The problem is that we are two users, one with admin prioviledges and one as a simple user, and we CAN'T logged in at the same time. So we can't both work at the same time to add new products on our site.
What are we doing wrong? Can we both of us working at the same time to add products on the site?
We are working from different computers with differents browsers, with the same internet IP.
Please heeeelp!!!!!
Yes you should be able to. I don't know what the problem is though.
UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk
Legendary Member
When one user log in the system automatically log out the second user.. Do you anyone know what we can do, because we are a business here and 2-3 persons want to work simultaneously and they can't.
It is really a huge problem for us :/
It is really a huge problem for us :/
Unless another developer can reply here with an answer you might need to post a paid job in the Commercial Support Forum and pay a developer like ourselves.
UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk
Legendary Member
admin extensions?
Logged in or out is based on user token, not ip address and it does not matter what user group you are assigned to as that is only relevant for the module (admin sections) authorizations etc.
The user token is stored in your session and passed along from page to page in the GET variables, those two have to be present and match at all times or you will be logged out.
As sessions are browser based you can actually be logged in twice as the very same user on the very same machine as long as you use different browsers.
So my quess is you either have a session/cookie issue or a user token issue or both.
Logged in or out is based on user token, not ip address and it does not matter what user group you are assigned to as that is only relevant for the module (admin sections) authorizations etc.
The user token is stored in your session and passed along from page to page in the GET variables, those two have to be present and match at all times or you will be logged out.
As sessions are browser based you can actually be logged in twice as the very same user on the very same machine as long as you use different browsers.
So my quess is you either have a session/cookie issue or a user token issue or both.
Crystal Light Centrum Taiwan
Extensions: MailQueue | SUKHR | VBoces
“Data security is paramount at [...], and we are committed to protecting the privacy of anyone who is associated with our [...]. We’ve made a lot of improvements and will continue to make them.”
When you know your life savings are gone.
Thanks for your reply!! I really appreciate it! I have some admin modules active in my site like Admin Full Category Selection, Admin Quick Edit PRO, Admin-Product-Minifier-OCMOD, Como Admin extensions filters and sort, and Admin Product Category Filter but the last one is disabled.
I am totally lost and don't know how i can solve it. It is soo important for us because we need a lot of person to work simultaneously.
Maybe i have to disable the admin extensions one by one to see if something will change?
I am totally lost and don't know how i can solve it. It is soo important for us because we need a lot of person to work simultaneously.
Maybe i have to disable the admin extensions one by one to see if something will change?
well you could do trial and error with the extensions or put some traces in there.
First of all, do you see a message "invalid token session. Please login again." when you are logged out or no message at all?
for tracing you could make some changes in admin/controller/common/login.php
replace
with
replace
with
That will write entries into your OC error log whenever a login is required and what the GET variable user token (GV) and the session user token (SV) are.
Remember, they both need to exist and match.
First of all, do you see a message "invalid token session. Please login again." when you are logged out or no message at all?
for tracing you could make some changes in admin/controller/common/login.php
replace
Code: Select all
if ($this->user->isLogged() && isset($this->request->get['user_token']) && ($this->request->get['user_token'] == $this->session->data['user_token'])) {
$this->response->redirect($this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true));
}with
Code: Select all
if ($this->user->isLogged() && isset($this->request->get['user_token']) && ($this->request->get['user_token'] == $this->session->data['user_token'])) {
$this->response->redirect($this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true));
} else {
// added for login trace start
$this->log->write('admin re-login required');
if ($this->user->isLogged()) $this->log->write('User logged in');
$this->log->write('GV user token: '.(isset($this->request->get['user_token']) ? $this->request->get['user_token'] : ''));
$this->log->write('SV user token: '.(isset($this->session->data['user_token']) ? $this->session->data['user_token'] : ''));
// added for login trace end
}replace
Code: Select all
if ((isset($this->session->data['user_token']) && !isset($this->request->get['user_token'])) || ((isset($this->request->get['user_token']) && (isset($this->session->data['user_token']) && ($this->request->get['user_token'] != $this->session->data['user_token']))))) {
$this->error['warning'] = $this->language->get('error_token');
}with
Code: Select all
if ((isset($this->session->data['user_token']) && !isset($this->request->get['user_token'])) || ((isset($this->request->get['user_token']) && (isset($this->session->data['user_token']) && ($this->request->get['user_token'] != $this->session->data['user_token']))))) {
$this->error['warning'] = $this->language->get('error_token');
// added for login trace start
$this->log->write('admin user token error');
$this->log->write('GV user token: '.(isset($this->request->get['user_token']) ? $this->request->get['user_token'] : ''));
$this->log->write('SV user token: '.(isset($this->session->data['user_token']) ? $this->session->data['user_token'] : ''));
// added for login trace end
}That will write entries into your OC error log whenever a login is required and what the GET variable user token (GV) and the session user token (SV) are.
