Posted on

Fixing Magento Login Problem after a Fresh Installation

This is just a quick little note to suggest two ways to solve the problem that you cannot log in to your Magento admin interface after a fresh install of Magento.

The Problem

The problem will manifest itself as a redirect back to the login screen, even though you typed the right username and password. If this problem is affecting you, you will be redirected back and see no error message. This indicates you have the right credentials, but the Magento Admin is just not letting you in. You can verify it by typing the wrong username and password, you’ll see you get redirected back and it shows an error message.

The problem occurs because the Magento backend tries to set a cookie on your browser, and then for some reason when you next make a request, the cookie is gone(or was never there). This makes Magento think you have never logged in, and of course it redirects you to the login screen. So the real guts of it is the missing cookie, we need to find out why it’s missing.

There are two three solutions (Update: now with bonus 3rd solution) I have come across that will solve this, there may be others too, so please feel free to post them below. Both of these solutions have been suggested in the comments of my post on Setting up Apache Virtual Hosting.

Solution 1: Domain Name with no dots

This is the most common solution, if you have set up Magento to run locally (on MAMP for example) then you may be accessing the Apache webserver using the localhost hostname. A security setting in browsers means that the cookie will not be set, though apparently in FF3 at least, this behavior is a bug?.

So simply stop using localhost, you can use your localhost interface (e.g. or To determine your localhost interface you can look at the contents of your hosts file:

# Look for the number to the left of localhost
cat /etc/hosts

or your interface configuration.

# Look for interface loX with the LOOPBACK flag (probably lo0)

Once you know which number to use, you can replace localhost with the number. If you have already installed Magento using localhost then it will keep writing out links to localhost, even after you have changed to using the IP address, you will need to change the base_url values in the core_config_data table, you can run a query like this to find the right config values to change:

SELECT * FROM core_config_data WHERE VALUE LIKE "%localhost%";

This should identfy two config values that will need to update with a query like:

UPDATE core_config_data SET VALUE="" WHERE path IN ('web/unsecure/base_url','web/secure/base_url') ;

I’m going to assume you know to put the right value into that query, and not use the example one I have provided!

After changing that value you should delete your var/cache contents, and then refresh the page. Now you should have Magento running on an IP address, not a hostname with no dots in it. Of course you could always set up a fake domain name like by using a Virtual Hosting setup like I describe in my post on how to configure a MAMP Virtual host.

Solution 2: Timezone differences between server and client

One other, less likely problem, is that the cookie is being set, but expiring immediately. To check this you can inspect the cookies your browser is holding, and check if there is one there from Magento. If there is then check both the timezone your magento installation is using , and the one you have set locally, perhaps your local time is not set properly?

Solution 3: Cookie domain does not match server domain

This caught me out when I was replicating a remote site on my local mac development environment. I thought it’d be worth adding this solution here, seeing as this post still seems to rank well for Magento install problems. I had changed the base URLs but had forgotten to check the core_config_data table for any other Magento configuration data that might have been interfering with cookies. The config path in question is: web/cookie/cookie_domain.

You can check the table with an SQL command like this – you should be on the look out for config values that have hard coded the old URL:

SELECT * FROM core_config_data WHERE VALUE LIKE "";
-- Be on the look out for something like this:
|       513 | DEFAULT |        0 | web/cookie/cookie_domain               |                                     |

And update it to an empty string (less secure) or the new actual domain (more secure) as shown below:

UPDATE core_config_data SET VALUE = "" WHERE config_id = 513;
-- or
UPDATE core_config_data SET VALUE = "" WHERE config_id = 513;

But wait, there’s more….

Thanks to Kristof aka Fooman for this gem:

Th solution here is to clear all your cookies related to the store domains and subdomains.

And yet still more possible issues, this time from Mauro Spivak:

This is an example of the more general issue that sessions are not able to be created. That could be because local.xml is instructing Magento to store them in a non-exsistent location such as in Maruo’s example – or may also be caused by permission issues on the filesystem when storing sessions in var/session. I’d suggest checking there is a session matching the session ID for your cookie to see if this issue is affecting you.

Hopefully one of these two three four solutions will get you back on track and able to log in to your newly installed Magento. Feel free to post problems or suggest other solutions in the comments below. I’m always more than happy to update my posts with helpful tips from readers.

Posted on

Magento Error: It is not safe to rely on the system’s timezone settings

Ok, that’s not a really good post title, because it’s actually a PHP error, nothing to do with Magento as such. You’ll only see it on certain systems when PHP is set to report warnings like this (E_STRICT). I’m bundling this into the Magento category because it happened to me when installing Magento on a reasonably simple Ubuntu 8.04. I thought it might be handy to quickly document the solution for other Ubuntu users.

