Prestashop Auto Log Out Issue

Solution

Some users may face issue with auto logout from Presta admin.

To solve the issue of Presta Shop logging out your session all the time, we have reviewed the codes and here is the solution to it. This fix basically removes the IP checking that Presta Shop has, allowing you to fix the login problem.

Edit File: <presta shop folder>/classes/cookie.php

For Prestashop Version 1.3
Find the following line (Before) and edit the line of code, removing everything the second "AND" and everything after it. It should look like the After portion.

Before

if ($this->id_employee AND Validate::isUnsignedId($this->id_employee) AND Employee::checkPassword(intval($this->id_employee), $this->passwd) AND (!isset($this->_content['remote_addr']) OR $this->_content['remote_addr'] == ip2long(Tools::getRemoteAddr())))

After
if ($this->id_employee AND Validate::isUnsignedId($this->id_employee) AND Employee::checkPassword(intval($this->id_employee), $this->passwd))

For Prestashop Version 1.4
Find the following portion of code, and add two slashes // in front of it so that it looks like the After portion.

Before
AND (!isset($this->_content['remote_addr']) OR $this->_content['remote_addr'] == ip2long(Tools::getRemoteAddr()))
After
(You only need to add // in front of the line of code)
//AND (!isset($this->_content['remote_addr']) OR $this->_content['remote_addr'] == ip2long(Tools::getRemoteAddr()))

Explanation of Solution: Some ISPs actually have a cache/proxy/firewall (for security or speed acceleration) that may not represent the IP of the user accurately. So what exactly happens is that Presta Shop is more secure by tagging your login session (via an authentication cookie) with your IP address, and constantly checks for it whenever you're in the admin panel. However, because of how certain ISPs are setup, this IP address may not match your true IP address, resulting in you being logged out.

Example (tested with Starhub, a Singapore ISP)

If you are a Starhub user and try to access the following websites, you will notice that both websites will show a different IP address. The first website shows you your real IP address, and the other website actually shows you your ISP's cache/firewall/proxy's IP address. This mis-match of IP addresses is what causes the auto log-out issue in Presta Shop.

http://www.whatismyipaddress.com shows you the real IP address
http://www.whatismyip.com/ shows you your proxy's IP address�(Note: Depending on your system, some users will not see an IP address from this website)

To secure your Presta Shop admin folder, do remember to use the Password Protect Directories feature on your admin folder (Vodien customers, please refer to this link to see�how you can secure certain folders). If you have a static Internet line, it is also a good idea to deny any other IP addresses other than your own IP address, using the .htaccess IP Deny Manager that comes with your Vodien account (see�how to use IP Deny Manager here).

  • 1 Users Found This Useful
Was this answer helpful?

Related Articles

How to Solve My Website Page Not Found Error?

Solution Troubleshooting guideIf you have already signed up for a hosting account with us,...

Your Control Panel (cPanel) Video Tutorials

Solution You will be a pro in no time with cPanel's video tutorials. These tutorials allow you...

How to enable register_globals?

Solution Some softwares requires Register_globals to be on. The server global option as part...