issue, so i did a fresh installation of Opencart.
The website is not password protected.

This is the function which consumes the API and worked for a long time:

Code: Select all

public function __construct()
    {
        $this->middleware('auth');

        Order::truncate();
        Product::truncate();

        $client = new Client();

        $api_token = NULL;

        //Get Token
        if ($api_token === NULL) {
            $result = $client->request('POST', 'https://XXXXXX/index.php?route=api/login', [
                'form_params' => [
                    'username' => 'XXXXX',
                    'key' => XXXXXXXXX',
                ]
            ]);

            $login_data = json_decode($result->getBody()->getContents(), true);
            $api_token = $login_data['api_token'];
        }

        //Get orders
        $get_orders = $client->request('POST', 'https://XXXXXX/index.php?route=api/orders&api_token='.$api_token);
        if ($get_orders->getStatusCode() == 200) { // 200 OK
            $order_data = json_decode($get_orders->getBody()->getContents(), true);
            if ($order_data > 0) {
                foreach ($order_data as $key => $ores) {
                    //Order
                    $ores['date_added'] = date('Y-m-d',strtotime($ores['date_added']));
                    $ores['date_modified'] = date('Y-m-d',strtotime($ores['date_modified']));
                    Order::create($ores);

                    //Product
                    $get_products = $client->request('POST', 'https://XXXXXXX/index.php?route=api/orders/products&api_token='.$api_token.'&order_id='.$ores['order_id']);
                    if ($get_products->getStatusCode() == 200) { // 200 OK
                        $product_data = json_decode($get_products->getBody()->getContents(), true);
                        foreach ($product_data as $key => $pres) {
                            Product::create($pres);
                        }
                    }
                }
            }
        }
    }

Newbie

Posts

Joined
Wed Apr 15, 2020 3:30 am

Post by straightlight » Fri Nov 13, 2020 8:52 pm

Not sure about the point of this part:

Code: Select all

 $api_token = NULL;

        //Get Token
        if ($api_token === NULL) {
            $result = $client->request('POST', 'https://XXXXXX/index.php?route=api/login', [
                'form_params' => [
                    'username' => 'XXXXX',
                    'key' => XXXXXXXXX',
                ]
            ]);

            $login_data = json_decode($result->getBody()->getContents(), true);
            $api_token = $login_data['api_token'];
        }
The $api_token will obviously be NULL anyways since you have an affected NULL right above. Better to send another $client->request POST to validate the api_token to see if it already exists by session. If so, we don't need to pull another username and key. If not, then the // Get Token part would apply as an ELSE statement.

See an e.g from the external API for Opencart on my repository: https://github.com/straightlight/openca ... upload/api .

The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.


Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by sw!tch » Sat Nov 14, 2020 2:44 am

If you are sure your code is taking affect, then I think you have some redirect going on converting post to get.

Check for .htaccess in directories higher up. In the request debug you posted it looks like its being converted to or sent as $_GET.

Read here https://docs.guzzlephp.org/en/stable/re ... -redirects
strict: (bool, default=false) Set to true to use strict redirects. Strict RFC compliant redirects mean that POST redirect requests are sent as POST requests vs. doing what most browsers do which is redirect POST requests with GET requests.
Maybe try passing allow_redirects as "strict" RFC compliant as outlined in the docs.

Code: Select all

'allow_redirects' => [
    'strict'  => true
]
Otherwise you may need to open a commercial request to have someone debug the code and resolve it. I am unable to duplicate on my end using the default OC API.

Full Stack Web Developer :: Send a PM for Custom Work.
Backup and learn how to recover before you make any changes!


Active Member

Posts

Joined
Sat Apr 28, 2012 2:32 pm
Location - USA

Post by Plueki » Sat Nov 14, 2020 6:27 pm

sw!tch wrote:
Sat Nov 14, 2020 2:44 am
If you are sure your code is taking affect, then I think you have some redirect going on converting post to get.

Check for .htaccess in directories higher up. In the request debug you posted it looks like its being converted to or sent as $_GET.

Read here https://docs.guzzlephp.org/en/stable/re ... -redirects
strict: (bool, default=false) Set to true to use strict redirects. Strict RFC compliant redirects mean that POST redirect requests are sent as POST requests vs. doing what most browsers do which is redirect POST requests with GET requests.
Maybe try passing allow_redirects as "strict" RFC compliant as outlined in the docs.

Code: Select all

'allow_redirects' => [
    'strict'  => true
]
Otherwise you may need to open a commercial request to have someone debug the code and resolve it. I am unable to duplicate on my end using the default OC API.
Hey!

I am really happy about how you come up with thinks that could solve my problem, thank you for that!
Right now i'm unsure whether it's my server which is messing around with my head or the codes.
You gave my enough material to use to find that out so i will try everything you said again just to make sure.
And i also have another question, could the php.ini file play a part in this problem aswell?
If so, how?

Newbie

Posts

Joined
Wed Apr 15, 2020 3:30 am

Post by Plueki » Sat Nov 14, 2020 7:12 pm

PROBLEM SOLVED!

I feel ashamed of my stupidity.
But i learned my lesson.

This was the problem:
The account on CPanel where the laravel project is running on is being hosted on a dedicated IP on the server.
So i whitelisted the dedicated IP in Opencart and did my POST requests.
I found out that the POST request is being sent from the server's hostname IP instead of the dedicated or the public server IP.
So after i whitelisted the hostname IP in the API credentials in Opencart, everything worked again.


I wanna thank everyone for your kind support!
I'll leave the thread open for other people in the future who encounter the same issue.

Newbie

Posts

Joined
Wed Apr 15, 2020 3:30 am
Who is online

Users browsing this forum: No registered users and 13 guests