Need to hire someone for quick Fix ASAP

We launched an upgrade of our website from v3.0 to v3.3 last week.
For 90% of people all is fine but users who have stored credentials are all getting redirected to /login?returnurl...
They need to either login or re-register.
Once this is done the problem is gone for good.
Can someone please quote me to fix this asap as we're losing business
Thanks
Robert

Hi

I could take a look at it for you.

Just a quick question how did u upgrade the database, did u run the v3.3 upgrade script against your v3.0 database ?

If so if you backed up your database try running the v3.1 then the v3.2 then the v3.3 upgrade scripts against your original v3.0 database in the correct order.

You may find it will fix the problem

The upgrade to v3.3 was done a little differently then normal and it might have something to do with it. I installed a fresh version of v3.3 then inserted new Products, Categories, Customers, Products, Orders etc from the original DB to the new DB.
I t was done this way as the live DB was growing organically and the new v3.3 need plenty of customisation.
Any ideas?
Thanks
Robert

Hi !

I have gone thru  your requirement & I would be very happy to assist you .

Could you please add me on Skype : thomas.cis so we can have a quick discussion & I ll update you with the time frame and understanding of mine .

Experince : 5 years


Let me know if you need any more details .

Hoping for a prompt reply .

Warm Regards ,
Thomas Johnson .

Hi,
Most likely you have used a different machinekey, which is used for encrypting the authentication data. Move the machine key from your old web.config and test it.
J.

By machinekey do you mean the encryptionkey.setting value?
Thanks
Rob

No, I do not believe so. See SignIn. It uses FormsAuthentication.
And maybe: https://www.nopcommerce.com/boards/t/13269/i-cannot-stay-adminintration-page-ver22.aspx?p=2

Can you check your production server's machinekey? It should be same of old server. You state you migrated the database, but maybe you did not migrate the machine key?

 public virtual void SignIn(Customer customer, bool createPersistentCookie)
        {
            var now = DateTime.UtcNow.ToLocalTime();

            var ticket = new FormsAuthenticationTicket(
                1 /*version*/,
                _customerSettings.UsernamesEnabled ? customer.Username : customer.Email,
                now,
                now.Add(_expirationTimeSpan),
                createPersistentCookie,
                _customerSettings.UsernamesEnabled ? customer.Username : customer.Email,
                FormsAuthentication.FormsCookiePath);

            var encryptedTicket = FormsAuthentication.Encrypt(ticket);

            var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
            cookie.HttpOnly = true;
            if (ticket.IsPersistent)
            {
                cookie.Expires = ticket.Expiration;
            }
            cookie.Secure = FormsAuthentication.RequireSSL;
            cookie.Path = FormsAuthentication.FormsCookiePath;
            if (FormsAuthentication.CookieDomain != null)
            {
                cookie.Domain = FormsAuthentication.CookieDomain;
            }

            _httpContext.Response.Cookies.Add(cookie);
            _cachedCustomer = customer;
        }

I checked the web.configs and I haven't got a machine key in either both are Automatically Generate (the default)
Rob

If I generate a machinekey now in the new production will it cause all existing cookies to fail to authenticate.
Is there a way to just invalidate all cookies and force everyone to guest unless they want to specifically logon which the majority of my users don't want to do either way.
Thanks for your help
Rob