Jump to content



- - - - -

[Contribution] Admin Account with Access Level


  • Please log in to reply
298 replies to this topic

#281   tuppergirl

tuppergirl
  • Members
  • 85 posts
  • Real Name:Tupper

Posted 22 July 2005 - 07:15 PM

I've installed this contribution and it works fine BUT it seems not right.

1. Administrator>File Access>
I have to click twice to open the folder. there is a drop down menu on the left and it gives only choice of five files(footer,header,filenames,clumn_left,account_check) to choose from. And regardless which folders you are in, you are only given these 5 files. Is it supposed to work in this way?

Why do I need to include either of these files in irrelevant folders?

2. The password and login
Once its time out, I can't sign in again with the correct password and login name. I've to login with 'admin@localhost, admin' even though I have changed the default pw and login name. After I signed in after each time out, all the groups and new members info is gone, it becomes default.

I'm new to this and would like to know if this contribution supposed to work this way?

#282   tuppergirl

tuppergirl
  • Members
  • 85 posts
  • Real Name:Tupper

Posted 22 July 2005 - 07:23 PM

3. The SQL database structure..

Can someone kindly help to explain to me what the following for?

admin_files_is_boxes tinyint(5) NOT NULL default '0',
admin_files_to_boxes int(13) NOT NULL default '0',
admin_groups_id set('1','2') NOT NULL default '1',
PRIMARY KEY  (admin_files_id)

I tried to include new files and no matter how I edit the numbers, I never able to get the files in the correct place. I tried to add the following

INSERT INTO admin_files VALUES (43, 'templates.php', 1, 0, '1');
INSERT INTO admin_files VALUES (44, 'infobox_skin.php', 0, 10, '1');
INSERT INTO admin_files VALUES (45, 'infobox_skin_mapping.php', 0,10, '1');

Appreciate any help and input greatly!

#283   tuppergirl

tuppergirl
  • Members
  • 85 posts
  • Real Name:Tupper

Posted 23 July 2005 - 06:35 PM

I got Question three(database, insert file) sorted out. Still need help and advise on Question one and two. Thanks

#284   hillman

hillman
  • Members
  • 2 posts
  • Real Name:Jason

Posted 04 April 2006 - 07:46 PM

I can't add a new admin account now. What should I do?
PS: PHP 5.0.4

#285   Wired PSF

Wired PSF
  • Members
  • 190 posts
  • Real Name:PSF

Posted 05 April 2006 - 02:23 PM

Hi

Is it possible to change the location that you are directed to when you click on the Confirm button in login.  At present it goes to index, I would like it to go to Categories.

Thanks

W

#286   ironfo

ironfo
  • Members
  • 1 posts
  • Real Name:iRONFO

Posted 04 December 2006 - 12:18 PM

Hi all!


I install this contribution (versin2.2 MS2) and its working correctly.
But if I create a new user, or modifing an existing, in the sended e-mail the password is that: '-hidden-'

Somebody can help me?

#287   Stim

Stim
  • Members
  • 2 posts
  • Real Name:Stim

Posted 24 January 2007 - 10:49 AM

View Postying, on Oct 11 2004, 05:02 AM, said:

I'm able to add new users to the admin, but i can't seem to find the place to add the password for each users. Can i know where is it?

I have same problem and dont know how to add login information for user. Can i do that some how? I dont understand what user group is for realy becuase i can add member but not add login information! and they must use same pass and email as admin to login

Anyone?

#288   rapollon

rapollon
  • Members
  • 12 posts
  • Real Name:Rudy

Posted 05 April 2007 - 01:22 PM

I'm not  a php programmer but I have a moderate understanding of the script.  
I'm trying to get Admin Access and the MVS 1.1 to work on the same site.  The admin section does not display when everything is installed.  I did correctly install this contribution on several test site with various misc installs.  My problem is the general.php causing my errors.  And I don't know what to look for because my PHP at localhost is not displaying any errors at all...   Any ideas would be great....

apollo

#289   angus203

angus203
  • Members
  • 9 posts
  • Real Name:angus

Posted 17 April 2007 - 03:39 AM

Email notification when create admin account no working

what problem ??

#290   midwestb

midwestb
  • Members
  • 54 posts
  • Real Name:solo

Posted 06 May 2007 - 02:02 PM

I'm assuming the last couple posts here mean that this contrib DOESN'T work correctly with MS2?

