Jump to content
Sign in to follow this  
papasan

[CONTRIB] Admin Access Level Accounts for MS2

Recommended Posts

let me know if you find any omits or irregularities. All credit goes to Zaenal Muttaqin for the original, I just hacked this for MS2 and re-versioned it 2.0.

Share this post


Link to post
Share on other sites

thanks for your work ... do u have any demo shop to see the contrib working ?


MS2

Share this post


Link to post
Share on other sites

Hey,

 

run this (ms2) version with the ->german pack+ v.1.2 (ms1) from Zaenal Muttaqin ??

 

how to install this with the german pack??

 

(sorry im german, bad english 8) )

Share this post


Link to post
Share on other sites
Hey,

 

run this (ms2) version with the ->german pack+ v.1.2 (ms1) from Zaenal Muttaqin ??

 

how to install this with the german pack??

 

(sorry im german, bad english 8) )

 

i didn't change much of the original code, you probably won't have to do much mroe than copy the german files over their english counterparts. unfortunatly i don't speak German so i'm loath to attempt it. if you need any help in your conversion just drop me a line.

Share this post


Link to post
Share on other sites
thanks for your work ... do u have any demo shop to see the contrib working ?

 

nope, sorry. it simply adds the functionality of adding administrator accounts to the admin files. this means admins will have to log-in to their accounts before they will have access to the admin functionality. you can also set up different accounts with different access.

 

anyhow, i think it's well worht the installation for any shop owner with more than one person working the admin section.

Share this post


Link to post
Share on other sites

Hello !

 

I was installing V2 of your Program. At first everything went well - login - logoff - everything as it should.

 

After having closed the Webbrowser I am unable to login again. After entering e-Mail and the CORRECT password the program keeps prompting me for those 2 fields. No Error message - nothing.

 

Could it have something to do that I didn't logoff that time that it worked correctly ?

 

I have absolutely no clue what this could be. Hopefulle you can help me out here

 

Thanks !

Share this post


Link to post
Share on other sites

Hi, I was just wondering if anyone has been able to successfully use Admin with Access levels with SSL? I'm using 2.0 on MS2 and I can get the login page to load in my secure domain, but when I submit the form with my email and password it just reloads the page and won't log me in. Any help would be greatly appreciated. Thanks! :D

 

Keith

Share this post


Link to post
Share on other sites

I am getting this same problem with MS1 as well. I just enabled the SSL in the Admin with Access Levels, and I get the login screen over and over when I login with the correct password. No error message.

 

Here's what the config file looks like now:

define('HTTP_SERVER', 'https://our.site-secure.net/oursite);

define('HTTP_CATALOG_SERVER', 'http://www.oursite.com');

define('HTTPS_CATALOG_SERVER', 'https://our.site-secure.net/oursite);

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

Share this post


Link to post
Share on other sites

I figured out how to login using SSL!

 

First load up the non secure version of the page in your browser and view source. Go down to this line:

 

<form name="login" action="http://www.mysite.com/admin/login.php?action=process" method="post">

 

Notice how the form DOES NOT post the osCAdminID.

 

Now, change your configure.php so that the admin section, define('ENABLE_SSL', 'true'); so that it will load up on your secure server and then view source from your browser. Go down to the same line:

 

<form name="login" action="https://ssl.secure.com/mysite.com/admin/login.php?action=process?osCAdminID=d4c1fc234344169dcd9ec78213eb01c2" method="post">

 

Notice how when it is loaded securely, the osCAdminID DOES get posted from the form. This is why when the login page is secured, it just keeps going in a loop and never logs in.

 

Here's what I did...

