Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

[CONTRIB] Admin Access Level Accounts for MS2


papasan

Recommended Posts

are you using https? if so there was an issue with it that should be fixed in the latest download. i forget exactly what it was off the top of my head, but i'll have a look if i'm on the right track and you can't/don't want to d/l th elatest version.

Link to comment
Share on other sites

  • 2 weeks later...
are you using https? if so there was an issue with it that should be fixed in the latest download. i forget exactly what it was off the top of my head, but i'll have a look if i'm on the right track and you can't/don't want to d/l th elatest version.

I am having the same problem with being logged out in the search fields and trying to run the easy populate contribution. Everthing works fine if I have the admin folder in the non-ssl folder but logs me out if I'm in the ssl folder.

 

I am using my isp's ssl certificate.

 

Any Ideas?

 

[email protected]

www.gamp.net

Greg Gamp

[email protected]

www.gamp.net

Link to comment
Share on other sites

  • 2 weeks later...

I must be an idiot.

 

I get these errors no matter what I try. I have tried the virgin install just dropping files over on my server making no modifications except the db tables and inserts.

 

Warning: session_start(): open(SESSION_WRITE_DIRECTORY/sess_4b86c631f9ba9a44e0af66c8921137f8, O_RDWR) failed: No such file or directory (2) in /home/wedding/public_html/testosc/admin/includes/functions/sessions.php on line 67

Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/wedding/public_html/testosc/admin/includes/functions/sessions.php:67) in /home/wedding/public_html/testosc/admin/includes/functions/sessions.php on line 67

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/wedding/public_html/testosc/admin/includes/functions/sessions.php:67) in /home/wedding/public_html/testosc/admin/includes/functions/sessions.php on line 67

Warning: main(includes/classes/language.php): failed to open stream: No such file or directory in /home/wedding/public_html/testosc/admin/includes/application_top.php on line 119

Warning: main(): Failed opening 'includes/classes/language.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/wedding/public_html/testosc/admin/includes/application_top.php on line 119

Fatal error: Cannot instantiate non-existent class: language in /home/wedding/public_html/testosc/admin/includes/application_top.php on line 120

Warning: Unknown(): open(SESSION_WRITE_DIRECTORY/sess_4b86c631f9ba9a44e0af66c8921137f8, O_RDWR) failed: No such file or directory (2) in Unknown on line 0

Warning: Unknown(): Failed to write session data (files). Please verify that the current setting of session.save_path is correct (SESSION_WRITE_DIRECTORY) in Unknown on line 0

Would it be possible to get some help/pointers on what I am doing WRONG repeatedly. Please help!

 

Thanks in advance.

Link to comment
Share on other sites

after literally several days of digging I have found some of the answers I need without any replies to my calls for help, but the admin area of my shop still does not work. Can someone please help. I don't mind working to find answers, but I really need to move past the roadblock to keep my deadline.

 

latest error:

 

Warning: main(includes/classes/language.php): failed to open stream: No such file or directory in /home/wedding/public_html/testosc/admin/includes/application_top.php on line 119

Warning: main(): Failed opening 'includes/classes/language.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/wedding/public_html/testosc/admin/includes/application_top.php on line 119

Fatal error: Cannot instantiate non-existent class: language in /home/wedding/public_html/testosc/admin/includes/application_top.php on line 120

 

:unsure:

Link to comment
Share on other sites

  • 2 weeks later...
  • 4 weeks later...
  • 1 month later...
  • 1 month later...

like the same as me. :blink: if i am clicking a from button or something which has to do with forms (bannerstatistics) (visitorsstatistic) (productsearch) etc. i will be redirect me to the loginpage. do please someone have an idea how to be fix this.

 

 

Joe

Link to comment
Share on other sites

because of the mod you will need to add the session where ever it is needed in the admin area php pages.

 

use the following functions to help you with this.

 

tep_draw_hidden_field(tep_session_name()

 

tep_session_id()

 

if you still have questions please I will try and help.

Link to comment
Share on other sites

because of the mod you will need to add the session where ever it is needed in the admin area php pages.

 

use the following functions to help you with this.

 

tep_draw_hidden_field(tep_session_name()

 

tep_session_id()

 

if you still have questions please I will try and help.

 

I tried what you were post here and i think it will work! Could you plrease check this?

 

I placed for example echo tep_draw_hidden_field(tep_session_name()); in this peace of code in categories.php

 

<?php

echo tep_draw_form('goto', FILENAME_CATEGORIES, '', 'get');

echo tep_draw_hidden_field(tep_session_name());

echo HEADING_TITLE_GOTO . ' ' . tep_draw_pull_down_menu('cPath', tep_get_category_tree(), $current_category_id, 'onChange="this.form.submit();"');

echo '</form>';

?>

 

and it is working (no redirection to login page) - so this seems to be work - but is it the right style?

 

 

And what about tep_session_id() i don't know how to use this peace of code. i know it shows me the session id. Is this maybe for the links for example when i am clicking on the + or - to get the visitor_infobox.php in the graphs folder. How can i fix redirection to login page when clicking a just a link?

 

 

 

Many Thanks for your post it helps me

Joe

Link to comment
Share on other sites

Well the syntax you use will need to very depending on the operation but the key to success is that all operations have the sid added to the link for the operation

 

sid=e4d5bfe1255ce91efbecd382f13f1e54

 

tep_draw_hidden_field(tep_session_name() = the sid

 

tep_session_id() = the e4d5bfe1255ce91efbecd382f13f1e54 portion

 

This id your code sample

 

<?php

echo tep_draw_form('goto', FILENAME_CATEGORIES, '', 'get');

echo tep_draw_hidden_field(tep_session_name());

echo HEADING_TITLE_GOTO . ' ' . tep_draw_pull_down_menu('cPath', tep_get_category_tree(), $current_category_id, 'onChange="this.form.submit();"');

echo '</form>';

?>

 

And this is how it should look.

