Jump to content
Sign in to follow this  
Parikesit

[Contribution] Admin Account with Access Level

Recommended Posts

I only get the error when I receive email of a login failure, so I think the problem is here:

// Send the Email to Store Owner

 if (EMAIL_ADMIN_LOGIN_ERROR == 'true') {

   tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_FAIL_TEXT_SUBJECT, sprintf(EMAIL_FAIL_BODY, date("m/d/Y G:i:s"), getenv('REMOTE_ADDR'), getenv('HTTP_USER_AGENT'), getenv('HTTP_REFERER'),$att_email, $att_pass ), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, '');

 }

I don't see where it ever uses the EMAIL_FROM field? Could it be because there is no From entry the mail server is putting in the default "root" address? If so, where would I add the EMAIL_FROM to this code?

Thanks

Hi Stretchr,

 

The email setting in this contribution use the same way with other OSC email handling, like checkout email and sign up new member. The function of email sending is tep_mail. I still don't understand why the sender come from root@mail.hostingserver.com.


"It's a small world...

But I wouldn't want to paint it!"

Stephen Wright

Share this post


Link to post
Share on other sites

FWIW,

I also notice that login failure emails place the subject line, Login Failure, in the body, instead of the subject. In the subject, the message displays the email address of the store owner.

:huh:


"It's a small world...

But I wouldn't want to paint it!"

Stephen Wright

Share this post


Link to post
Share on other sites
Hi,

I found the error in password forgotten tep_mail.

Please paste these line to admin/includes/languages/english/login.php

 

define('ADMIN_EMAIL_SUBJECT', 'OsC Admin Member');

define('ADMIN_EMAIL_TEXT', 'Hi %s,nn You can access the admin panel with the following password. Once you access the admin, please change your password! nn  Website : %s n  Username: %s n  Password: %s nn Thanks! n %s n This is an automated response, please do not reply!');

 

For me this does not work.

 

Nor does "dangerous Don"'s cleaned up version.

 

Has anybody had any luck?

 

BTW, its a _very_ good contribution!

Share this post


Link to post
Share on other sites

I have a problem with:

/admin/admin_files.php

 

When I hit "Administrator>File Access", I get the following error:

 

Warning: dir(/admin/includes/boxes/) [function.dir]: failed to open dir: Invalid argument in "File path for mit site"adminadmin_files.php on line 151



Fatal error: Call to a member function on a non-object in "File path for mit site"adminadmin_files.php on line 152

 

Line 151

  $dir = dir(DIR_FS_ADMIN . DIR_WS_BOXES);

 

Line 152

  while ($boxes_file = $dir->read()) {

   if ( (substr("$boxes_file", -4) == '.php') && !(in_array($boxes_file, $installed_boxes))){

     $boxes[] = array('admin_boxes_name' => $boxes_file,

                      'admin_boxes_id' => 'b' . $none);

   } elseif ( (substr("$boxes_file", -4) == '.php') && (in_array($boxes_file, $installed_boxes))) {

     $db_boxes_id_query = tep_db_query("select admin_files_id as admin_boxes_id from " . TABLE_ADMIN_FILES . " where admin_files_is_boxes = 1 and admin_files_name = '" . $boxes_file . "'");

     $db_boxes_id = tep_db_fetch_array($db_boxes_id_query);

     $boxes[] = array('admin_boxes_name' => $boxes_file,

                      'admin_boxes_id' => $db_boxes_id['admin_boxes_id']);

   }

 

Can anybody help me?

 

I have circumvented the problem by adding the files in the SQL database and applied them to the different levels. But I'd like to fix the problem.

 

It ran without problems on my own PC (IIS) and the real server is also IIS. PHP 4.2.2.

Share this post


Link to post
Share on other sites

What does this mean (found in column_left.php)?

PLEASE MAKE GROUPS PERMISSION by YOURSELF

Don't ask me about this!

 

5 = Top Administrator or Owner

4 = ...

3 = ...

2 = ...

1 = ...

0 = accessable for every groups

Are we allowed only six groups? Do the group privileges have to be hierarchical? Are these numbers stored as constants somewhere?

