Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

[CONTRIB] Admin Access Level Accounts for MS2


papasan

Recommended Posts

I'a bug

 

I want to connect myself to the panel of aministration and here what occurs:

 

1146 - Table 'catalog.table_admin_files' doesn't exist

 

select admin_files_id from TABLE_ADMIN_FILES where FIND_IN_SET( '', admin_groups_id) and admin_files_is_boxes = '1' and admin_files_name = 'configuration.php'

 

how to correct that?

 

VPCND

Edited by vpcnd
Link to comment
Share on other sites

I had installed register_globals_v1.3a and admin_23, but when i loged in admin, there is a error message :

Fatal error: Call to undefined function: tep_validate_password() in D:\Apache\Apache2\htdocs\osc\admin\login.php on line 26

 

How can i fix this error!

Please help me!

Link to comment
Share on other sites

Hie All

 

This is real trouble. Fisrt of all there are issues with my site backup so reverting to before installation is not an alternative.

 

Now the issue.

 

I have installed the mod. I can see all the files in the admin panel. I can see the Administrator: -Members, File Access and My Account: - My Account, Logoff options on the admin control panel

 

However I have the folowing issues

1. My left menu has disapeared. Though I can see the space for the menu, there is nothing for all the files. Where could I have tempered with?

2. The second problem is that of using the mod. When I click on admin or my account, I get the following error

 

Admin Account

1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'and g.admin_groups_id=' at line 1

 

select a.admin_id, a.admin_firstname, a.admin_lastname, a.admin_email_address, a.admin_created, a.admin_modified, a.admin_logdate, a.admin_lognum, g.admin_groups_name from admin a, admin_groups g where a.admin_id= and g.admin_groups_id=

 

[TEP STOP]

 

The database table structure for table `admin` looks fine, to me. Admin has full access and has all the boxes.

 

Please help! I would really want the left menu back as it is already affecting the rest of the site.

 

Tony

Link to comment
Share on other sites

I think I have a successful install here. I installed 2.2 (Tropic's version). I can login without any problem. I have a couple issues here though...

 

1. admin_account.php... the "edit account" box is showing a blank after I click "edit" and enter my password... it says "All fields are required. Click save to submit." but there are no fields in which for me to edit, and no save button to click.

 

2. When I create a new account, how do I know what the password is?

 

Any help would be appreciated.

Edited by eddydavik
Link to comment
Share on other sites

  • 3 weeks later...

Hi

This is bound to have a simple solution but I just can not find where the duplication is - please help.

 

When I go to the admin side I am asked for username/password. I give them correctly and I am let into the Admin section. As soon as I select a topic to view I am returned to the login screen. I re-enter username/password and again I am let into the Admin section - this time everything is okay and I can continue with my work.

 

Clearly there is a duplication somewhere but I can not find it. The mod has been installed for sometime and always worked okay - it has only started playing up after I moved servers - if thats a clue?

 

Please help and Happy New Year to all

John

Link to comment
Share on other sites

I am having some trouble getting Admin access 2.3 to work with SSL.

 

Currently when I have SSL enabled and admin access 2.3 installed I get stuck in a loop @ the login page where when I enter the correct UN and PW the page reloads with no error displayed.

 

My admin SSL works just fine so long as I don't install admin access and admin access work prefectly with SSL disabled. I went back through the topic and checked the fix listed on the first page but it appears to be already done in 2.3.

 

Below is my login.php

 

<?php
/*
 $Id: login.php,v 1.17 2003/02/14 12:57:29 dgw_ Exp $

 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com

 Copyright (c) 2002 osCommerce

 Released under the GNU General Public License
*/

 require('includes/application_top.php');

 if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process')) {
$email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']);
$password = tep_db_prepare_input($HTTP_POST_VARS['password']);

// Check if email exists
$check_admin_query = tep_db_query("select admin_id as login_id, admin_groups_id as login_groups_id, admin_firstname as login_firstname, admin_email_address as login_email_address, admin_password as login_password, admin_modified as login_modified, admin_logdate as login_logdate, admin_lognum as login_lognum from " . TABLE_ADMIN . " where admin_email_address = '" . tep_db_input($email_address) . "'");
if (!tep_db_num_rows($check_admin_query)) {
  $HTTP_GET_VARS['login'] = 'fail';
} else {
  $check_admin = tep_db_fetch_array($check_admin_query);
  // Check that password is good
  if (!tep_validate_password($password, $check_admin['login_password'])) {
	$HTTP_GET_VARS['login'] = 'fail';
  } else {
	if (tep_session_is_registered('password_forgotten')) {
	  tep_session_unregister('password_forgotten');
	}

