Redirect request to other domain

I was trying to redirect all of my one wordpress blog setup which is setup on sub directory to the dedicated wordpress domain. To do so I have added following in directory based blog’s htaccess file:

RewriteEngine on

RewriteCond %{HTTP_HOST} ^example1.com$ [NC]
RewriteCond %{REQUEST_URI} ^/wp-blog/(.*) [NC]
RewriteRule ^(.*)$ http://example2-blog-site.com/%1

RewriteCond %{HTTP_HOST} ^www.example1.com$ [NC]
RewriteCond %{REQUEST_URI} ^/wp-blog/(.*) [NC]
RewriteRule ^(.*)$ http://www.example2-blog-site.com/%1

session lost between http and https

Today I came across strange problem. Let me explain you exact problem and solution for that.

Problem:

I have e-commerce site developed. After product added to shopping cart when user trying to checkout I am redirecting user from Shopping cart to Account page (if user already logged in) or Login Page (if user not logged in) on checkout. To make transaction more secure, Transition from shopping cart to Account page or Login Page is HTTP (Non-Secure) to HTTPS (Secure). Whenever I switch from HTTP to HTTPS, My stored shopping cart items which are stored in $_SESSION variable get lost.

Solution

After much hair pooling to trace and fix this issue I have found below solution:

When you switch between the HTTP and HTTPS services on the same server, your HTTP session ID is not being passed to the HTTPS session. Here we need to pass session_id which is created by HTTP to HTTPS page. so HTTPS resume similar session on server rather then creating new session for HTTPS request. Below is the code to explain it via example:

Consider you are redirecting  http://www.example.com/page1.php to  https://www.example.com/page2.php

page1.php script:

<?php
session_start();
$sess_id = session_id();
$_SESSION[‘someVar’] = “Var Value”;
echo “<a href=’https://www.example.com/page2.php?sess_id='&#8221;.$sess_id.”>Page2</a>”;
?>

page2.php script:

<?php
if(isset($_GET[‘sess_id’]) && $_GET[‘sess_id’]!=””)
{
session_id($_GET[‘sess_id’]);
}
session_start();

Hope above given solution help others as well.

Post comments if you have any question.

Happy Coding. 🙂

Error Levels in PHP

Following error levels constants available into PHP for error_reporting which are configured directly from php.ini, .htaccess or directly from php script using ini_set function:

Value	Constant	Description
1	E_ERROR	Fatal run-time errors. These indicate errors that can not be recovered from, such as a memory allocation problem. Execution of the script is halted.
2	E_WARNING	Run-time warnings (non-fatal errors). Execution of the script is not halted.
4	E_PARSE	Compile-time parse errors. Parse errors should only be generated by the parser.
8	E_NOTICE	Run-time notices. Indicate that the script encountered something that could indicate an error, but could also happen in the normal course of running a script.
16	E_CORE_ERROR	Fatal errors that occur during PHP’s initial startup. This is like an E_ERROR, except it is generated by the core of PHP.
32	E_CORE_WARNING	Warnings (non-fatal errors) that occur during PHP’s initial startup. This is like an E_WARNING, except it is generated by the core of PHP.
64	E_COMPILE_ERROR	Fatal compile-time errors. This is like an E_ERROR, except it is generated by the Zend Scripting Engine.
128	E_COMPILE_WARNING	Compile-time warnings (non-fatal errors). This is like an E_WARNING, except it is generated by the Zend Scripting Engine.
256	E_USER_ERROR	User-generated error message. This is like an E_ERROR, except it is generated in PHP code by using the PHP function trigger_error().
512	E_USER_WARNING	User-generated warning message. This is like an E_WARNING, except it is generated in PHP code by using the PHP function trigger_error().
1024	E_USER_NOTICE	User-generated notice message. This is like an E_NOTICE, except it is generated in PHP code by using the PHP function trigger_error().
2048	E_STRICT	Enable to have PHP suggest changes to your code which will ensure the best interoperability and forward compatibility of your code.
4096	E_RECOVERABLE_ERROR	Catchable fatal error. It indicates that a probably dangerous error occured, but did not leave the Engine in an unstable state. If the error is not caught by a user defined handle (see also set_error_handler()), the application aborts as it was an E_ERROR.
8192	E_DEPRECATED	Run-time notices. Enable this to receive warnings about code that will not work in future versions.
16384	E_USER_DEPRECATED	User-generated warning message. This is like an E_DEPRECATED, except it is generated in PHP code by using the PHP functiontrigger_error().
30719	E_ALL	All errors and warnings, as supported, except of level E_STRICT in PHP < 6.

What is error_reporting & display_error?

There are little misunderstanding regarding two good configuration variables  available in php.ini.

• error_reporting: This enables you to set error level i.e what are the different types of error you would like to log/show. All possible values for this setting are shown here
• display_error: This enables you to show/hide errors on user browser if any error generated. Value for this setting will be on/off. Generally for development environment this should be on and for production environment this should be off due to security reason.

Both of the above settings are good for debugging and keep your application error free.

Happy Coding!

Post your comments if you have any question.