#291   jirwan31

jirwan31
  • Members
  • 13 posts
  • Real Name:Junaidi

Posted 18 May 2007 - 07:06 AM

It works correctly. You just need to tweak a little bit here and there to make it work :D See my posts regarding this contribution: http://forums.oscommerce.com/index.php?sho...p;#entry1077544

#292   azer

azer
  • Members
  • 842 posts
  • Real Name:azer
  • Location:Paris, france

Posted 21 May 2007 - 04:45 PM

New update : admin access 2.2a - bug fix newrenderzone 19 May 2007

Quote

This fixes a bug in the 24 Jan 2006 2.2a full package.

In the admin/includes/application_top.php file, the line:

if (basename($PHP_SELF) != FILENAME_LOGIN && basename($PHP_SELF) != FILENAME_PASSWORD_FORGOTTEN) {

should be changed to:

if (basename($PHP_SELF) != FILENAME_LOGIN && basename($PHP_SELF) != FILENAME_PASSWORD_FORGOTTEN && basename($PHP_SELF) !=

FILENAME_FORBIDDEN) {
here is an explanation for the update newrenderzone made:


Symptom: when you are an admin with restricted rights and you go to a page where you have no rights, the access denied page saying "No Right Permission Access" never loads completely.

Why: in the original admin access 2.2a - the access denied page (forbidden.php) requires includes/application_top.php. Here you check the login (tep_admin_check_login) and if you have no rights, you are redirected to the access denied page, which is loaded again. Again, includes/application_top.php is required and again you are redirected, etc.

This is why i suggest to check the login unless you are in the login page, the passwd forgotten page AND in the access denied page.

Note: as in 22a-README.txt provided by Chinchilla2, File Edit section, line 618, function tep_admin_check_login redirects the user except for the page FILENAME_FORBIDEN, which obviously doesn't work for the access denied page (FILENAME_FORBIDDEN)

That's it, if any details are missing in the explanation above, please let me know. Also, please send me your opinion.


Hope some people here tell what they think of the bugfix
MS2

#293   Neo54

Neo54
  • Members
  • 2 posts
  • Real Name:Juan Rivas

Posted 22 May 2007 - 03:56 PM

Hi man! I really love this contribution but i have a problem.

I need to increase the time of session in the admin, how can i do it? Anybody has the same problem than I? I´m really worried about that, please help me!!

#294   Fredrik.r

Fredrik.r
  • Members
  • 532 posts
  • Real Name:Fredrik
  • Gender:Male
  • Location:Stockholm, Sweden

Posted 31 May 2007 - 02:00 PM

Hi! I'm using htaccess login with ssl and Admin Account with Access Level which is quite confusing for my client since they need to log in three times (two htaccess logins and one with AAAL).

Therefor I wonder if I can remove the htaccess login completely? Is Admin Account with Access Level safe enough? Really safe?

#295   Fredrik.r

Fredrik.r
  • Members
  • 532 posts
  • Real Name:Fredrik
  • Gender:Male
  • Location:Stockholm, Sweden

Posted 05 June 2007 - 06:29 AM

Anyone please?

#296   newtech

newtech
  • Members
  • 495 posts
  • Real Name:Rich
  • Gender:Male
  • Location:Seattle, WA

Posted 06 August 2007 - 06:05 PM

When I am logged into admin, and go to
admin/admin_members.php?selected_box=administrator
or any other admin page, in the header to the right I am missing some langugage files for:
HEADER_TITLE_ONLINE_CATALOG
HEADER_TITLE_ADMINISTRATION

However, when I go into
admin/includes/languages/english.php
the language definitions are there. Where else should the langugage file definitons be located?

#297   The Munch

The Munch
  • Members
  • 67 posts
  • Real Name:Scott
  • Gender:Male
  • Location:Iowa, USA

Posted 03 October 2011 - 06:00 PM

I realize this forum is rather old and somewhat outdated, and I've read every thread on this forum more than once, so here goes...

I've installed this contribution on my extremely modified osc v2.3.1 (I've added so many contributions I lost count, from both v2.3.1 and v2.2-which I modified for v2.3.1).  After some modifying and tweaking things to work in this osc version, everything seems to work fine now.

