LeeFoster Posted December 15, 2020 Share Posted December 15, 2020 I have recently installed a multi level admin and I'd like to add a redirect function so admins are directed to a specific page based on their groups. I know how to add the page to the database for the redirect what I'm struggling with is how to inject the redirect into the core login function (without core changes). Has anyone done anything similar? Link to comment Share on other sites More sharing options...
LeeFoster Posted December 17, 2020 Author Share Posted December 17, 2020 I've created a hook for this but so far it is not working. I am using $OSCOM_Hooks->call('login', 'processAction'); in admin/login.php to hook to and my hook code is below class hook_admin_login_admin_group_redirect { var $version = '1.0.0'; function listen_processAction() { if (isset($_SESSION['admin'])) { $default_page_query = teb_db_query('select default_page from administrator_groups where administrator_group_id = '.$_SESSION['user_group_id'].''); $default_page = tep_db_fetch_array($default_page_query); tep_redirect(tep_href_link($default_page)); } } } Any pointers on where I'm going wrong? Link to comment Share on other sites More sharing options...
burt Posted December 17, 2020 Share Posted December 17, 2020 if (isset($_SESSION['admin'])) { is the user called "admin", which would seem to not be what you want. Link to comment Share on other sites More sharing options...
LeeFoster Posted December 17, 2020 Author Share Posted December 17, 2020 1 hour ago, burt said: if (isset($_SESSION['admin'])) { is the user called "admin", which would seem to not be what you want. No, I was trying to look for the admin array. Link to comment Share on other sites More sharing options...
♥ecartz Posted December 18, 2020 Share Posted December 18, 2020 if (isset($_SESSION['redirect_origin'])) { $page = $redirect_origin['page']; $get_string = http_build_query($redirect_origin['get']); unset($_SESSION['redirect_origin']); tep_redirect(tep_href_link($page, $get_string)); } else { tep_redirect(tep_href_link('index.php')); } This code runs before the $OSCOM_Hooks->call('login', 'processAction'); I.e. the hook only runs when log in fails. I think that you would be better off hooking $OSCOM_Hooks->call('login', 'preAction'); and setting the redirect_origin if it is not already set when the action is 'process'. Alternately, duplicate the entire process action in the preAction hook and unset the action, which would let you make more changes. Note that you may find that you get more help within the Phoenix Club. Always back up before making changes. Link to comment Share on other sites More sharing options...
LeeFoster Posted December 18, 2020 Author Share Posted December 18, 2020 2 hours ago, ecartz said: Note that you may find that you get more help within the Phoenix Club. I'm happy for it to be moved. 2 hours ago, ecartz said: Alternately, duplicate the entire process action in the preAction hook and unset the action, which would let you make more changes. I may have to go down this route as the issue I am now having is that the admin group id isn't set in the preAction, meaning I can't get the redirect page. class hook_admin_login_admin_group_redirect { var $version = '1.0.0'; function listen_preAction() { //$default_page_query = tep_db_query('select default_page from administrator_groups where administrator_group_id = '.$_SESSION['user_group_id'].''); //$default_page = tep_db_fetch_array($default_page_query); $_SESSION['redirect_origin'] = [ 'page' => 'info_pages.php, 'get' => '', ]; } } The above works, the below doesnt class hook_admin_login_admin_group_redirect { var $version = '1.0.0'; function listen_preAction() { $default_page_query = tep_db_query('select default_page from administrator_groups where administrator_group_id = '.$_SESSION['user_group_id'].''); $default_page = tep_db_fetch_array($default_page_query); $_SESSION['redirect_origin'] = [ 'page' => $default_page['default_page'], 'get' => '', ]; } } Link to comment Share on other sites More sharing options...
♥ecartz Posted December 18, 2020 Share Posted December 18, 2020 Even without moving all the logic, you could use the same logic for finding the user_group_id as you do later. Another option would be to create a page called redirect.php and always redirect to that -- your info pages example proves that works. Then, on that page, redirect to the correct page by "user_group_id". For that matter, a hook on index.injectAppTop would allow you to redirect after going to the index page. Always back up before making changes. Link to comment Share on other sites More sharing options...
LeeFoster Posted December 18, 2020 Author Share Posted December 18, 2020 3 hours ago, ecartz said: For that matter, a hook on index.injectAppTop would allow you to redirect after going to the index page. Would this not result in it always redirect though not just on login? Link to comment Share on other sites More sharing options...
♥ecartz Posted December 18, 2020 Share Posted December 18, 2020 I'm assuming that you'd use this for people who aren't allowed to view the index page. If you want people who can view the index page to start with a different page, you'd probably need to use one of the other solutions. Or add another session variable for "just logged in" that you would unset just before redirecting. Always back up before making changes. Link to comment Share on other sites More sharing options...
LeeFoster Posted December 18, 2020 Author Share Posted December 18, 2020 2 minutes ago, ecartz said: I'm assuming that you'd use this for people who aren't allowed to view the index page. Probably not, just wanted to cover my bases for in future though. Link to comment Share on other sites More sharing options...
