Jump to content
Sign in to follow this  
Parikesit

[Contribution] Admin Account with Access Level

Recommended Posts

Okay, I downloaded this contribution and I've read through this topic and can't figure this out, so hopefully I don't sound like too much of an idiot.

 

How do you complete this step?

Any help is appreciated.

Enter phpMyAdmin -> find your DB -> click the SQL tab -> Browse, Run.

Share this post


Link to post
Share on other sites

Hi

I have installed:

Access with Level Account for the Admin Area of osCommerce (MS2)

For a friend of mine and everything seems to work ok except when I log in with the admin who is suppose to have full access and I try to click on the Customers link so I can see any orders I get an error stating the below message.

 

~~~~~~~~~~~~~~~~~~~~

Access Denied

 

No Right Permission Access

 

Please contact your Web Administrator to request

more access or if you found any problem.

~~~~~~~~~~~~~~~~~~~~

 

I get the same error message when I click on:

Locations / Taxes

Localization

Reports

Tools

 

Anyone got any suggestions for me.

 

He wanted me to set it up so he could have someone else input the infor for his items and just give the access to Catalog:

 

I set up a new user with just access to Catalog and this seems to work just fine, my only problem is the one stated above about the full admin access.

 

Thanks

Steve

Share this post


Link to post
Share on other sites

I am also geeting some problem related with the sessions, As when i click on a drop down menu under the Admin section (i.e Select Process,Delivery order type from order page )the system logs me off, and i have to log back in, but even if i do that it still wont let me do what i want to do, it will just log me back off again

and again?

 

Can anyone please help me out. plz... my email vikram_lashkari@yahoo.com.

Thanks

 

 

Cheers!!

Vikram

Share this post


Link to post
Share on other sites

I have this contribution installed but am wondering...do people still recommend password protecting the admin direct (ie using .htaccess) as well or is having both just overkill?

Share this post


Link to post
Share on other sites

I've installed this contribution and it works fine BUT it seems not right.

 

1. Administrator>File Access>

I have to click twice to open the folder. there is a drop down menu on the left and it gives only choice of five files(footer,header,filenames,clumn_left,account_check) to choose from. And regardless which folders you are in, you are only given these 5 files. Is it supposed to work in this way?

 

Why do I need to include either of these files in irrelevant folders?

 

2. The password and login

Once its time out, I can't sign in again with the correct password and login name. I've to login with 'admin@localhost, admin' even though I have changed the default pw and login name. After I signed in after each time out, all the groups and new members info is gone, it becomes default.

 

I'm new to this and would like to know if this contribution supposed to work this way?

Share this post


Link to post
Share on other sites

3. The SQL database structure..

 

Can someone kindly help to explain to me what the following for?

 

admin_files_is_boxes tinyint(5) NOT NULL default '0',

admin_files_to_boxes int(13) NOT NULL default '0',

admin_groups_id set('1','2') NOT NULL default '1',

PRIMARY KEY (admin_files_id)

 

I tried to include new files and no matter how I edit the numbers, I never able to get the files in the correct place. I tried to add the following

 

INSERT INTO admin_files VALUES (43, 'templates.php', 1, 0, '1');

INSERT INTO admin_files VALUES (44, 'infobox_skin.php', 0, 10, '1');

INSERT INTO admin_files VALUES (45, 'infobox_skin_mapping.php', 0,10, '1');

 

Appreciate any help and input greatly!

Share this post


Link to post
Share on other sites

Hi

 

Is it possible to change the location that you are directed to when you click on the Confirm button in login. At present it goes to index, I would like it to go to Categories.

 

Thanks

 

W

Share this post


Link to post
Share on other sites

Hi all!

 

 

I install this contribution (versin2.2 MS2) and its working correctly.

But if I create a new user, or modifing an existing, in the sended e-mail the password is that: '-hidden-'

 

Somebody can help me?

Share this post


Link to post
Share on other sites
I'm able to add new users to the admin, but i can't seem to find the place to add the password for each users. Can i know where is it?

