0

I'm getting an odd situation with Google Chrome, and only Chrome. Although I found it on shopping cart Zen Cart, I can't see that it's specific to the code and as it ONLY affects Chrome I thought it might be of wider interest here.

When Zen Cart is installed on an IP address (ie: 192.168... rather than domain.com) and when logging in with the correct credentials, it gives the error

There was a security error when trying to login

when the default admin setting of "cookie domain" and "IP to Host Conversion Status*" are set to "true". When I set to false, I can login using Chrome. In all cases, I can login with IE, FF and Opera.

Everyone is slagging Chrome in the Zen Cart forum saying "get a proper browser", but I'm not so sure it's entirely Chrome's fault, but the server error logs don't actually log anything for it.

I've also tried asking in the Google Chrome forum, but it's about the level of Yahoo! Answers in there ("how I use goggle chrome to watch lady make a peepee?", "how is babby formed?", etc.) and no reply has come.

The bit of PHP code that makes this message is:

if ((!isset($_SESSION['securityToken']) || !isset($_POST['securityToken'])) || ($_SESSION['securityToken'] !== $_POST['securityToken'])) 
{ $message = true; $pass_message = ERROR_SECURITY_ERROR; }

and the login form is:

<form name="loginform" action="<?php echo zen_href_link(FILENAME_LOGIN, '', 'SSL'); ?>" method="post">
<fieldset>
<legend><?php echo HEADING_TITLE; ?></legend>
<label class="loginLabel" for="admin_name"><?php echo TEXT_ADMIN_NAME; ?></label>
<input style="float: left" type="text" id="admin_name" name="admin_name" value="<?php echo zen_output_string($admin_name); ?>" />
<br class="clearBoth" />
<label  class="loginLabel" for="admin_pass"><?php echo TEXT_ADMIN_PASS; ?></label>
<input style="float: left" type="password" id="admin_pass" name="admin_pass" value="<?php echo zen_output_string($admin_pass); ?>" />
<br class="clearBoth" />
<?php echo $pass_message; ?>
<input type="hidden" name="securityToken" value="<?php echo $_SESSION['securityToken']; ?>" />
<input type="submit" name="submit" class="button" value="Login" />
<?php echo '<a style="float: right;" href="' . zen_href_link(FILENAME_PASSWORD_FORGOTTEN, '', 'SSL') . '">' . TEXT_PASSWORD_FORGOTTEN . '</a>'; ?>
</fieldset>
</form>
4

1 回答 1

0

为什么不简单地通过为它创建一个 DNS 记录来绕过它(例如 mycoolsite => 192.168.222.222 或其他)?此 A 记录需要位于您本地网络的 DNS 服务器、系统的主机文件(如果您所在的位置没有服务器)中,或者如果在 Internet 上,则需要添加到您域的 DNS 记录中。

于 2011-01-20T19:07:19.133 回答