LeeFoster Posted December 18, 2020 Author Share Posted December 18, 2020 Could I do the redirect in this code to avoid any core changes? <?php /* $Id$ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2020 osCommerce Released under the GNU General Public License */ function check_admin_group($administrator_group_access_file){ global $PHP_SELF, $language, $cfgModules, $admin; $is_valid_access = true; $exclude_pages = array( 'index.php', 'login.php', 'invoice.php', 'packingslip.php', 'popup_image.php' ); $administrator_group_id = (int)$admin['user_group_id']; if($administrator_group_id != '' && $administrator_group_id > 0 && !in_array($administrator_group_access_file, $exclude_pages)){ $check_file_access = tep_db_query("select ag.administrator_group_id from administrator_groups ag, administrator_group_access aga where aga.administrator_group_id = ag.administrator_group_id and ag.administrator_group_id = '" . (int)$administrator_group_id . "' and aga.administrator_group_access_file = '" . $administrator_group_access_file . "'"); if(!tep_db_num_rows($check_file_access))$is_valid_access = false; } return $is_valid_access; } function display_block_to_admin_group($administrator_group_block){ global $PHP_SELF, $language, $cfgModules, $admin; $display_block_to_admin_group = false; $administrator_group_id = (int)$admin['user_group_id']; if($administrator_group_id <= 0){ $display_block_to_admin_group = true; } if($administrator_group_block != '' && $administrator_group_id > 0){ $check_file_access = tep_db_query("select ag.administrator_group_id from administrator_groups ag, administrator_group_access aga where aga.administrator_group_id = ag.administrator_group_id and ag.administrator_group_id = '" . (int)$administrator_group_id . "'"); if(tep_db_num_rows($check_file_access))$display_block_to_admin_group = true; } return $display_block_to_admin_group; } if ( file_exists(DIR_FS_ADMIN . 'includes/languages/english/hooks/iMenu.php') ) { include_once(DIR_FS_ADMIN . 'includes/languages/english/hooks/iMenu.php') ; } class hook_admin_siteWide_aMenu { var $version = '1.0.0'; var $siteend = null; function listen_injectSiteStart() { global $PHP_SELF, $language, $cfgModules, $admin , $current_page; $administrator_group_id = isset($_SESSION['admin']['user_group_id']); if( $administrator_group_id <=0) { $check_query = tep_db_query("SELECT id, user_name, user_password, user_group_id, default_page FROM administrators as a join administrator_groups as ag on a.user_group_id = ag.administrator_group_id WHERE id = '" .(int)$admin['id'] . "'"); if (tep_db_num_rows($check_query) == 1) { $check = tep_db_fetch_array($check_query); // unset($_SESSION['admin']); $_SESSION['admin'] = [ 'id' => $check['id'], 'username' => $check['user_name'], 'user_group_id' => $check['user_group_id'], 'default_page' => $check['default_page'] ]; } } if(!check_admin_group($current_page)){ // tep_redirect(tep_href_link('index.php')); echo '<script> window.location.replace("'.DIR_WS_HTTPS_ADMIN.'/index.php"); </script>'; } } function listen_injectBodyStart() { global $PHP_SELF, $language, $cfgModules, $admin; $output = null; if (basename($PHP_SELF) != 'login.php') { $cl_box_groups = array(); if ($dir = @dir(DIR_FS_ADMIN . 'includes/boxes')) { $files = array(); while ($file = $dir->read()) { if (!is_dir($dir->path . '/' . $file)) { if (substr($file, strrpos($file, '.')) == '.php') { if ((strpos($file, 'paypal2') === false) &&($file!='configuration_administrators.php')) $files[] = $file; } } } $dir->close(); natcasesort($files); foreach ( $files as $file ) { if ( file_exists(DIR_FS_ADMIN . 'includes/languages/' . $language . '/modules/boxes/' . $file) ) { include_once(DIR_FS_ADMIN . 'includes/languages/' . $language . '/modules/boxes/' . $file); } include_once($dir->path . '/' . $file); } } function tep_sort_a_boxes($a, $b) { return strcasecmp(strip_tags($a['heading']), strip_tags($b['heading'])); } usort($cl_box_groups, 'tep_sort_a_boxes'); function tep_sort_a_boxes_links($a, $b) { return strcasecmp($a['title'], $b['title']); } foreach ( $cl_box_groups as &$group ) { usort($group['apps'], 'tep_sort_a_boxes_links'); } $n = 1; $mr = null; foreach ($cl_box_groups as $groups) { if(display_block_to_admin_group($groups['heading'])) { $mr .= '<li class="nav-item dropdown">'; $mr .= '<a class="nav-link dropdown-toggle" href="#" id="navbar_' . $n . '" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">' . $groups['heading'] . '</a>'; $al = ($n > 6) ? ' dropdown-menu-right' : ''; $mr .