 

I have same problem and dont know how to add login information for user. Can i do that some how? I dont understand what user group is for realy becuase i can add member but not add login information! and they must use same pass and email as admin to login

 

Anyone?

Share this post


Link to post
Share on other sites

I'm not a php programmer but I have a moderate understanding of the script.

I'm trying to get Admin Access and the MVS 1.1 to work on the same site. The admin section does not display when everything is installed. I did correctly install this contribution on several test site with various misc installs. My problem is the general.php causing my errors. And I don't know what to look for because my PHP at localhost is not displaying any errors at all... Any ideas would be great....

 

apollo

Share this post


Link to post
Share on other sites

New update : admin access 2.2a - bug fix newrenderzone 19 May 2007

 

This fixes a bug in the 24 Jan 2006 2.2a full package.

 

In the admin/includes/application_top.php file, the line:

 

if (basename($PHP_SELF) != FILENAME_LOGIN && basename($PHP_SELF) != FILENAME_PASSWORD_FORGOTTEN) {

 

should be changed to:

 

if (basename($PHP_SELF) != FILENAME_LOGIN && basename($PHP_SELF) != FILENAME_PASSWORD_FORGOTTEN && basename($PHP_SELF) !=

 

FILENAME_FORBIDDEN) {

here is an explanation for the update newrenderzone made:

 

 

Symptom: when you are an admin with restricted rights and you go to a page where you have no rights, the access denied page saying "No Right Permission Access" never loads completely.

 

Why: in the original admin access 2.2a - the access denied page (forbidden.php) requires includes/application_top.php. Here you check the login (tep_admin_check_login) and if you have no rights, you are redirected to the access denied page, which is loaded again. Again, includes/application_top.php is required and again you are redirected, etc.

 

This is why i suggest to check the login unless you are in the login page, the passwd forgotten page AND in the access denied page.

 

Note: as in 22a-README.txt provided by Chinchilla2, File Edit section, line 618, function tep_admin_check_login redirects the user except for the page FILENAME_FORBIDEN, which obviously doesn't work for the access denied page (FILENAME_FORBIDDEN)

 

That's it, if any details are missing in the explanation above, please let me know. Also, please send me your opinion.

 

 

Hope some people here tell what they think of the bugfix


MS2

Share this post


Link to post
Share on other sites

Hi man! I really love this contribution but i have a problem.

 

I need to increase the time of session in the admin, how can i do it? Anybody has the same problem than I? I´m really worried about that, please help me!!

Share this post


Link to post
Share on other sites

Hi! I'm using htaccess login with ssl and Admin Account with Access Level which is quite confusing for my client since they need to log in three times (two htaccess logins and one with AAAL).

 

Therefor I wonder if I can remove the htaccess login completely? Is Admin Account with Access Level safe enough? Really safe?

Share this post


Link to post
Share on other sites

When I am logged into admin, and go to

admin/admin_members.php?selected_box=administrator

or any other admin page, in the header to the right I am missing some langugage files for:

HEADER_TITLE_ONLINE_CATALOG

HEADER_TITLE_ADMINISTRATION

 

However, when I go into

admin/includes/languages/english.php

the language definitions are there. Where else should the langugage file definitons be located?

Share this post


Link to post
Share on other sites

I realize this forum is rather old and somewhat outdated, and I've read every thread on this forum more than once, so here goes...

 

I've installed this contribution on my extremely modified osc v2.3.1 (I've added so many contributions I lost count, from both v2.3.1 and v2.2-which I modified for v2.3.1). After some modifying and tweaking things to work in this osc version, everything seems to work fine now.

 

I even installed the add-on from post #31 for File Logging or Email for Failed Login Attempts. Had some tweaking on that as well.