 

Thanks,

 

-Matt

Share this post


Link to post
Share on other sites

Grretings Parikesit:

 

Again I must compliment the control level your contribution provides. We have several employees in different departments and at different locations in other countries. It is very useful for allowing fullfilment to only access what they need as well as marketing and processing to be able to only update order progress. But as several others have mentioned the mail password issue is kind of a problem. It would be a much appreciated and valuable feature for the "TOP ADMIN" only to be able to set initial sub user passwords and change them as necessary. A Top Level admin should ideally be able to control all aspects of the user management system and have the option to turn email password on and off. Also when email password is enabled a correct answer to a password hint would be very useful for saving the administrator time by sending the user his existing password. An option for all password change requests to be sent to administrator for approval before password can be altered would also be a great feature.

 

Sorry for all the suggestions. But when you have as many people forgetting passwords everyday as I do this would be a great help. Remember secretarys like to change to a new password Friday and when they return Monday I get called with "Why can't I log in?". WHY?? They can't remember what they entered on Friday. :D

 

AHHHH! The circular life of a sys admin! :wink:

 

Oh, Will this contrib run on the CVS of MS2? I know the OscAffiliate module has some issues that a couple of us are trying to debug now. Also can this admin contrib be used with OscAffillite and it's associated Banner manager contrib?

 

Thanks for your patience, understanding, and tolerance.


ElLeonBlanco

 

"The man of genius makes no mistakes. His errors are volitional and are the portals of discovery." James Joyce (1882?1941)

Share this post


Link to post
Share on other sites

Hopefully this is a simple problem but I notice that whenever I log into the Admin panel, I must enter the username and password twice. Does anyone have an idea where I could look to figure out why this is happening so that I might correct it? Thanks.


"It's a small world...

But I wouldn't want to paint it!"

Stephen Wright

Share this post


Link to post
Share on other sites

Hi!

 

Is any of you using Admin Access and EasyPopulate together?

I mean, are you using Admin Access and then decided to add EasyPopulate to your Admin Panel?

 

I'm trying to do so but I'm stuck with something that must be very simple for most of you, but it is such a huge problem for a new PHP user like me:

I CAN NOT ADD THE LINK TO EASYPOPULATE because my catalog.php file was modified for using Admin Access with Level and I don't know how I am supposed to set the link to EasyPopulate now.

:oops:

 

I've opened a topic were I explain with details all the things I've tried.

It is here:

http://forums.oscommerce.com/viewtopic.php?t=50017

 

Please, I really need your help!

I'm in deep trouble if I don't upload my client list of products asap.

Thanks in advance,


Jose Delgado

- - - - - - - - - - - -

"I wish I were smart enough so I could end all my posts with one of those famous and brillant phrases!"

J. Delgado, amateur philosopher (2003)

Share this post


Link to post
Share on other sites
Hopefully this is a simple problem but I notice that whenever I log into the Admin panel, I must enter the username and password twice. Does anyone have an idea where I could look to figure out why this is happening so that I might correct it? Thanks.

 

I get this also. Sometimes I need to log in twice or thrice.

 

Opera 7.11 on WinXP. OsC running on a IIS.

 

BTW: great contrib (disregarding the 2 errors it has... :))

Share this post


Link to post
Share on other sites

Congratulations on a fantastic contrib, I've had lots of problems with previous Admin protection contribs, and this is the first I've come across to be so fully featured.

Couple of things to note for new users:

1) README for APPLICATION_TOP_PHP states:

// ADD the following line BEFORE '?>' php tag (in last line)

//------------------------------------------------

// check login  

 if (basename($PHP_SELF) != FILENAME_LOGIN && basename($PHP_SELF) != FILENAME_PASSWORD_FORGOTTEN) {  

   tep_admin_check_login();  

 }  

//------------------------------------------------  

Be sure not to insert the line explaing the insertion of code before the ?> as the PHP engine will assume that one was the closing mark! You will get Code showing on the top of the page.

 

2) ADMIN_EMAIL_SUBJECT & ADMIN_EMAIL_TEXT - The fixes posted in the last 2 pages will fix any of these problems, I counted 2 such problems with email and both are now sorted.

 

Good work on a marvelous contrib!!! :) :) :)


Contribs Written: Nochex APC Payment Module, Cheque Payment Module

Contribs Updated: Information Pages Unlimited, Latest News V1

You've gotta be Quick on the Draw in this game!

Share this post


Link to post
Share on other sites

I'm trying to install admin_account_1_2 but I've got a lot of problems.

 

Can anybody help me with it ?

 

Fatal error: Cannot redeclare tep_redirect() (previously declared in /var/www/catalog/admin/includes/functions/general.php:15) in /var/www/catalog/admin/includes/functions/general.php on line 15

 

I can't found the error.... please...