Can not login to Magento Admin panel

Few days back I had plan to explore magento as there are much hip-hop of it now a days. As a web developer I was curious to know how much powerful it is with compare to osCommerce, Zencart, x-cart and CRE-Loaded. I have setup magento on my machine using XAMP using http://localhost/magento.

Problem:

After successfull installation of the magento store on XAMP I had tried to login to admin panel by visiting http://localhost/magento/admin or http://localhost/magento/index.php/admin. I am no longer login into admin account

In fact in the “Log in to Admin Panel” window whenever you provide wrong password/username combination it displays “Invalid Username or Password.” But whenever you provide correct password it does not show anything.

Reason of the problem:

The problem occurs because magneto could not store cookies. We run it as localhost and localhost is not true domain but to store cookies we need a domain. That’s why login stops without saying any word.

Solutions:

First Solution:

http://localhost/magento/index.php/admin will fail but if you connect as http://127.0.0.1/magento/index.php/admin it will work.

Second Solution:

Go to app/code/core/Mage/Core/Model/Session/Abstract/Varien.php file within your magento directory.

Find:

session_set_cookie_params(
$this->getCookie()->getLifetime(),
$this->getCookie()->getPath(),
$this->getCookie()->getDomain(),
$this->getCookie()->isSecure(),
$this->getCookie()->getHttponly()
);

and replace

session_set_cookie_params(
$this->getCookie()->getLifetime(),
$this->getCookie()->getPath()
//$this->getCookie()->getDomain(),
//$this->getCookie()->isSecure(),
//$this->getCookie()->getHttponly()
);

After this save the file. And try to login into the admin.

Third Solution:

Go to app/code/core/Mage/Core/Model/Session/Abstract/Varien.php file within your magento directory.

Find below at line 96:

if (isset($cookieParams[‘domain’])) {
$cookieParams[‘domain’] = $cookie->getDomain();
}

Replace the code found in line 96 with this one:

if (isset($cookieParams[‘domain’]) && !in_array(“127.0.0.1”, self::getValidatorData())) {

Clear your browser’s cookies to start with a clean slate then clear the Magento cache by deleting all the contents of the var\cache

Happy Coding!

htaccess helpful links

Following are useful links to learn htaccess:

• http://httpd.apache.org/docs/1.3/mod/mod_rewrite.html#RewriteCond
• http://httpd.apache.org/docs/1.3/misc/rewriteguide.html

How to change session.save_path?

There can be multiple ways to modify session.save_path.

1. If you have root access or access to php.ini then modify
   [session]
   .
   .
   .
   save_path = “/path/to/session/storage/”
2. You can modify .htaccess file
   php_value session.save_path “/path/to/session/storage/”
3. by using PHP file
   ini_set(“session.save_path”,”/path/to/session/storage/”);

Please post if you have any problem or need any help.

 

HTACCESS useful tricks

Apache Configuration

• Apache web servers have two main places for configuration information:
  • httpd Config files (httpd.conf)
  • Per-directory .htaccess files
• Usually only the administrators of a server have access to the httpd config files. Individual users are able to place .htaccess files in their individual directories in order to override the options in the httpd config files.
• .htaccess files are reread upon every hit within that directory.

Restricted access:

1. Access for particular IP
   order deny,allow
   deny from all
   allow from 203.168.130.194 #ip
2. Username/Password Protected
   
   AuthUserFile /path/to/htpasswd #FULL path to the password file
   AuthGroupFile /path/to/htgroup #FULL path to the htgroup file
   AuthName “Lee’s Secret Area” # This description will appear in the login screen
   AuthType Basic
   <Limit GET POST>
   require valid-user #for all allowed users defined in htpasswd
   require user cisco #for individual access
   require group managers  #for group access
   </Limit>

Build iGoogle-Like Personal Information Dashboards using Picok

Picok is an enterprise open source application useful to build iGoogle-Like personal information dashboards. The content is loaded into small portlets (small draggable boxes) and layed out in a tabbed 3-column interface. The maintainers of picok installations can create portlets of their own. The application collects information from external sources and displays them in a clear and readable design.

Features include:

• Multi user application & Multi language
• Extendible (the application can be extended with custom portlets and contents)
• Administration Panel
• Drag & Drop
• Tabbed Interface
• Portlet & Tab Management
• Portlet auto refresh
• Graded loading

Picok is written in PHP 5, uses the Yahoo User Interface Library and Zend Framework Components and supports MySQL, Microsoft SQL Server, IBM Lotus Notes and is ready to be integrated into your corporate intranet, website or community platform as well.

* Requirements: Okapi Framework, PHP 5.1.6+, MySQL
* Source: http://www.picok.org/
* Download: http://picok.org/get_picok/

Article Source from: http://www.bitrepository.com/picok.html

How to install pear packages on WAMP/window?

Follow following steps to install any pear package on window using WAMP architecture:

1. Go to command prompt using start->run->cmd
2. Type “pear install <packagename>” (where<packagename> is the name of the package you want to install)

OR

1. If the above one does not work, manually download the package from the website and go to that directory that contains the downloaded package.
2. Type “pear install <packagename>” (where<packagename> is the name of the downloaded package)

Drop me comment if you have any problem.