 

 

And for my version of this contribution (v2.3.4 dated 15nov2009, which actually holds the stuff for v2.3.3), it was missing the files: admin/password_forgotten.php and admin/style.css. The instructions also still state that:

 

Look for

if (function_exists('ini_get') && ((bool)ini_get('file_uploads') == false) ) {

$messageStack->add(WARNING_FILE_UPLOADS_DISABLED, 'warning');

}

 

add bellow

 

// BOE Access with Level Account (v. 2.2 RC2A) for the Admin Area of osCommerce (MS2) 2 of 2

// comment out below line to disable this contribution

if (basename($PHP_SELF) != FILENAME_LOGIN_ADMIN && basename($PHP_SELF) != FILENAME_PASSWORD_FORGOTTEN && basename($PHP_SELF) != FILENAME_FORBIDDEN) {

tep_admin_check_login();

}

// EOE Access with Level Account (v. 2.2 RC2A) for the Admin Area of osCommerce (MS2) 2 of 2

....but it should be added before the final ?> at the end of the page.

 

 

 

I have a couple of issues of course...:

 

1) The Failed Logins send me two emails. I can't figure out how to correct this.

 

2) The application_top.php seems to be rather unstable, as the column_left keeps disappearing. I keep having to upload the original file, refresh the url page (now the column_left appears), upload the modified file, then refresh the page again. It just disappears without a symptom that I can tell yet. Still looking for a pattern.

 

3) When selecting boxes to display, the main category box works just fine with different admin groups. But the subcategories don't seem to care whether they're selected or not. If the main category is selected, then it displays everything in it regardless of what has been checked or unchecked.

 

3a) The function tep_admin_files_boxes doesn't seem to work correctly, so I've had to keep the original tep_href_link until I can find a way to get the function to work properly.

 

 

Any help would be wonderful!! And I see the original author is from Indonesia. My wife is from Jakarta as well. Just thought it would help with translations, though the english seems to be pretty good too.

Edited by The Munch

Thank You!!

----------

Using: OSC 2.3.1, Algozone Template, Jcow 5 Pro, CometChat 4 Premium.

 

Contributions for OSC-2.3.1: QT Pro 4.6.1, Easy Populate EPv2.77a, Admin Notes, Contribution Tracker, Multi-Product Manager, myQBi Quickbooks Sync, Order Editor 5.0.9, Dynamic Sitemap, Tax ID in Order Editor, Separate Pricing Per Customer v4.2.2 ... etc ...

 

Contributions for OSC-2.2 I've Modified for OSC-2.3.1: Admin Level Account with Categories 2.3.4, File Logging or Email for Failed Admin Login Attempts, Autologon v1.09, Admin Specials by Categories, CCGV 6.0_1, Hide Categories, How Did You Hear About Us, MSRP Listing, Multiple Sales Per Product, osc as info site, OSC Checkout Security Boost v1.1, Points and Rewards Module, Quick Stock Updater, Quick Updates 292, RMA Returns System 2.6, Show Unit Price, Store Mode, Supplier Admin v1.3, Tell A Friend, Required Customer Details v22rc2a, Admin Change Customers Password v3.3, PDF Invoice & PackingSlip 1.6, Quick Price Updates for SPPC v1.5, Country-State Selector v1.5.5 + Limit Countries v2.2, Contact Us Popup Business Card, No Right Click, Delete Customer Account v1.2, Control Login v2.2, Member Type Control v1.1, .... etc...

Share this post


Link to post
Share on other sites

I should rephrase 3) above... When someone doesn't have permission to go to a subcategory (that link is unchecked), it does redirect to the Access Denied page. So that does work. What I'm really wanting is to not even display the link if they don't have access. I believe someone else had brought this up before as well. If they don't have access, there should be a way to disable their appearance, like the main category boxes. I just can't seem to get an IF-type statement to work within the array formulas for admin/includes/boxes/... pages.

 

This would also mean that 3a) above... does actually work, but I'm not sure why, as I don't recall actually calling it from any of the boxes files... But there definitely needs to be some resolve to not display a link if it's not accessible.

Edited by The Munch

Thank You!!

----------

Using: OSC 2.3.1, Algozone Template, Jcow 5 Pro, CometChat 4 Premium.