 

<?php

echo tep_draw_form('goto', FILENAME_CATEGORIES, '', 'get');

echo HEADING_TITLE_GOTO . ' ' . tep_draw_pull_down_menu('cPath', tep_get_category_tree(), $current_category_id, 'onChange="this.form.submit();"');

echo tep_draw_hidden_field(tep_session_name(), tep_session_id());

echo '</form>';

?>

Link to comment
Share on other sites

All right and many thanks to you so this is working fine but what about the links for example in vistiors.php:

 

How can i fix this problem?

 

 

 

<td nowrap class="VisitorTableHeadingContent"><a href="<?php echo $_SERVER["PHP_SELF"]. "?listing=date-asc"; ?>">+</a> <?php echo TABLE_HEADING_DATE; ?> <a href="<?php echo $_SERVER["PHP_SELF"]. "?listing=date-desc"; ?>">-</a></td>

 

<td nowrap class="VisitorTableHeadingContent"><a href="<?php echo $_SERVER["PHP_SELF"]. "?listing=counter-asc"; ?>">+</a> <?php echo TABLE_HEADING_COUNTER; ?> <a href="<?php echo $_SERVER["PHP_SELF"]. "?listing=counter-desc"; ?>">-</a></td>

 

 

 

Could you please give me an example for this. I have so heavy headache today...

Link to comment
Share on other sites

should be something like the following

 

<td nowrap class="VisitorTableHeadingContent"><a href="<?php echo $_SERVER["PHP_SELF"]. "?listing=counter-asc"; ?>">+</a> <?php echo TABLE_HEADING_COUNTER; ?> <a href="<?php echo $_SERVER["PHP_SELF"]. "?listing=counter-desc&" . tep_session_name() . '=' . tep_session_id(); ?>">-</a></td>

Link to comment
Share on other sites

should be something like the following

 

<td nowrap class="VisitorTableHeadingContent"><a href="<?php echo $_SERVER["PHP_SELF"]. "?listing=counter-asc"; ?>">+</a> <?php echo TABLE_HEADING_COUNTER; ?> <a href="<?php echo $_SERVER["PHP_SELF"]. "?listing=counter-desc&" . tep_session_name() . "=" . tep_session_id(); ?>">-</a></td>

Link to comment
Share on other sites

Hi GIZMO-XL,

 

thank you for all your support about my problems i had, from now they are gone. I put in the tep_session_name() and tep_session_id() functions to all the php pages in the admin area where the problem comes up.

 

Thank you again so much...

It has not something to be really huge to make someone happy!

Edited by noisebox
Link to comment
Share on other sites

  • 2 months later...

trying to figure out how this works. Want to know where the code is that determines what is allowed in the admin area and how it gets the login id. Need to know this to make mods in my report that only allows orders to be displayed in the reports by the login id. I know what I'm doing - just can't find the code that does it.

 

What I want to do is to link the group to a vendor's login. Then I will create an id in the product to indicate which vendor supplies this product. When any order reports are requested by that vendor by logging into the admin area - he will only see the reports because thats what his group allows. But the reports will also look at his login (thats why I need to know how to do above) and get the vendor code and only select order/sales details valid for his products.

 

This gives me vendor reports that are available at call - I don't have to periodically run them and send them.

 

Can ayone help with the above?

Maybe the author of the contrib???

Link to comment
Share on other sites

TEXT_INFO_HEADING_EDIT_GROUP and

TEXT_INFO_EDIT_GROUP_INTRO

 

do not appear to be defined anywhere.

 

I've installed this and applied the patches in this thread - and so far this is the only error I still see.

 

-t

I just added:

 

define('TEXT_INFO_HEADING_EDIT_GROUP', 'Edit Group ');

define('TEXT_INFO_EDIT_GROUP_INTRO', 'Enter group name ');

 

after line 44 in the admin/includes/languages/english/admin_members.php file

Link to comment
Share on other sites

  • 3 weeks later...
Admin Time Out---

 

Is the only way to adjust the timeout length to adjust the php.ini file!? What about for shared servers where you can't edit that?

Same headache. ;)

The other way to keep session timeout by keep session_register for login_id, login_group_id every reload page by make litle chang to function tep_admin_check_login()

 

function tep_admin_check_login() {
 global $PHP_SELF, $login_id, $login_groups_id, $login_first_name;
 if (!tep_session_is_registered('login_id')) {
   tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
 } else {
   tep_session_register('login_id');
   tep_session_register('login_groups_id');
   tep_session_register('login_first_name');

   $filename = basename( $PHP_SELF );
   if ($filename != FILENAME_DEFAULT && $filename != FILENAME_FORBIDEN && $filename != FILENAME_LOGOFF && $filename != FILENAME_ADMIN_ACCOUNT && $filename != FILENAME_POPUP_IMAGE && $filename != 'packingslip.php' && $filename != 'invoice.php') {
     $db_file_query = tep_db_query("select admin_files_name from " . TABLE_ADMIN_FILES . " where FIND_IN_SET( '" . $login_groups_id . "', admin_groups_id) and admin_files_name = '" . $filename . "'");
     if (!tep_db_num_rows($db_file_query)) {
       tep_redirect(tep_href_link(FILENAME_FORBIDEN));
     }
   }
 }  
}

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...