Suspect file in Magento 1.9.0.1

andri_mail · ‎07-20-2018

Hi guys sorry if i introduce here but someone is able to tell me where i can search for a suspect file i have in my register page of magento 1.9.0.1..??.( i have serched trough my ssh connection in "app" but nothing appear.here is the file i guess why is impossible for the customr to register, >> <input name="form_key" type="hidden" value="rjR5BNkcmzv3wWlV" />
many thanks in advance,..

Damian Culotta · ‎07-22-2018

Hi @andri_mail,

Those values are ok.

form_key is used to validate forms and try to avoid attacks.

In order to find the problem with your customers login, did you enable the Magento's logs to see if there is a clue or something there?

andri_mail · ‎07-22-2018

Many thanks for your reply,.so unfortunatly nothing come from log, ( if was so i guess i was able to find a solution ),..is really hard this issue are almost three weeks that i go around to find something to fix, but nothing,..even now i tried to set web cookie only http to no, to see id was that the problem,.but nothing,..

Damian Culotta · ‎07-24-2018

Hi @andri_mail,

You've started this thread talking about a suspect file.

Can you explain a little bit more about that idea or what you are looking for?

andri_mail · ‎07-24-2018

So i though that there was something wrong in this code, :

but then i realize that there is even in my login page that work perfectly,.>>

< form action =" / customer /account/ loginPost/" method=" post" id=" login-form">
	< div class="col2-set">
	< div class="login_box">
	< div class="content">
	<h2> Customers Login</h2>
	<p> If you have an account with us, please log in.</p>
	<ul class="form-list">
so the conclusion is that my problem is on the form "action" validate password but not the question about the update of magento because that don't work for me,.	<input type ="hidden" name ="form_key" value ="isGtChDt62V4qs5Y" />

< input name ="form_key" type =" hidden" value ="isGtChDt62V4qs5Y" />

andri_mail · ‎07-26-2018

Hi Damian so finally j have udnerstood in my magento 1.9.0.1 I have ( i don't know why ) the file Account customer Controller of magento 1.9.1.0, so is completly different now the problem is that i tryed to overwrite the file with the original ones but i can't, the file is protected 0444 i tryed to change the permission but nothing he become always the same 0444 and the file rest the same, i wanted to ask you if i can delete and upload again the old file but i am afraid to do it,..thanks for your time,.

Damian Culotta · ‎07-27-2018

Hi @andri_mail,

I guess you can do that (but, just for security) but remember to make a backup of that original file first.

andri_mail · ‎07-27-2018

thanks, before i try to delete there is a way to comment the cleanPasswordsValidationData to make compatible with the system,..someone suggest this code>>>

if (version_compare(Mage::getVersion(),"1.9.1.0",">="))
{
// Only from 1.9.1.0
$customer->cleanPasswordsValidationData();
}

but i don't know where to put,.??can you tell me,.??

Damian Culotta · ‎08-04-2018

Hi @andri_mail,

I'm not sure because I don't know the context of that suggestion but maybe could be here: https://github.com/OpenMage/magento-mirror/blob/1.9.1.0/app/code/core/Mage/Customer/controllers/Acco... ?

andri_mail · ‎08-05-2018

Many thanks for you're interest Damian, really appreciate, so like i've told you i need only to find a correct way to exclude >

Invalid method Mage_Customer_Model_Customer::cleanPasswordsValidationData

that is not supported in mage 1.9.0.1 that i run,..

Suspect file in Magento 1.9.0.1

Suspect file in Magento 1.9.0.1

Re: Suspect file in Magento 1.9.0.1

Re: Suspect file in Magento 1.9.0.1

Re: Suspect file in Magento 1.9.0.1

Re: Suspect file in Magento 1.9.0.1

Re: Suspect file in Magento 1.9.0.1

Re: Suspect file in Magento 1.9.0.1

Re: Suspect file in Magento 1.9.0.1

Re: Suspect file in Magento 1.9.0.1

Re: Suspect file in Magento 1.9.0.1