I even installed the add-on from post #31 for File Logging or Email for Failed Login Attempts.  Had some tweaking on that as well.


And for my version of this contribution (v2.3.4 dated 15nov2009, which actually holds the stuff for v2.3.3), it was missing the files:  admin/password_forgotten.php  and admin/style.css.  The instructions also still state that:

Quote

Look for
  if (function_exists('ini_get') && ((bool)ini_get('file_uploads') == false) ) {
$messageStack->add(WARNING_FILE_UPLOADS_DISABLED, 'warning');
  }

add bellow

  // BOE Access with Level Account (v. 2.2 RC2A) for the Admin Area of osCommerce (MS2) 2 of 2
// comment out below line to disable this contribution
  if (basename($PHP_SELF) != FILENAME_LOGIN_ADMIN && basename($PHP_SELF) != FILENAME_PASSWORD_FORGOTTEN && basename($PHP_SELF) != FILENAME_FORBIDDEN) {
tep_admin_check_login();
  }
// EOE Access with Level Account (v. 2.2 RC2A) for the Admin Area of osCommerce (MS2) 2 of 2
....but it should be added before the final ?> at the end of the page.



I have a couple of issues of course...:

1)  The Failed Logins send me two emails.  I can't figure out how to correct this.

2)  The application_top.php seems to be rather unstable, as the column_left keeps disappearing.  I keep having to upload the original file, refresh the url page (now the column_left appears), upload the modified file, then refresh the page again.  It just disappears without a symptom that I can tell yet.  Still looking for a pattern.

3)  When selecting boxes to display, the main category box works just fine with different admin groups.  But the subcategories don't seem to care whether they're selected or not.  If the main category is selected, then it displays everything in it regardless of what has been checked or unchecked.

3a)  The function tep_admin_files_boxes doesn't seem to work correctly, so I've had to keep the original tep_href_link until I can find a way to get the function to work properly.


Any help would be wonderful!!  And I see the original author is from Indonesia.  My wife is from Jakarta as well.  Just thought it would help with translations, though the english seems to be pretty good too.

Edited by The Munch, 03 October 2011 - 06:04 PM.

Thank You!!
----------
Using:  OSC 2.3.1,  Algozone Template,  Jcow 5 Pro,  CometChat 4 Premium.

Contributions for OSC-2.3.1:  QT Pro 4.6.1,  Easy Populate EPv2.77a,  Admin Notes,  Contribution Tracker, Multi-Product Manager,  myQBi Quickbooks Sync,  Order Editor 5.0.9,  Dynamic Sitemap,  Tax ID in Order Editor,  Separate Pricing Per Customer v4.2.2  ... etc ...

Contributions for OSC-2.2 I've Modified for OSC-2.3.1:  Admin Level Account with Categories 2.3.4,  File Logging or Email for Failed Admin Login Attempts,  Autologon v1.09,  Admin Specials by Categories,  CCGV 6.0_1,  Hide Categories,  How Did You Hear About Us,  MSRP Listing,  Multiple Sales Per Product,  osc as info site,  OSC Checkout Security Boost v1.1,  Points and Rewards Module,  Quick Stock Updater,  Quick Updates 292,  RMA Returns System 2.6,  Show Unit Price,  Store Mode,  Supplier Admin v1.3,  Tell A Friend,  Required Customer Details v22rc2a,  Admin Change Customers Password v3.3, PDF Invoice & PackingSlip 1.6,  Quick Price Updates for SPPC v1.5,  Country-State Selector v1.5.5 + Limit Countries v2.2,  Contact Us Popup Business Card,  No Right Click,  Delete Customer Account v1.2,  Control Login v2.2,  Member Type Control v1.1,  .... etc...  

#298   The Munch

The Munch
  • Members
  • 67 posts
  • Real Name:Scott
  • Gender:Male
  • Location:Iowa, USA

Posted 04 October 2011 - 01:24 PM

I should rephrase 3) above...  When someone doesn't have permission to go to a subcategory (that link is unchecked), it does redirect to the Access Denied page.  So that does work.  What I'm really wanting is to not even display the link if they don't have access.  I believe someone else had brought this up before as well.  If they don't have access, there should be a way to disable their appearance, like the main category boxes.  I just can't seem to get an IF-type statement to work within the array formulas for admin/includes/boxes/... pages.

