admin problem

greenspun.com : LUSENET : S-Mart Shopping Cart : One Thread

Hi All. I just finished loading the new smart store script that I recieved free when I purchased the checker program. In a matter of minutes I had it working with one small problem. When I type the password into the admin page and click on the button it brings me back to the same page. I know it has to be a path problem but can anyone direct me to where I can fix this. Thanks much. Rick

-- Rick Williams (rob1000@ptd.net), March 21, 2000

Answers

Hi, Rick: When the second prompt comes up asking for a new password: ENTER YOUR PASSWORD: [ empty field ] (Smart Administrator) Just hit the submit button again with out entering anything. YOU ARE IN ! If you look at the url: http://www.your_domain.com/cgi-local/smart/admin/smartadmin.cgi? pword=your_password The script constructed the URL for you. That's exaxtly what's supposed to happen. I wrote it that way as a future trap so the script can count attempted entries and lockout another try for, say 15 min. Look at the script smartadmin.cgi: if ($FORM{'pword'} ne $pword){ print "Content-type: text/html\n\n\n"; print ""; print "
"; print "
ENTER YOUR PASSWORD:
\n"; print "
\n"; print "
\n"; print "
"; exit(0); } If you add $FORM{'pword'} as a value in the line: print "
\n"; as print "
\n"; then the second prompt will be filled. But as I say, it doesn't matter. But trust me (and Eddie). We've got some cool hacker traps coming. Anyhow, I should mention that once you ARE in, you can bookmark the administrator And the URL: http://www.your_domain.com/cgi-local/smart/admin/smartadmin.cgi? pword=your_password will pop you right into the administrator. Thanks, and enjoy the new SmartStore

-- Gregory Swofford (computer@web-store.net), March 22, 2000.

Greg, thanks so much for giving a reply to my question. The strange thing is that befor I made any changes I went to the admin and tried it again. Now the darn thing doesn't require a password at all. I know I didn't change anything there and don't understand it. If you can tell me where to look to make this thing require a password it would be nice. And yes on the smartcfg.cgi I do have a password there. All in all this is a real nice script and you guys should be proud of it. I have 2 small bugs , one with the shipping not showing up the proper amount in the email and the tax not showing in the email but when i get them fixed I will tell everyone I know what a great script you have come up with. Thanks Rick

-- Rick Williams (rob1000@ptd.net), March 22, 2000.

Rick: Your browser stores URL info. Refresh your browser. Greg

-- Gregory Swofford (computer@web-store.net), March 22, 2000.

Hi Greg, I am aware of that and have hit the refresh and also shut the computer down and it still happens. Also it happens on the computer in the other room. If you type the wrong password in it wikk not open for you but in the address bar on the browser it will then display the url of the admin page including the password. If you put no password in and click it twice you are in. Check it out yourself. http://server27.hypermart.net/rlw/cgi-bin/smart/admin/smartadmin.cgi sure hope I am wrong but it is giving me a headache. Thanks Again Rick

-- Rick Williams (rob1000@ptd.net), March 22, 2000.

We will fix it if it's a bug. But it will be a couple days. Will post the patch. Greg

-- Gregory Swofford (computer@web-store.net), March 22, 2000.


Moderation questions? read the FAQ