	$login_id = $check_admin['login_id'];
	$login_groups_id = $check_admin[login_groups_id];
	$login_firstname = $check_admin['login_firstname'];
	$login_email_address = $check_admin['login_email_address'];
	$login_logdate = $check_admin['login_logdate'];
	$login_lognum = $check_admin['login_lognum'];
	$login_modified = $check_admin['login_modified'];

	tep_session_register('login_id');
	tep_session_register('login_groups_id');
	tep_session_register('login_first_name');

	//$date_now = date('Ymd');
	tep_db_query("update " . TABLE_ADMIN . " set admin_logdate = now(), admin_lognum = admin_lognum+1 where admin_id = '" . $login_id . "'");

	if (($login_lognum == 0) || !($login_logdate) || ($login_email_address == 'admin@localhost') || ($login_modified == '0000-00-00 00:00:00')) {
	  tep_redirect(tep_href_link(FILENAME_ADMIN_ACCOUNT));
	} else {
	  tep_redirect(tep_href_link(FILENAME_DEFAULT));
	}

  }
}
 }

 @include(DIR_WS_LANGUAGES . $language . '/' . FILENAME_LOGIN);
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php echo HTML_PARAMS; ?>>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
<title><?php echo TITLE; ?></title>
<style type="text/css"><!--
a { color:#080381; text-decoration:none; }
a:hover { color:#aabbdd; text-decoration:underline; }
a.text:link, a.text:visited { color: #ffffff; text-decoration: none; }
a:text:hover { color: #000000; text-decoration: underline; }
a.sub:link, a.sub:visited { color: #dddddd; text-decoration: none; }
A.sub:hover { color: #dddddd; text-decoration: underline; }
.sub { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10px; font-weight: bold; line-height: 1.5; color: #dddddd; }
.text { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 11px; font-weight: bold; color: #000000; }
.smallText { font-family: Verdana, Arial, sans-serif; font-size: 10px; }
.login_heading { font-family: Verdana, Arial, sans-serif; font-size: 12px; color: #ffffff;}
.login { font-family: Verdana, Arial, sans-serif; font-size: 12px; color: #000000;}
//--></style>
</head>
<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF">

<table border="0" width="600" height="100%" cellspacing="0" cellpadding="0" align="center" valign="middle">
 <tr>
<td><table border="0" width="600" height="440" cellspacing="0" cellpadding="1" align="center" valign="middle">
  <tr bgcolor="#000000">
	<td><table border="0" width="600" height="440" cellspacing="0" cellpadding="0">
	  <tr bgcolor="#ffffff" height="50">
		<td height="50"><?php echo tep_image(DIR_WS_IMAGES . 'oscommerce.gif', 'osCommerce', '204', '50'); ?></td>
		<td align="right" class="text" nowrap><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . HEADER_TITLE_ADMINISTRATION . '</a>?|?<a href="' . tep_catalog_href_link() . '">' . HEADER_TITLE_ONLINE_CATALOG . '</a>?|?<a href="http://www.oscommerce.com" target="_blank">' . HEADER_TITLE_SUPPORT_SITE . '</a>'; ?>??</td>
	  </tr>
	  <tr bgcolor="#080381">
		<td colspan="2" align="center" valign="middle">
					  <?php echo tep_draw_form('login', FILENAME_LOGIN); ?>
						<table width="280" border="0" cellspacing="0" cellpadding="2">
						  <tr>
							<td class="login_heading" valign="top">?<b><?php echo HEADING_RETURNING_ADMIN; ?></b></td>
						  </tr>
						  <tr>
							<td height="100%" valign="top" align="center">
							<table border="0" height="100%" cellspacing="0" cellpadding="1" bgcolor="#666666">
							  <tr><td><table border="0" width="100%" height="100%" cellspacing="3" cellpadding="2" bgcolor="#F0F0FF">
<?php
 if ($HTTP_GET_VARS['login'] == 'fail') {
$info_message = TEXT_LOGIN_ERROR;
 }