This would also mean that 3a) above... does actually work, but I'm not sure why, as I don't recall actually calling it from any of the boxes files...  But there definitely needs to be some resolve to not display a link if it's not accessible.

Edited by The Munch, 04 October 2011 - 01:29 PM.

Thank You!!
----------
Using:  OSC 2.3.1,  Algozone Template,  Jcow 5 Pro,  CometChat 4 Premium.

Contributions for OSC-2.3.1:  QT Pro 4.6.1,  Easy Populate EPv2.77a,  Admin Notes,  Contribution Tracker, Multi-Product Manager,  myQBi Quickbooks Sync,  Order Editor 5.0.9,  Dynamic Sitemap,  Tax ID in Order Editor,  Separate Pricing Per Customer v4.2.2  ... etc ...

Contributions for OSC-2.2 I've Modified for OSC-2.3.1:  Admin Level Account with Categories 2.3.4,  File Logging or Email for Failed Admin Login Attempts,  Autologon v1.09,  Admin Specials by Categories,  CCGV 6.0_1,  Hide Categories,  How Did You Hear About Us,  MSRP Listing,  Multiple Sales Per Product,  osc as info site,  OSC Checkout Security Boost v1.1,  Points and Rewards Module,  Quick Stock Updater,  Quick Updates 292,  RMA Returns System 2.6,  Show Unit Price,  Store Mode,  Supplier Admin v1.3,  Tell A Friend,  Required Customer Details v22rc2a,  Admin Change Customers Password v3.3, PDF Invoice & PackingSlip 1.6,  Quick Price Updates for SPPC v1.5,  Country-State Selector v1.5.5 + Limit Countries v2.2,  Contact Us Popup Business Card,  No Right Click,  Delete Customer Account v1.2,  Control Login v2.2,  Member Type Control v1.1,  .... etc...  

#299   The Munch

The Munch
  • Members
  • 67 posts
  • Real Name:Scott
  • Gender:Male
  • Location:Iowa, USA

Posted 05 October 2011 - 05:35 PM

One pattern I do notice with the application_top.php is that whenever a session has timed out and the page is refreshed or re-logged-in, the column_left does not appear, hence having to reload the original app_top, refresh the url so the col_left appears, then reload and refresh with the modified app_top.

I've gone into admin/includes/functions/sessions.php and changed the value to 36000 seconds, but it makes no difference.  The session still seems to end after the original 1440 seconds.  I'm not sure what I'm doing wrong there yet.  Hopefully someone can shed some light on that subject as well.

So I'm not totally sure where the problem lies:  application_top.php,  column_left.php,  sessions.php,  or somewhere else?  I'm pretty confident it's in application_top.php, but I just can't seem to find it.  I do hope someone reads this forum with some helpful insight pretty soon...
Thank You!!
----------
Using:  OSC 2.3.1,  Algozone Template,  Jcow 5 Pro,  CometChat 4 Premium.

Contributions for OSC-2.3.1:  QT Pro 4.6.1,  Easy Populate EPv2.77a,  Admin Notes,  Contribution Tracker, Multi-Product Manager,  myQBi Quickbooks Sync,  Order Editor 5.0.9,  Dynamic Sitemap,  Tax ID in Order Editor,  Separate Pricing Per Customer v4.2.2  ... etc ...

Contributions for OSC-2.2 I've Modified for OSC-2.3.1:  Admin Level Account with Categories 2.3.4,  File Logging or Email for Failed Admin Login Attempts,  Autologon v1.09,  Admin Specials by Categories,  CCGV 6.0_1,  Hide Categories,  How Did You Hear About Us,  MSRP Listing,  Multiple Sales Per Product,  osc as info site,  OSC Checkout Security Boost v1.1,  Points and Rewards Module,  Quick Stock Updater,  Quick Updates 292,  RMA Returns System 2.6,  Show Unit Price,  Store Mode,  Supplier Admin v1.3,  Tell A Friend,  Required Customer Details v22rc2a,  Admin Change Customers Password v3.3, PDF Invoice & PackingSlip 1.6,  Quick Price Updates for SPPC v1.5,  Country-State Selector v1.5.5 + Limit Countries v2.2,  Contact Us Popup Business Card,  No Right Click,  Delete Customer Account v1.2,  Control Login v2.2,  Member Type Control v1.1,  .... etc...