 

Contributions for OSC-2.3.1: QT Pro 4.6.1, Easy Populate EPv2.77a, Admin Notes, Contribution Tracker, Multi-Product Manager, myQBi Quickbooks Sync, Order Editor 5.0.9, Dynamic Sitemap, Tax ID in Order Editor, Separate Pricing Per Customer v4.2.2 ... etc ...

 

Contributions for OSC-2.2 I've Modified for OSC-2.3.1: Admin Level Account with Categories 2.3.4, File Logging or Email for Failed Admin Login Attempts, Autologon v1.09, Admin Specials by Categories, CCGV 6.0_1, Hide Categories, How Did You Hear About Us, MSRP Listing, Multiple Sales Per Product, osc as info site, OSC Checkout Security Boost v1.1, Points and Rewards Module, Quick Stock Updater, Quick Updates 292, RMA Returns System 2.6, Show Unit Price, Store Mode, Supplier Admin v1.3, Tell A Friend, Required Customer Details v22rc2a, Admin Change Customers Password v3.3, PDF Invoice & PackingSlip 1.6, Quick Price Updates for SPPC v1.5, Country-State Selector v1.5.5 + Limit Countries v2.2, Contact Us Popup Business Card, No Right Click, Delete Customer Account v1.2, Control Login v2.2, Member Type Control v1.1, .... etc...

Share this post


Link to post
Share on other sites

One pattern I do notice with the application_top.php is that whenever a session has timed out and the page is refreshed or re-logged-in, the column_left does not appear, hence having to reload the original app_top, refresh the url so the col_left appears, then reload and refresh with the modified app_top.

 

I've gone into admin/includes/functions/sessions.php and changed the value to 36000 seconds, but it makes no difference. The session still seems to end after the original 1440 seconds. I'm not sure what I'm doing wrong there yet. Hopefully someone can shed some light on that subject as well.

 

So I'm not totally sure where the problem lies: application_top.php, column_left.php, sessions.php, or somewhere else? I'm pretty confident it's in application_top.php, but I just can't seem to find it. I do hope someone reads this forum with some helpful insight pretty soon...


Thank You!!

----------

Using: OSC 2.3.1, Algozone Template, Jcow 5 Pro, CometChat 4 Premium.

 

Contributions for OSC-2.3.1: QT Pro 4.6.1, Easy Populate EPv2.77a, Admin Notes, Contribution Tracker, Multi-Product Manager, myQBi Quickbooks Sync, Order Editor 5.0.9, Dynamic Sitemap, Tax ID in Order Editor, Separate Pricing Per Customer v4.2.2 ... etc ...

 

Contributions for OSC-2.2 I've Modified for OSC-2.3.1: Admin Level Account with Categories 2.3.4, File Logging or Email for Failed Admin Login Attempts, Autologon v1.09, Admin Specials by Categories, CCGV 6.0_1, Hide Categories, How Did You Hear About Us, MSRP Listing, Multiple Sales Per Product, osc as info site, OSC Checkout Security Boost v1.1, Points and Rewards Module, Quick Stock Updater, Quick Updates 292, RMA Returns System 2.6, Show Unit Price, Store Mode, Supplier Admin v1.3, Tell A Friend, Required Customer Details v22rc2a, Admin Change Customers Password v3.3, PDF Invoice & PackingSlip 1.6, Quick Price Updates for SPPC v1.5, Country-State Selector v1.5.5 + Limit Countries v2.2, Contact Us Popup Business Card, No Right Click, Delete Customer Account v1.2, Control Login v2.2, Member Type Control v1.1, .... etc...

Share this post


Link to post
Share on other sites

I am using this contribution, i upgrade to oscommerce version 2.3.3.4, and i am using the php version 5.3.x or more.

 

In admin/includes/configure.php i am using shared ssl:

 

define('HTTP_SERVER', 'http://www.sitename.com');

define('HTTPS_CATALOG_SERVER', 'http://www.sitename.com'); // eg, http://www.sitename.com');

define('HTTPS_CATALOG_SERVER', 'http://www.sitename.com');

 

Thank you if someone know how to fix this problem ?

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×