The Woocommerce login form isn't working on only a single page.
Link: https://alexllc.org/labs/
To try logging in you need to hover over "Ahoy, Guest" and click "Log In." I can't give out login info for security, but if you just click the "Log In" button without filling anything out it will reload and if you open up the popup again you'll notice it doesn't give any error message. It gives error messages on every other page in this scenario. You can also login from every other page properly with correct login info. This is the only page giving issues.
I get this error when trying to log in:
POST https://alexllc.org/labs/?wc-ajax=get_refreshed_fragments 403 (Forbidden) jquery.js:4
The same page works properly on the test environment. The live site has AIOWPS installed and if I disable all Firewall Rules it causes you to get a 404 page trying to log in from this page rather than just reloading it without logging you in.
This form is called using the [woocommerce_my_account] shortcode. The popup is included the same way everywhere, so I'm not sure what could be causing this page in particular to have the issue. Not sure what other code I should/can really share that would help.
I'm happy to give a login to individuals confidentially so they can test it with me if needed.
Related
I'm experimenting for the first time with transition between html pages. I've been looking for the differences between replace and a href when I founded them I chose the second one. I'm building a sign-out button. So when i click on it I need to be redirected to the login page. But I also need to make impossible for the user to navigate back to the home (from the login) with the back button. So in my home.js file I wrote that (I'am working with firebase):
const disconnettitiButton = document.getElementById("disconnettiti");
disconnettitiButton.addEventListener('click', () => {
firebase.auth().signOut().then(function() {
// Sign-out successful.
window.location.replace("../index.html");
}).catch(function(error) {
// An error happened.
});
});
while this is the html corresponding to the button (It's not really a button...)
<a class="nav-link" href="#" id="disconnettiti">Disconnettiti<span class="sr-only"></span></a>
The problem is: The window.location.replace() succeeds in changing the page and returning back to the login form. But when i click the back button I can also return to the home page, where i called the .replace() function. The replace method should delete the top of the history but this is not the case. Any solutions? Many thanks
There is a basic error in your logic. Restricted area pages should be accessible only with valid grants.
These grants should be deleted when user logs out. So even if you press the back button you don't have the grants anymore and you are redirected to the login page. The same will happen if you try to point to a specific url in the restricted area.
You can use a cookie for example that you set/unset on login/logout or you can use sessions. On each page in the restricted area you need to have the check of the existence of the cookie at the beginning and otherwise the redirect.
Something is working wrong in your application if after logout you can still see things that are inside the restricted area (but you didn't provide code to check that)
EDIT: i saw #scragar comment after i posted my answer but I fully agree with that and not with OP's answer. There are no need for a login page if you don't want to restrict the application. The login becomes completely meaningless if you can access restricted areas anyway
I think you need to give complete url rather than giving a relative path. So if you are serving the page from localhost at port 3000 and index.html is at root, then you should give the path as http://localhost/index.html.
Also, your script must be throwing an error. You should check the browser console first, if something doesn't work.
Hope it helps:)
I'm trying to integrate Amazon's "Login and Pay with Amazon" payment method into my webshop. I followed the steps from the developer docs: http://docs.developer.amazonservices.com/en_UK/apa_guide/APAGuide_GettingStarted.html
The problems starts at the very beginning. I inserted the code for the head part, and also the button widget (explained in Getting Started > Step 1). But when I click the button in my shop, the popup shows the following error:
It says there is a problem with the handling of my order (although I just expected a login screen). And Amazon is about to fix that problem. But I get this error since the very first time I clicked this button, and that's about a week ago. And I can't find any statements to this error.
Is there anything I could have done wrong? I think I setup everything right (client-id, seller-id, return-url, scope- and popup-parameters). Also the onError function isn't called, so I can't really do any debugging.
What causes the error?
Have you setup the Allowed JavaScript Origins in application console? That might cause your problem.
I've looked at several other SO questions about this same error, but they don't seem to quite match what I'm doing.
I'm working up an AngularJS app & trying to do pagination within JSFiddle. When I click on my link, I get an error: {"error": "Please use POST request"}
Most sources say that I need to simply change my form method. But no where am I using GET or POST, so not sure where the hangup is happening. Even tried setting breakpoints, but that didn't help much.
Help would be appreciated!
note- To get the same error message: you need to select "RUN" & then click on the link
When you first link to the jsfiddle it works because the frame shows http://fiddle.jshell.net/enigmarm/L7CSD/6/show/. When you click RUN it posts the form to http://fiddle.jshell.net/_display/ to render your page. Going to http://fiddle.jshell.net/_display/ in the browser (ie: using GET) will give you the error.