Remember, they both need to exist and match.
Crystal Light Centrum Taiwan
Extensions: MailQueue | SUKHR | VBoces
“Data security is paramount at [...], and we are committed to protecting the privacy of anyone who is associated with our [...]. We’ve made a lot of improvements and will continue to make them.”
When you know your life savings are gone.
Then it is either the GET variable user_token (in the url query) which is missing or does not match the variable user_token stored in your session.
Could be that one of your extensions forgot that that variable needs to be added from the session to the GET variables on all admin urls or the extension was written for version 2 where that variable is called token, someone thought it necessary to change that name in V3.
If you would get no error message but just the login screen, then your session is lost or simply expired and the system assumes you are a new user just like you would start to use admin from scratch.
Could be that one of your extensions forgot that that variable needs to be added from the session to the GET variables on all admin urls or the extension was written for version 2 where that variable is called token, someone thought it necessary to change that name in V3.
If you would get no error message but just the login screen, then your session is lost or simply expired and the system assumes you are a new user just like you would start to use admin from scratch.
Crystal Light Centrum Taiwan
Extensions: MailQueue | SUKHR | VBoces
“Data security is paramount at [...], and we are committed to protecting the privacy of anyone who is associated with our [...]. We’ve made a lot of improvements and will continue to make them.”
When you know your life savings are gone.
Thanks a lot, i just did what you said me and the errors logs appears like you suggest 
Here are they:
2019-12-05 7:31:07 - admin re-login required
2019-12-05 7:31:07 - User logged in
2019-12-05 7:31:07 - GV user token:
2019-12-05 7:31:07 - SV user token: fd7b9cr7iWERPUWXOoksTj6WL343QUEp
2019-12-05 7:31:12 - admin re-login required
2019-12-05 7:31:12 - User logged in
2019-12-05 7:31:12 - GV user token: fd7b9cr7iWERPUWXOoksTj6WL343QUEp
2019-12-05 7:31:12 - SV user token: hCIuWsCgzQcbC0uHs6WavzmqzFOfFinU
2019-12-05 7:31:12 - admin user token error
2019-12-05 7:31:12 - GV user token: fd7b9cr7iWERPUWXOoksTj6WL343QUEp
2019-12-05 7:31:12 - SV user token: hCIuWsCgzQcbC0uHs6WavzmqzFOfFinU
2019-12-05 7:31:18 - admin re-login required
2019-12-05 7:31:18 - User logged in
2019-12-05 7:31:18 - GV user token:
2019-12-05 7:31:18 - SV user token: hCIuWsCgzQcbC0uHs6WavzmqzFOfFinU
Here are they:2019-12-05 7:31:07 - admin re-login required
2019-12-05 7:31:07 - User logged in
2019-12-05 7:31:07 - GV user token:
2019-12-05 7:31:07 - SV user token: fd7b9cr7iWERPUWXOoksTj6WL343QUEp
2019-12-05 7:31:12 - admin re-login required
2019-12-05 7:31:12 - User logged in
2019-12-05 7:31:12 - GV user token: fd7b9cr7iWERPUWXOoksTj6WL343QUEp
2019-12-05 7:31:12 - SV user token: hCIuWsCgzQcbC0uHs6WavzmqzFOfFinU
2019-12-05 7:31:12 - admin user token error
2019-12-05 7:31:12 - GV user token: fd7b9cr7iWERPUWXOoksTj6WL343QUEp
2019-12-05 7:31:12 - SV user token: hCIuWsCgzQcbC0uHs6WavzmqzFOfFinU
2019-12-05 7:31:18 - admin re-login required
2019-12-05 7:31:18 - User logged in
2019-12-05 7:31:18 - GV user token:
2019-12-05 7:31:18 - SV user token: hCIuWsCgzQcbC0uHs6WavzmqzFOfFinU
Strange.. well definitely becoming mismatched.