= '<div class="dropdown-menu' . $al . '" aria-labelledby="navbar_' . $n . '">'; foreach ($groups['apps'] as $app) { if(check_admin_group($app['code'])) $mr .= '<a class="dropdown-item" href="' . $app['link'] . '">' . $app['title'] . '</a>'; } $mr .= '</div>'; $mr .= '</li>' . PHP_EOL; $n++; } } $output .= '<nav id="iMenu" class="navbar navbar-expand-md sticky-top navbar-dark bg-dark">'; $output .= '<a class="navbar-brand" href="' . tep_href_link('index.php') . '">' . tep_image('images/CE-Phoenix-30-30.png', 'OSCOM CE Phoenix v' . tep_get_version(), 30, 30, null, false) . '</a>'; $output .= '<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarAdmin" aria-controls="navbarAdmin" aria-expanded="false" aria-label="Toggle navigation"><span class="navbar-toggler-icon"></span></button>'; $output .= '<div class="collapse navbar-collapse" id="navbarAdmin">'; $output .= '<ul class="navbar-nav mr-auto">' . $mr . '</ul>'; $output .= '</div>'; $output .= '</nav>'; $output .= '<div class="col bg-light">'; $output .= '<ul class="nav justify-content-end" id="a1">'; $output .= '<li class="nav-item"><a class="nav-link" target="_blank" href="https://www.oscommerce.com/forums/clubs/1-phoenix/">' .tep_image('images/icon_phoenix.png', 'Phoenix') . ' ' . HEADER_TITLE_PHOENIX_CLUB . '</a></li>'; $output .= '<li class="nav-item"><a class="nav-link" href="' . tep_href_link('certified_addons.php') . '">' . tep_image('images/icon_phoenix.png', 'Phoenix') . ' ' . HEADER_TITLE_CERTIFIED_ADDONS . '</a></li>'; $output .= '<li class="nav-item"><a class="nav-link" href="' . tep_catalog_href_link() . '">' . HEADER_TITLE_ONLINE_CATALOG . '</a></li>'; $output .= '<li class="nav-item"><a class="nav-link text-danger" href="' . tep_href_link('login.php', 'action=logoff') . '">' . sprintf(HEADER_TITLE_LOGOFF, $admin['username']) . '</a></li>'; $output .= '</ul>'; $output .= '</div>'; $output .= '<hr class="w-100 m-0 p-0 mb-0">'; //$output .= '<script>$(".navbar").hide(); $("#iMenu").show(); </script>'; //$output .= '<script>$(".justify-content-end").hide(); $("#a1").show(); </script>'; return $output; } } function listen_injectSiteEnd() { $this->siteend .= '<script>$(".navbar").hide(); $("#iMenu").show(); </script>'; $this->siteend .= '<script>$(".justify-content-end").hide(); $("#a1").show(); </script>'; return $this->siteend; } } Link to comment Share on other sites More sharing options...
♥ecartz Posted December 18, 2020 Share Posted December 18, 2020 18 minutes ago, LeeFoster said: $_SESSION['admin'] = [ 'id' => $check['id'], 'username' => $check['user_name'], 'user_group_id' => $check['user_group_id'], 'default_page' => $check['default_page'], ]; I would try doing it immediately after that code. You also might change echo '<script> window.location.replace("'.DIR_WS_HTTPS_ADMIN.'/index.php"); </script>'; Always back up before making changes. Link to comment Share on other sites More sharing options...
LeeFoster Posted December 18, 2020 Author Share Posted December 18, 2020 1 minute ago, ecartz said: I would try doing it immediately after that code. You also might change echo '<script> window.location.replace("'.DIR_WS_HTTPS_ADMIN.'/index.php"); </script>'; I literally just did this $_SESSION['admin'] = [ 'id' => $check['id'], 'username' => $check['user_name'], 'user_group_id' => $check['user_group_id'], 'default_page' => $check['default_page'] ]; echo '<script> window.location.replace("'.$check['default_page'].'"); </script>'; Testing it now. Link to comment Share on other sites More sharing options...
burt Posted December 18, 2020 Share Posted December 18, 2020 I don't understand why you cannot simply add in a hook of your own in login.php (or elsewhere if better placed elsewhere) You are; not limited to pre-placed hooks able to request a pre-placed hook (on the basis that you can show a use case and that it works without causing other conflicts) Link to comment Share on other sites More sharing options...
LeeFoster Posted December 18, 2020 Author Share Posted December 18, 2020 50 minutes ago, burt said: I don't understand why you cannot simply add in a hook of your own in login.php (or elsewhere if better placed elsewhere) You are; not limited to pre-placed hooks able to request a pre-placed hook (on the basis that you can show a use case and that it works without causing other conflicts) 1. I didn't want to add one in that would be over written 2. I know I was testing with my on hook before requesting one I actually managed to fix it without a hook. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.