You have an href="" which means that clicking it regets the page using the GET verb instead of the post that created the rendered page. Don't put href="" on that or stop it from requesting the page.
This can happen when using a XSS script-blocker like NoScript, which changes cross-site requests from POST to GET.
I have just tried to use the Facebook registration plugin inside an iframe page tab.
In case anyone is wondering why I would want to do this, I want to use the Facebook registration plugin to create a newsletter signup form on my FB page.
I tried with this code:
<iframe src="https://www.facebook.com/plugins/registration.php?
client_id=113869198637480&
redirect_uri=&
fields=name,birthday,gender,location,email"
scrolling="auto"
frameborder="no"
style="border:none"
allowTransparency="true"
width="100%"
height="330">
</iframe>
and this code:
<div id="fb-root"></div>
<script src="https://connect.facebook.net/en_US/all.js#appId={YOUR_APP_ID}&xfbml=1"></script>
<fb:registration
fields="name,birthday,gender,location,email"
redirect-uri=""
width="530">
</fb:registration>
In both cases I used the APP_ID of the page tab application, and the canvas url for that page tab, but I filled out the website field with the website being used.
WHen I take out the pre-filled FB info and fill out the form, a var_dump on the receiving page gives out the right info, but when I submit it with the pre-filled FB info, it does a popup saying, you are registering with APP_NAME_HERE, if you want to do this click continue, or undo if you don't (something like that) and when I click continue nothing happens.
I have used Firebug to inspect the page, and I think that the data is being sent to another iframe, but I don't know how to access it. I have tried changing target to _top, _self and _parent but this didn't work either. I also tried creating a new app specifically using the website attribute, and that failed in the same way too. ANy help gratefully received.
As far as I can tell, the target attribute is broken when using pre-filled info. Perhaps it has something to do with the way the flow must happen when the confirmation popup appears, but AFAIK it's not documented that the two cannot be used together. In any case, the pre-filled data seems to have the effect of forcing target=_top no matter what you specify in the attributes.
That being the case, you will have to specify an external page address as the redirect_uri and process the data there and then redirect back to the Facebook page address. If necessary you can pass some data back using the app_data parameter in the query string.
Most than likely you are already flagged as registered and are receiving back the cookie/header for FB connect to work. If this is the case you will need to un-register your application on facebook in the application management page. Once you do that the button will work again.
Lastly, if the user is logged into Facebook and already connected to
your application, the button will say Login and won't do anything when
clicked (but your application should detect this state using the
getLoginStatus method and not show the button).
https://developers.facebook.com/docs/plugins/registration/
You can debug your registration status using
FB.Event.subscribe('auth.statusChange', function(response) {
if(!response.authResponse) return;
console.log(response)
});
Hope this helps.
Looks to me that you are missing something:
< fb:register >
Here you can see that tha attribute onvalidate, which contains the name of the js function called after the Register button is pressed, to whom is passed the whole object containing the user info.
Greetings ;)
Luca
In the second code redirect-uri="" needs a value. It needs to be prefixed by your site url.
I'm trying to understand how this login page works by looking at the source from my browser (Chrome).
The source links to some CSS, pictures, and generic JavaScript libraries. Apart from a little jQuery at the very start (for changing the language), I don't see why the page isn't more than just dead HTML elements.
For example, if I click "LOGIN" with an empty username and password, the message "The username or password you entered is incorrect." appears. But I can't see anywhere in source where such behaviour is defined.
What am I missing?
The activity you are observing is one of the core functions of <form> elements. When a form is submitted, the user's browser is directed to the page defined by the action attribute in the form. In addition to directing the user to this page, all of the inputs included in the form are passed to the web server as variables.
One way of submitting a form is by including an input element of type submit within the form, which is what the web designer has done here. When that submit element is invoked (via a click, for example), the form is submitted.
The message you see is not shown by jQuery / Javascript.
Notice that when you click the "LOGIN" button, the page submits your request.
That means it Server Side code starts to run, code that you cant see.
This Server Side code handles your input and generates the Error Message that you see.
When you click the LOGIN button, the form is submitted to the server,which returns a new HTML containing the message. The logic for that is defined in server-side code, which you can't see from outside. 'View source' will only display what the server outputs.
I think the page is simply refreshing.
You can confirm this by opening the network tab in chrome console and watching it as you submit the empty form.
Thanks to http asset caching, this seems as if the page did not refresh - but chrome's network tab confirms it does.