cancel
Showing results for 
Search instead for 
Did you mean: 

Suspect file in Magento 1.9.0.1

Suspect file in Magento 1.9.0.1

Hi guys sorry if i introduce here but someone is able to tell me where i can search for a suspect file i have in my register page of magento 1.9.0.1..??.( i have serched trough my ssh connection in "app" but nothing appear.here is the file i guess why is impossible for the customr to register, >> <input name="form_key" type="hidden" value="rjR5BNkcmzv3wWlV" />
many thanks in advance,..

17 REPLIES 17

Re: Suspect file in Magento 1.9.0.1

Hi @andri_mail,

 

Those values are ok.

form_key is used to validate forms and try to avoid attacks.

 

In order to find the problem with your customers login, did you enable the Magento's logs to see if there is a clue or something there?

Re: Suspect file in Magento 1.9.0.1

Many thanks for your reply,.so unfortunatly nothing come from log, ( if was so i guess i was able to find a solution ),..is really hard this issue are almost three weeks that i go around to find something to fix, but nothing,..even now i tried to set web cookie only http to no, to see id was that the problem,.but nothing,..

Re: Suspect file in Magento 1.9.0.1

Hi @andri_mail,

 

You've started this thread talking about a suspect file.

Can you explain a little bit more about that idea or what you are looking for?

Re: Suspect file in Magento 1.9.0.1

So i though that there was something wrong in this code, :Smiley Embarassed 

<form action =" / customer/ account/ createpost/" method="post" id="form-validate">
 but then i realize that there is even in my login page that work perfectly,.>> 
< form action =" / customer /account/ loginPost/" method=" post" id=" login-form">
 < div class="col2-set">
 < div class="login_box">
 < div class="content">
 <h2> Customers Login</h2>
 <p> If you have an account with us, please log in.</p>
 <ul class="form-list">
 so the conclusion is that my problem is on the form "action" validate password but not the question about the update of magento because that don't work for me,.<input type ="hidden" name ="form_key" value ="isGtChDt62V4qs5Y" />
< input name ="form_key" type =" hidden" value ="isGtChDt62V4qs5Y" />

Re: Suspect file in Magento 1.9.0.1

Hi Damian so finally j have udnerstood in my magento 1.9.0.1 I have ( i don't know why ) the file Account customer Controller of magento 1.9.1.0, so is completly different now the problem is that i tryed to overwrite the file with the original ones but i can't, the file is protected 0444 i tryed to change the permission but nothing he become always the same 0444 and the file rest the same, i wanted to ask you if i can delete and upload again the old file but i am afraid to do it,..thanks for your time,.

Re: Suspect file in Magento 1.9.0.1

Hi @andri_mail,

 

I guess you can do that (but, just for security) but remember to make a backup of that original file first.

Re: Suspect file in Magento 1.9.0.1

thanks, before i try to delete there is a way to comment the cleanPasswordsValidationData to make compatible with the system,..someone suggest this code>>> 

if (version_compare(Mage::getVersion(),"1.9.1.0",">="))
{
// Only from 1.9.1.0
$customer->cleanPasswordsValidationData();
}

 

but i don't know where to put,.??can you tell me,.??

Re: Suspect file in Magento 1.9.0.1

Hi @andri_mail,

 

I'm not sure because I don't know the context of that suggestion but maybe could be here: https://github.com/OpenMage/magento-mirror/blob/1.9.1.0/app/code/core/Mage/Customer/controllers/Acco... ?

Re: Suspect file in Magento 1.9.0.1

Many thanks for you're interest Damian, really appreciate, so like i've told you i need only to find a correct way to exclude > 

Invalid method Mage_Customer_Model_Customer::cleanPasswordsValidationData 

that is not supported in mage 1.9.0.1 that i run,..