 

I changed the following line in login.php from

 

<?php echo tep_draw_form('login', 'login.php?action=process'); ?>

 

to

 

<form name="login" action="https://ssl.absolutenet.com/lillypadshop.com/admin/login.php?action=process?osCAdminID=d4c1fc250380169dcd9ec78213eb01c2" method="post">

 

With this I can log in fine, but I am new to osCommerce and I'm not sure if the site is still secure or now. When I'm in the admin section I see the padlock at the bottom and I stay on my secure server. Let me know if this works for anyone and if there's anything wrong with what I did. Hope this helps! :D

 

Keith

Share this post


Link to post
Share on other sites

Oops, I slipped up with my code there. SORRY! Change the following line in login.php:

 

from

 

<?php echo tep_draw_form('login', 'login.php?action=process'); ?>

 

to

 

<form name="login" action="https://ssl.secure.com/mysite.com/admin/login.php?action=process?" method="post">

 

You have to configure the URL to work with your secure site. Hope this helps someone! :D

 

Keith[/code]

Share this post


Link to post
Share on other sites

i've posted an update the resolves the bad email text for forgotten passwords.

 

i haven't had time to look at the SSL issues yet, but that will be next and hopefully soon.

Share this post


Link to post
Share on other sites

btw, the only change is a small one in 'password_forgotten.php', you can simply over-write the old version.

Share this post


Link to post
Share on other sites

I was having the same problemo's that people were having when they tried to sign in and knew they had the right password etc .. with no error msg.

in the line of code where it checks the http_get_ var action

if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process')) {

it is not processing the second part of this statement part of the time. I will leave it to you theoreticians and code mongers to tell us why not but I fixed it this way

if (isset($HTTP_GET_VARS['action'])) {

(my knowledge is so small you would think that an ant was a genius in comparison)

Share this post


Link to post
Share on other sites

I am getting this error.

 

I tried just putting the files up, I tried mofdifying the files on the fly, both yeild the same error message.

 

The requested URL /catalog/admin/FILENAME_LOGIN was not found on this server

 

I get this when I first go to the admin/index.php

Share this post


Link to post
Share on other sites
I am getting this error.

 

I tried just putting the files up, I tried mofdifying the files on the fly, both yeild the same error message.

 

The requested URL /catalog/admin/FILENAME_LOGIN was not found on this server

 

I get this when I first go to the admin/index.php

 

 

You need to add the following line to admin/includes/filenames.php:

define('FILENAME_LOGIN', 'login.php');

:D

 

Keith

Share this post


Link to post
Share on other sites

hmmm .... is login.php there?

and it should be in the admin section.


(my knowledge is so small you would think that an ant was a genius in comparison)

Share this post


Link to post
Share on other sites
I was having the same problemo's that people were having when they tried to sign in and knew they had the right password etc .. with no error msg.

in the line of code where it checks the http_get_ var action

if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process')) {

it is not processing the second part of this statement part of the time. I will leave it to you theoreticians and code mongers to tell us why not but I fixed it this way

if (isset($HTTP_GET_VARS['action'])) {

 

Rather than doing this or hardcoding the <form> tag like I suggested in an earlier post, I think I have found what was really wrong with login.php when trying to login using SSL. I'm pretty sure there was an error in the way the form action was written. Here's what I did to fix it. Change the following line...

 

from

 

<?php echo tep_draw_form('login', 'login.php?action=process'); ?>

 

to

 

<?php echo tep_draw_form('login', FILENAME_LOGIN, 'action=process'); ?>

 

I just formatted the form action the same way the rest of the forms are in osCommerce. Alternately, you could change it...

 

from

 

<?php echo tep_draw_form('login', 'login.php?action=process'); ?>

 

to

 

<?php echo tep_draw_form('login', login.php, 'action=process'); ?>

 

Either works fine and will work using SSL, allowing you to login without any problems. :D

 

Keith

Share this post


Link to post
Share on other sites

do you have this problem without the admin mod?


(my knowledge is so small you would think that an ant was a genius in comparison)

Share this post


Link to post
Share on other sites

look at the message 2 up from yours, that is the fix. it's not obvious from teh message, but the file to modify is 'login.php'. or go d/l the latest version of this contrib which i just updated this morning. works fine on my host at least. let me know if you ave mreo probs.

Share this post


Link to post
Share on other sites

do you have it setup in your admin/includes/configure.php to go to the correct https url? sounds like you don't


(my knowledge is so small you would think that an ant was a genius in comparison)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×