unable to log in

Today we upgraded one of our clients website to latest version of Magento i.e. and the first issue we spotted that we were unable to login or create account on Magento frontend. After debugging we found that the problem was in loginPostAction and createPostAction function of app/code/core/Mage/Customer/controllers/AccountController.php and the following three lines were causing the issue -:

public function loginPostAction()
{ if (!$this->_validateFormKey()) { $this->_redirect('*/*/'); return; } .......

After further investigation we found the following login and registeration forms of the base design theme don’t have form key information.

 app/design/frontend/base/default/template/customer/form/login.phtml app/design/frontend/base/default/template/persistent/customer/form/login.phtml app/design/frontend/base/default/template/customer/form/register.phtml app/design/frontend/base/default/template/persistent/customer/form/register.phtml 

We copied both the above template files to our custom theme as changing base theme is not recommended because it belongs to Magento team.

 app/design/frontend/default/<custom_theme>/template/customer/form/login.phtml app/design/frontend/default/<cutom_theme>/template/persistent/customer/form/login.phtml app/design/frontend/default/<custom_theme>/template/customer/form/register.phtml app/design/frontend/default/<cutom_theme>/template/persistent/customer/form/register.phtml 

In all the files we added the following form_key hidden input box just after form tag -:

<form action=".......>
<input type="hidden" name="form_key" value="<?php echo Mage::getSingleton('core/session')->getFormKey(); ?>" /><!--THIS IS THE IMPORTANT LINE--> .....

In the latest versions of Magento, you could use the following line -:

<?php echo $this->getBlockHtml('formkey'); ?>

instead of

<input type="hidden" name="form_key" value="<?php echo Mage::getSingleton('core/session')->getFormKey(); ?>" />

Hope this article helped you in some way. Please leave us your comment and let us know what do you think? Thanks.

Similar Posts