Jump to content

DB password required?


Guest philoye

Recommended Posts

Well already found the same. The very quick help to skip any username/pass checking:

setup/install.php

Comment a line where you find following:

$onclick = "onclick=\"YY_checkform('install','dbhost','#q','0','

Session issue on local install. I have posted this in CC4 Beta forums:

classes/session/cc_admin_session.php

function set_cc_admin_cookie($name, $value) {

$expires = 0; ## remember session until browser is closed

@setcookie($name, $value, $expires, $GLOBALS['rootRel']);

//@setcookie($name, $value, $expires, $GLOBALS['rootRel'], $this->get_cookie_domain($GLOBALS['storeURL']));

}

classes/session/cc_session.php

if (!$this->user_is_search_engine() || $this->config['sef'] == false) {

$expires = ($length>0) ? (time()+$length) : 0;

//setcookie($name, $value, $expires, $GLOBALS['rootRel'], $this->get_cookie_domain($GLOBALS['storeURL']));

setcookie($name, $value, $expires, $GLOBALS['rootRel']);

}

Red marked is a new code, original code is commented out.

Link to comment
Share on other sites

Session issue on local install. I have posted this in CC4 Beta forums:

$onclick = "onclick=\"YY_checkform('install','dbhost','#q','0','

Wow, 1 hour in the wild and already hacking the core!

I'm running into the same session issue: "No administration session was found." I actually went and created a username/password for my local dev mysql database, but then when I went back, I get this error.

What is causing it?

Link to comment
Share on other sites

You must have a MySQL password! If you run a box, local or remote without a password this is not good news.

Fair enough, but my local mysql database has nothing of value. If the hackers get through my router and get through my firewall, my dev database is the LEAST of my worries.

Link to comment
Share on other sites

Have you got cookies enabled?

Also if more than one admin has the same access details they will log each other out as their browser/IP will differ. It's important each admin has their own unique admin login.

I have cookies enabled. I only have one admin in this (new cc4-only) database. It does share the same user name with my cc3 install, but that's in another database.

Convict's changes to the two session.php files did the trick though.

Link to comment
Share on other sites

Session issue on local install. I have posted this in CC4 Beta forums:

$onclick = "onclick=\"YY_checkform('install','dbhost','#q','0','

Wow, 1 hour in the wild and already hacking the core!

Hehe what a mixture of text like journalist i didnt say it as is written LOL :)

The session issue on local install was posted before not the install script hacl :-) It is first time Develion added such db pass control in a official release as far as I know :)

Link to comment
Share on other sites

Session issue on local install. I have posted this in CC4 Beta forums:

$onclick = "onclick=\"YY_checkform('install','dbhost','#q','0','

Wow, 1 hour in the wild and already hacking the core!

Hehe what a mixture of text like journalist i didnt say it as is written LOL :w00t:

The session issue on local install was posted before not the install script hacl :-) It is first time Develion added such db pass control in a official release as far as I know :)

ok. Please report any bugs and we'll get to them. :)
Al, v4 Beta forums discussed about I posted code without domain record in php cookies command. Martin did something around afterwards I think but domain always there.

I think this is not used in version 3.

Strange, edit post did the next one :) :w00t:

Link to comment
Share on other sites

Well already found the same. The very quick help to skip any username/pass checking:

setup/install.php

Comment a line where you find following:

$onclick = "onclick=\"YY_checkform('install','dbhost','#q','0','

Session issue on local install. I have posted this in CC4 Beta forums:

classes/session/cc_admin_session.php

function set_cc_admin_cookie($name, $value) {

$expires = 0; ## remember session until browser is closed

@setcookie($name, $value, $expires, $GLOBALS['rootRel']);

//@setcookie($name, $value, $expires, $GLOBALS['rootRel'], $this->get_cookie_domain($GLOBALS['storeURL']));

}

classes/session/cc_session.php

if (!$this->user_is_search_engine() || $this->config['sef'] == false) {

$expires = ($length>0) ? (time()+$length) : 0;

//setcookie($name, $value, $expires, $GLOBALS['rootRel'], $this->get_cookie_domain($GLOBALS['storeURL']));

setcookie($name, $value, $expires, $GLOBALS['rootRel']);

}

Red marked is a new code, original code is commented out.

The problem with this fix is that if you have more than one install on the same domain sessions will be shared between then. The idea was to lock the session to the domain.path based on the storeURL in the global.inc.php file.

Maybe locally installed stores have a different value in the global file to the one actually used.

e.g. $glob['storeURL'] = "http://192.168.0.1/store";

If you visit the store at http://localhost/store sessions won't work.

Right now I'm not sure what the solution is.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...