- Was this a fresh install of OC or did you upgrade from a previous version?
- Whats your PHP version?
Might just want to try and setup a fresh install on a sub-domain or something and see if can replicate on that.
Backup and learn how to recover before you make any changes!
expand the replaced trace sections with:
first one:
second:
So you can also see which user it involves and which session id is referenced.
first one:
Code: Select all
if ($this->user->isLogged() && isset($this->request->get['user_token']) && ($this->request->get['user_token'] == $this->session->data['user_token'])) {
$this->response->redirect($this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true));
} else {
// added for login trace start
$this->log->write('admin re-login required');
if ($this->user->isLogged()) {
$this->log->write('User logged in');
$this->log->write('User: '.$this->user->getUserName());
}
$this->log->write('Session: '.$this->session->getId());
$this->log->write('GV user token: '.(isset($this->request->get['user_token']) ? $this->request->get['user_token'] : ''));
$this->log->write('SV user token: '.(isset($this->session->data['user_token']) ? $this->session->data['user_token'] : ''));
// added for login trace end
}second:
Code: Select all
if ((isset($this->session->data['user_token']) && !isset($this->request->get['user_token'])) || ((isset($this->request->get['user_token']) && (isset($this->session->data['user_token']) && ($this->request->get['user_token'] != $this->session->data['user_token']))))) {
$this->error['warning'] = $this->language->get('error_token');
// added for login trace start
$this->log->write('admin user token error');
$this->log->write('User: '.$this->user->getUserName());
$this->log->write('Session: '.$this->session->getId());
$this->log->write('GV user token: '.(isset($this->request->get['user_token']) ? $this->request->get['user_token'] : ''));
$this->log->write('SV user token: '.(isset($this->session->data['user_token']) ? $this->session->data['user_token'] : ''));
// added for login trace end
}So you can also see which user it involves and which session id is referenced.
Crystal Light Centrum Taiwan
Extensions: MailQueue | SUKHR | VBoces
“Data security is paramount at [...], and we are committed to protecting the privacy of anyone who is associated with our [...]. We’ve made a lot of improvements and will continue to make them.”
When you know your life savings are gone.
It going to crazy me. I did a lot of research yesterday when i am log in with a different browser from a different computer everything seems correct.
The problem exist when i am trying to log in with the same Chrome, or chromium browser on linux, no matter from what computer i will try, from my laptop, from another desktop, it disconnecting all the other users that are logged in with chrome browesers on other computers.
The problem exist when i am trying to log in with the same Chrome, or chromium browser on linux, no matter from what computer i will try, from my laptop, from another desktop, it disconnecting all the other users that are logged in with chrome browesers on other computers.
I have a viritual assistant that is logged in on opencart same time I am with no issues, though she is in another town.
Only thing I can think of is are you using the same chrome account on all computers? Chrome auto-syncs what you do via its account feature so you can move from pc to phone and back using chrome and it remembers what you were doing. Perhaps it is trying to sync the two computers since you say you are on the same internet connection and it is messing up the session id? Try creating a second chrome account for the other person and see if it triggers it when you are logged in on different chrome accounts.
Only thing I can think of is are you using the same chrome account on all computers? Chrome auto-syncs what you do via its account feature so you can move from pc to phone and back using chrome and it remembers what you were doing. Perhaps it is trying to sync the two computers since you say you are on the same internet connection and it is messing up the session id? Try creating a second chrome account for the other person and see if it triggers it when you are logged in on different chrome accounts.
Running Opencart v3.0.3.9 with multi-stores and the default template from https://www.labeshops.com which has links to all my stores.
Yes that true i am using the same chrome account on all computers. I will try to add a new account and check what's going on and right it here just to help other people that maybe in the future have the same problem, but for me it's ok to use the old school firefox to all the other computers. A little GPL doesn't hurt anyone.
Anyway thanks for your time i really appreciate your willingness to help me.!!!!!!!! (Really
)
Anyway thanks for your time i really appreciate your willingness to help me.!!!!!!!! (Really
)
Who is online
Users browsing this forum: No registered users and 21 guests
