Re: FN-FORUM: A weird issue with admin login and logoff

date posted 4th May 2008 20:44

On Sunday 04 May 2008 19:30:05 Alex Libby wrote:

> When I put in the URL for the admin bit (say, for example -
> http:///catalog/admin/, it goes straight through to the
> index.php page for Admin, without seeing ther login.php screen. Forcing the

Apache (assuming it's Apache, but other HTTP servers are broadly
similar) will usually proffer the first "suitable" page in the absence
of a specific file name.

I.e. it will look for index.html, then index.htm, then index.php, and so on;
this is part of the configuration and can normally be overridden in
a .htaccess file:
http://fragments.turtlemeat.com/htaccess.php

I assume that the index.php page in OSC would normally check for a cookie
or some such and redirect to login.php if there isn't one.

> Any ideas anyone? I don't really want to have to be forced to password
> protect the folder as a get out - I can do it, but it just seems an easy
> way out...I am using osCommerce 2.2 RC1.

A DirectoryIndex directive in .htaccess might do the trick, but personally I
would first check the code in index.php to see what it /ought/ to be doing.