The problem will look like this in Magento:

It is not safe to rely on the system's timezone settings error in Magento
It is not safe to rely on the system's timezone settings error in Magento

Which spews out a whole lot of stuff, the most important of which is the message ‘It is not safe to rely on the system’s timezone settings’ and later the suggested timezone, in my case ‘Pacific/Auckland’:

There has been an error processing your request.
Strict Notice: date() []: It is not safe to rely on the system's timezone settings. Please use the date.timezone setting, the TZ environment variable or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Pacific/Auckland' for 'NZST/12.0/no DST' instead  in /var/www/magento/app/code/core/Mage/Core/Model/Locale.php on line 498
#0 [internal function]: mageCoreErrorHandler(2048, 'date() [storeTimeStamp('1')
#3 /var/www/magento/app/code/core/Mage/Catalog/Model/Resource/Eav/Mysql4/Product/Collection.php(318): Mage_Catalog_Model_Resource_Eav_Mysql4_Product_Collection->_joinPriceRules()
#4 /var/www/magento/app/code/core/Mage/Eav/Model/Entity/Collection/Abstract.php(779): Mage_Catalog_Model_Resource_Eav_Mysql4_Product_Collection->_beforeLoad()
#5 /var/www/magento/app/code/core/Mage/Catalog/Block/Product/List.php(151): Mage_Eav_Model_Entity_Collection_Abstract->load()
#6 /var/www/magento/app/code/core/Mage/Core/Block/Abstract.php(642): Mage_Catalog_Block_Product_List->_beforeToHtml()

The fix is in your php.ini file for Apache. You’ll need to have the permissions required to edit the php.ini file, on Ubuntu that means you’ll probably need sudo access, or root access on systems where you actually log in as root. You can edit the file using this command:

sudo vi /etc/php5/apache2/php.ini

Or if you prefer a slightly less convoluted text editor (but much less powerful):

sudo gedit /etc/php5/apache2/php.ini

The change you need to make is to find the line like this:

; Defines the default timezone used by the date functions
; date.timezone =

To this:

; Defines the default timezone used by the date functions
date.timezone = "Pacific/Auckland"

Of course you may want your timezone, not mine, in which case you should substitute "Pacific/Auckland" for you timezone!

Hopefully that helps others who encounter this problem. The tricky thing is it won’t manifest itself on the CMS homepage, so you might do an install and think everything is fine, only to find that when you finally add categories and actually view one of them, Magento breaks (well… PHP does). So be wary.

Posted on

How to Bulk Enable Products when Google Checkout is Disabled in Magento

Magento allows you to disable Google checkout functionality for each product. Under certain situations though (when upgrading from 1.2 to 1.3 for example), the state of your products eligibility for sale through Google Checkout changes.

If you find yourself unable to sell products through Google checkout you can easily enable Google Checkout for your products through the Magento admin interface. However if you have many hundreds or thousands of products going through each one is not an option.

Here is a solution that will allow you to set the state of all your products to enabled for Google Checkout, quickly and easily. Testing has been limited to my own development installation, so as always backup your data before running anything.

Continue reading How to Bulk Enable Products when Google Checkout is Disabled in Magento

Posted on

Whoops: Magento supports PHP 5.2.0 or newer

You need to run PHP 5.2.0 or newer for Magento. This is normally not a problem for MAMP but a recent reader has asked about determining which version is running on their Mac when this error does occur. I just wanted to make a quick post on checking PHP versions in MAMP, because it seems if your Mac has other versions of php installed you can end up having odd results when trying to run Magento in MAMP.

You can determine which PHP version your MAMP server is running by opening the MAMP ‘start page’ and clicking the phpInfo link in the top menu. This will also tell you which php.ini file is being used.

You can also run:

 php -version

Run this in a terminal (, to print the PHP version that is on your PATH. You can determine which php is being run by typing:

which php

To find any php binaries on your Mac you can run the locate command in a terminal:

locate php | grep "[^\.]php$"

The pipe into grep just filters out any files that have php in the path, but are not php binaries, and also removes any files that are of the form filename.php which would otherwise turn up in the search.

You can execute any of the php binaries this command finds with the argument -version to find out what version of PHP it is. This may help you to identify any versions of PHP you have installed that you do not want anymore.

For example:

/usr/bin/php -version
/Applications/MAMP/bin/php4/bin/php -version

If anyone has any other tips for solving this or questions please post them below. Hopefully we can make sure this problem doesn’t trip anyone else up!

Posted on

shuffle() or: How I Learned to Stop Worrying and Love PHP

I have said some not very nice things about PHP on this blog, and I’m sure over time I’ll be adding more such criticisms. This time I’d like to highlight a handy little feature in PHP, one that is a great deal easier to use than it’s Java counterpart.

Shuffling the elements in an array is probably a programming exercise in every single 1st year computer science textbook, it’s easy enough to do, but because it’s been done roughly 100 million times before, it feels moronic doing it again. So it’s nice when programming languages offer it as standard language functionality. PHP does by way of the shuffle() function and Java does by Collections.shuffle() static method. Seems simple enough, except that an array is not a collection in Java. So you can’t take your int[] and shuffle the elements quite so easily.

If you have an Integer[] in Java you can just pass it into Arrays.asList(array), get the collection and shuffle it. Uh oh, I said Integer[] which sadly is not the same as an int[]! So the difference between the two means I’m going to need to convert all the elements of the int[] into a Integer[] before I can shuffle it, geez, if I have to iterate the list once to convert type, I may as well just not put them back where I found them!

So this is me admitting there is an advantage to a dynamic language. I maintain I’d still rather pay the upfront cost of a few extra lines of code here-and-there for type safety, try getting a PHP IDE to reliably autocomplete instance methods for you, when it doesn’t know the type of a variable! Perhaps I need to start using Eiffel