Error message (when updating order status):
Warning: Your IP XXXXXXX is not allowed to access this API!
Version: 2.3.0.2
I have a number of users of the Shop admin but one of my users is getting this error.
What can I do to fix this?
I have API "json" enabled. Should i switch all this off?
I just want admins to be able to login and update order status. One of my admins used a 3G dongle and his IP address changes regularly so its becoming quite a pain.
For starters, check that this IP is present in IP-addresses list for your current API. Usually, this should help.
Professional OpenCart extensions, support and custom work.
Contact me via email or Skype by support@thekrotek.com
Nope, just once.
Professional OpenCart extensions, support and custom work.
Contact me via email or Skype by support@thekrotek.com
Yes, every new IP also has to be added. That's how it works.
Professional OpenCart extensions, support and custom work.
Contact me via email or Skype by support@thekrotek.com
Don't even count on this. Will never happen, I'm pretty sure. You can disable API check with VQMod, if you know some coding. Not too hard to implement.declanc wrote:Hopefully this is something they leave as an opt-in feature in future.
Professional OpenCart extensions, support and custom work.
Contact me via email or Skype by support@thekrotek.com
In catalog/controller/api/login.php a getApiIps() function is called and the a simple check is made:
You can simply comment the check:
Boom! Done!
Code: Select all
$results = $this->model_account_api->getApiIps($this->config->get('config_api_id'));
foreach ($results as $result) {
$ip_data[] = $result['ip'];
}
if (!in_array($this->request->server['REMOTE_ADDR'], $ip_data)) {
$json['error']['ip'] = sprintf($this->language->get('error_ip'), $this->request->server['REMOTE_ADDR']);
}Code: Select all
//$json['error']['ip'] = sprintf($this->language->get('error_ip'), $this->request->server['REMOTE_ADDR']);Professional OpenCart extensions, support and custom work.
Contact me via email or Skype by support@thekrotek.com
Just open all files on catalog/controller/api folder and replace this entry:
To some stupid check:
Do this replacement everywhere you find this stupid check for api_id and you're saved.
API sessions in OC 2.3 are bugged, there's nothing you can do about it. Hopefully it'll be fixed in next release.
Code: Select all
if (!isset($this->session->data['api_id'])) {Code: Select all
if (isset($this->session->data['me_loves_taco'])) {API sessions in OC 2.3 are bugged, there's nothing you can do about it. Hopefully it'll be fixed in next release.
Professional OpenCart extensions, support and custom work.
Contact me via email or Skype by support@thekrotek.com
Still no joy! 
The user with the 3G connection is still getting this error when trying to edit order statuses:
"Warning: You do not have permission to access the API!"
I did a Find/Replace on the API folder to swap everything with the check for api_id with "me_loves_taco" but still not working! Any other ideas?
Thanks for the help so far.
The user with the 3G connection is still getting this error when trying to edit order statuses:
"Warning: You do not have permission to access the API!"
I did a Find/Replace on the API folder to swap everything with the check for api_id with "me_loves_taco" but still not working!
Any other ideas?Thanks for the help so far.
Files in "api" folder are the only ones, which display this message. This means, you did something wrong or didn't refresh the cache.
Or... you have "me_loves_taco" variable magically set by fairy.
Or... you have "me_loves_taco" variable magically set by fairy.
Professional OpenCart extensions, support and custom work.
Contact me via email or Skype by support@thekrotek.com
Okay, now I'm having issues myself.
When changing order status (from the top level admin account), I get this message:
Warning: You do not have permission to access the API!
1. I double checked all the API files - I made the changes as advised above.
2. I tried different admin accounts - having the same issue.
3. I just the API settings and it's enabled, and my current IP address is logged on the list.
Head scratcher!
Any possible solutions to this?
When changing order status (from the top level admin account), I get this message:
Warning: You do not have permission to access the API!
1. I double checked all the API files - I made the changes as advised above.
2. I tried different admin accounts - having the same issue.
3. I just the API settings and it's enabled, and my current IP address is logged on the list.
Head scratcher!
Any possible solutions to this?
Who is online
Users browsing this forum: No registered users and 57 guests
