One of my clients has been having this issue, but it was only on one computer, so we thought it was something with his computer since I could not recreate it on my end. They are now working with another company to upload some products for them and this new company is have similar issues. It seems that when they try to download a CSV of current products or when they try to upload or import anything to the site, they are prompted (by pop up) to log in again.

I know someone would have to be logged in to check on this. Could someone (Marlene or Vince or someone) reply to this and let me know if they'd be willing to work on this issue with me? I'll then contact you and send you the login details.

If anyone else has had anything similar to this happen, I'd love to hear any solutions or suggestions.

Thanks!

Hi JustDucky
Sure, send me an email and I'll take a look . . . vince AT ecommercetemplates DOT com

Vince

Click Here for Shopping Cart Software
Click Here to sign up for our newsletter
Click Here for the latest updater

Hi JustDucky
I tried downloading the CSV inventory and didn't have a problem. Is there anything in particular I need to do to recreate this? Also you mentioned that the login is by pop up, but that wouldn't be the regular admin login then, no? Is there a way to get a screen shot of that pop up?

Vince

Click Here for Shopping Cart Software
Click Here to sign up for our newsletter
Click Here for the latest updater

Sent to your email address.

Thanks!

The issue has happened a few different ways - trying to download a csv file, trying to upload a file, and trying to edit a product and change the image within that product.

One other thing to look at is the address in the URL - I have no idea why, when the client accesses this site from their system it shows as not secure. It shows as secure on my end and my host says there is no problem with the SSL certificate.

Any ideas on that?

Is the store URL and SSL URL both the same in the main settings?

Marshall
CENLYT Productions - ms designs
Affordable Web Design
Custom Ecommerce Designs
Responsive Websites
Cenlyt.com

Yes, both say https:

Can you email the url and I'll check the ssl



* Database Migrations and Conversions*
* ASP to PHP Cart Conversions*
*Contact Us*
*Buy The PHP Capture Card Plugin*
*Rate Our Services/View Our Feedback*

Phil - the URL is: alkydigger.net

Is there anything else you need?

Running the domain alkydigger.net through a https check, these are the results that I am getting

SSL Certificate is Valid
No Insecure Social Links
No Insecure Sitemap(s) Found
No Insecure Redirects Found

Insecure forms have been found
29 Active Mixed/Insecure Content Found (+ 861 Duplicates)
82 Passive Mixed/Insecure Content Found (+ 53 Duplicates)
11 Insecure Canonical links found
243 Insecure Links to the Same Domain Found (+ 1824 Duplicates)

Your website is not currently using the "strict-transport-security" header, which can leave you open to man-in-the-middle attacks with tools like SSLStrip This is one aspect of SSL that I consistently find is not implemented.

Steve
Manchester England

Remember - Any edits to the ectcart.css file will be overwritten by updater's. ALL edits to ectcart.css rules should be placed in your style.css file

Hi JustDucky
The main admin pages will check the login cookie but scripts like the CSV download, image upload etc will just assume you are logged in and this seems where the problem is. If you leave the page idle long enough and then click on say the image upload then the page will refresh to the admin login page. So what I've done is added code to those scripts to also check the cookies like the main pages. I've added the changes to the v7.2 updater (if you are using v7.1 then please let me know), so if you download the updater and copy these files it should sort this out...

vsadmin/doupload.php
vsadmin/dumporders.php
vsadmin/popupemail.php

Vince

Click Here for Shopping Cart Software
Click Here to sign up for our newsletter
Click Here for the latest updater

Hi Vince - yes, we are using v 7.1.9 -- what should we do?

So...what should I do here since I'm using 7.1? Should I just update to the newest version? I need to get back to my client and let him know if I have a solution for this.

More issues. Now this is happening at times: https://www.alkydigger.net/2020%20Screenshot/6722.jpeg

Also, as you can see, the URL is still showing non secure. However; on my system I cannot recreate this at all. Every page I visit is showing as secure.

Can someone help me, please?

Looking at the image it's on http and not https




* Database Migrations and Conversions*
* ASP to PHP Cart Conversions*
*Contact Us*
*Buy The PHP Capture Card Plugin*
*Rate Our Services/View Our Feedback*

Actually the image only shows "www.alkydigger.net" along with the padlock with the line through it.

The other issue in that image is that it keeps popping up like that showing "Error couldn't find cart".

quote:

---

Hi Vince - yes, we are using v 7.1.9 -- what should we do?

---

Hi JustDucky
I've added these changes to the v7.1 updater too.

Vince

Click Here for Shopping Cart Software
Click Here to sign up for our newsletter
Click Here for the latest updater

So do I simply apply the 7.1 updater again? Would it be better to apply the newest 7.2 updater? I'm a little confused.

Hi JustDucky
You would need to download a new copy of the v7.1.9 updater and then apply it and that should sort this out. The v7.2 (Advanced Release) is for those that specifically want new features but if you don't want those it's best to stay on the v7.1 line.

Vince

Click Here for Shopping Cart Software
Click Here to sign up for our newsletter
Click Here for the latest updater