 

thanks a lot..

Share this post


Link to post
Share on other sites

Hi

I have just installed OS 2.2 MS2

I think its great.

I need the admin level feature badly and would love to install this contrib.

Can anyone tell me what ill effects if any, I might get by installing it over top of 2.2 MS2?

 

Thanks a lot

-cf

Share this post


Link to post
Share on other sites
Hi

I have just installed OS 2.2 MS2

I think its great.

I need the admin level feature badly and would love to install this contrib.

Can anyone tell me what ill effects if any, I might get by installing it over top of 2.2 MS2?

 

Thanks a lot

-cf

 

I'm using it successfully with MS2. I just used Beyond Compare! to find the differences. I'm no coder but it seemed to go pretty easily. Good luck!

Cheers,

Stretchr


"It's a small world...

But I wouldn't want to paint it!"

Stephen Wright

Share this post


Link to post
Share on other sites

TOTALLY LOCKED OUT!!!

 

i am getting that ADMIN_EMAIL_TEXT

and

ADMIN_EMAIL_SUBJECT

 

errror.

 

I have tried over and over again to make this work, i have followed the instructions to a T given here on the forums, is there something that everyone has figured out that i am missing...

 

i clicked forgot password on my main admin login adn now my pass is changed but i cannot find out what it is!!!

 

So i cannot get to my system backend.. any ideas?

 

im dying over here...

 

this module rocks, it is sad that something so simple as this part is holding me back...

 

If anyone has any clues that can help.. mabye the places i can check so i can make sure i followed the things in this post correctly... it owuld greatly help..

 

Thank you

Share this post


Link to post
Share on other sites
TOTALLY LOCKED OUT!!!

 

i am getting that ADMIN_EMAIL_TEXT  

and  

ADMIN_EMAIL_SUBJECT

 

errror.

 

I have tried over and over again to make this work, i have followed the instructions to a T given here on the forums, is there something that everyone has figured out that i am missing...  

 

i clicked forgot password on my main admin login adn now my pass is changed but i cannot find out what it is!!!

 

So i cannot get to my system backend.. any ideas?

 

im dying over here...

 

this module rocks, it is sad that something so simple as this part is holding me back...

 

If anyone has any clues that can help.. mabye the places i can check so i can make sure i followed the things in this post correctly... it owuld greatly help..

 

Thank you

 

As far as the ADMIN_EMAIL_TEXT and ADMIN_EMAIL_SUBJECT errors, those are just defines so they don't have any bearing on your current prediciment.

 

The way I would address your password issue is:

 

If you have a user account that you know what the password is, find that account in your MySQL database and copy that encrypted password then paste it into the admin password field. That way, you should be able to sign in.

 

To fix the define problem, you must define what you want those variables to output. Mine are defined in admin/includes/languages/english/admin_members.php

 

I got the answer to that problem from the thread so maybe you missed it. Sometimes you just have to keep trying until it works. Even when you're "sure" you followed the directions, it's easy to miss something and the computer very rarely makes a mistake. Most of the time, it's user error. ;-)

 

HTH

Stretchr


"It's a small world...

But I wouldn't want to paint it!"

Stephen Wright

Share this post


Link to post
Share on other sites

Thanx fro your help...

.until i get this fixed in trying your workaround....

 

i copy the encrypted password it looks likethis "699abdaa577fdd80d3309346507b6b23"

 

into my log in section as the passwrod, and it tells my that it is wrong... are you sure i am supposed to be able to copy the encrypted one in and it will work?

Share this post


Link to post
Share on other sites

GREAT CONTRIBUTION!!!!

 

It realy works fine!!!

 

Could anyone tell me why it?s not by default in Oscommerce????


Juan Pablo V?zquez

juan@qodiga.com

Argentina

Share this post


Link to post
Share on other sites
As far as the ADMIN_EMAIL_TEXT and ADMIN_EMAIL_SUBJECT errors, those are just defines so they don't have any bearing on your current prediciment.  

 

Since i changed my password through the "forgot password link" and i cannot receive an email letting me know what my new password is... it does have a major bearing on this predicament...

 

I am so confused, i just cannot track down why this variable is not being pushed...

 

To fix the define problem, you must define what you want those variables to output. Mine are defined in admin/includes/languages/english/admin_members.php

 

I have that variable deined... it makes no sense.. i have all teh correct definitions. im looking at that file right now and it shows that variable defined... ?

 

Any other ideas?

 

I have done everything that this forum said to do, specifically waht Onimusha posted at one time.... but still i am getting this error, it is almost liek the system doesnt see my changes or something.

 

UUGH!!....

 

Please if you have any other advise.....

Share this post


Link to post
Share on other sites
Thanx fro your help...

.until i get this fixed in trying your workaround....

 

i copy the encrypted password it looks likethis "699abdaa577fdd80d3309346507b6b23"

 

into my log in section as the passwrod, and it tells my that it is wrong... are you sure i am supposed to be able to copy the encrypted one in and it will work?

Please re-read what I wrote. I said to copy it into the password field in your MySQL database. But you first have to know what the password is, unencrypted. That's why I said to use an account that you DO know thte password for. When I had a similar problem, I could not just clear the field and log in because it did not accept a NULL value, so I used the method I posted for you, and it worked. I know how frustrating this is, having been there myself, so I hope that I explained it well enough for it to help you.

 

Cheers,

Stretchr


"It's a small world...

But I wouldn't want to paint it!"

Stephen Wright

Share this post


Link to post
Share on other sites

By the way, to get an account I knew the password for, I just created a new user. You've probably figured that out but judging from the frustration in your posts, I figured I might go ahead and post this anyway. ;-)

 

Good Luck!

 

Cheers,

Stretchr


"It's a small world...

But I wouldn't want to paint it!"

Stephen Wright

Share this post


Link to post
Share on other sites

i appreciate all your help on this subject, i am getting closer to a solution...

 

however,

how will i know a password for the new account?

It never asks me fro a password when i put a new account in...

 

The only was i can get a password is to have it email it to me after the new account is set up, but of course when it emails me i only get ADMIN_SUBJECT_TEXT.. etc....

 

So i have no way of getting or making passwords at all using this module...

 

I do not know any passwords for any of my accounts on my system, i have never been able to set them, and never been able to receive them in email.

 

DOES SOMEONE HAVE A PASSWORD EDITING FUCTION FOR THIS MOD YET??

 

thank you guys fro your help

Share this post


Link to post
Share on other sites
i appreciate all your help on this subject, i am getting closer to a solution...

 

however,

how will i know a password for the new account?

It never asks me fro a password when i put a new account in...

 

The only was i can get a password is to have it email it to me after the new account is set up, but of course when it emails me i only get ADMIN_SUBJECT_TEXT.. etc....

 

So i have no way of getting or making passwords at all using this module...

 

I do not know any passwords for any of my accounts on my system, i have never been able to set them, and never been able to receive them in email.

 

DOES SOMEONE HAVE A PASSWORD EDITING FUCTION FOR THIS MOD YET??

 

thank you guys fro your help

 

I have NO IDEA if this will work but try it. You're no further behind than you are now if it doesn't:

 

Copy and paste this into your admin password field in MySQL:

 

9b90e723195581edf6ce959b11be47fb:f0

 

Try logging into Admin with the password:

 

pickle

 

Let me know if it works!

 

Cheers,

Stretchr


"It's a small world...

But I wouldn't want to paint it!"

Stephen Wright

Share this post


Link to post
Share on other sites

Here's what I have for ADMIN_EMAIL_TEXT

define('ADMIN_EMAIL_TEXT', 'Hi %s,' . "nn" . 'You have successfully changed your password' . "nn" . 'Website : %s' . "n" . 'Username: %s' . "n" . "nn" . 'Please do not write your password down or share it with anyone.' .  "nn" . 'Kind Regards,' . "n" . '%s' . "nn" . 'This is an automated response. Please do not reply to this message!');

 

It is defined in admin/includes/languages/english/admin_account.php

 

Copy and paste the code and try retrieving your password.

 

Cheers,

Stretchr


"It's a small world...

But I wouldn't want to paint it!"

Stephen Wright

Share this post


Link to post
Share on other sites

This is my defined in admin/includes/languages/english/admin_members.php

 

define('ADMIN_EMAIL_TEXT', 'Hello %s,' . "nn" . 'You can access the admin panel with the password listed below. Once you access the Administration Area for the first time, please change your password!' . "nn" . 'Website : %s' . "n" . 'Username: %s' . "n" . 'Password: %s' . "nn" . 'Kind Regards,' . "n" . '%s' . "nn" . 'This is an automated response. Please do not reply to this message!');

 

Hope that helps.

 

Stretchr


"It's a small world...

But I wouldn't want to paint it!"

Stephen Wright

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×