 if (isset($info_message)) {
?>
								<tr>
								  <td colspan="2" class="smallText" align="center"><?php echo $info_message; ?></td>
								</tr>
<?php
 } else {
?>
								<tr>
								  <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
								</tr>
<?php
 }
?>									
								<tr>
								  <td class="login"><?php echo ENTRY_EMAIL_ADDRESS; ?></td>
								  <td class="login"><?php echo tep_draw_input_field('email_address'); ?></td>
								</tr>
								<tr>
								  <td class="login"><?php echo ENTRY_PASSWORD; ?></td>
								  <td class="login"><?php echo tep_draw_password_field('password'); ?></td>
								</tr>
								<tr>
								  <td colspan="2" align="right" valign="top"><?php echo tep_image_submit('button_confirm.gif', IMAGE_BUTTON_LOGIN); ?></td>
								</tr>
							  </table></td></tr>
							</table>
							</td>
						  </tr>
						  <tr>
							<td valign="top" align="right"><?php echo '<a class="sub" href="' . tep_href_link(FILENAME_PASSWORD_FORGOTTEN, '', 'SSL') . '">' . TEXT_PASSWORD_FORGOTTEN . '</a><span class="sub">?</span>'; ?></td>
						  </tr>
						</table>
					  </form>

		</td>
	  </tr>
	</table></td>
  </tr>
  <tr>
	<td><?php require(DIR_WS_INCLUDES . 'footer.php'); ?></td>
  </tr>
</table></td>
 </tr>
</table>

</body>

</html>

 

here is my configure.php

define('HTTP_SERVER', 'https://69.57.191.234/~mtveten'); // eg, http://localhost - should not be empty for productive servers
 define('HTTP_CATALOG_SERVER', 'http://rocketmanrc.com');
 define('HTTPS_CATALOG_SERVER', 'https://69.57.191.234/~mtveten');
 define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

 

Ant help would be greatly appreciated.

 

Mark

Link to comment
Share on other sites

I orginally posted this problem in October with no luck so I am trying again...

 

When admin is set to SSL, whenever admin has to send a form using POST method it logs me out ?

For example, when using Search on customer page, I get logged out. We think we have narrowed it down to just forms set using POST method.

 

Anyone solved this problem ???

Link to comment
Share on other sites

it sounds like you got further than I. I can't get past the login to even see the customer's page.

 

I noticed that my ID changed with every page load on the admin side and the first fix posted talked about hardcoding the ID wich leads me to believe that those who have it working have constant session id throughour their login.

 

Is anybody else seeing the constant id change that has the contrib working with SSL.

Link to comment
Share on other sites

Have a request in regards to this contribution - is it possible to have the following things happen?

 

1) Display who has logged into the admin area - similar to a customer logging in and seeing their name posted with a greeting

 

2) When that user makes changes - say to update status or add comments - that their name posts in the order update - in the date area - so it would show:

 

date time name | status update | comments

 

or something like that

 

3) Possible to keep a log of date/time that shows when someone logged in, how long they were logged in and what they made changes too - i guess like a time card concept... so that people have history of changes made in system?

 

 

anyone have any ideas on any of these requests?

 

thanks!

Edited by rubygirl
Link to comment
Share on other sites

Hi!

 

At first, sorry for my bad english ;o)

 

I installed ur great contribution some days ago.

now i installed today the "Products options added to product edit page"-contribution. but if i want to use the attributions at the product-site in the admin-area it goes evereytime to the login-page.

and if i want to change the categorie fast with the drop-down menu right side over the products happens the same.

 

what can i do?

Link to comment
Share on other sites

Hi

I have installed the 2.2, but have a problem.

 

I only see the header, and a few of my links, but the links dont work.

The admin link to the right that takes me to admin/index.php works, but index.php is blank.

 

whatIsee.jpg

 

Anyone know what the problem can be.

Edited by melhaa
Link to comment
Share on other sites

Hi

I have installed the 2.2, but have a problem.

 

I only see the header, and a few of my links, but the links dont work.

The admin link to the right that takes me to admin/index.php works, but index.php is blank.

 

whatIsee.jpg

 

Anyone know what the problem can be.

 

 

you need to go through an add your files to allow access

Link to comment
Share on other sites

Hi

Where do I add the files?

 

When I press one of the links on the menu nothing happens

 

I have uploaded all the files from the contrib

Edited by melhaa
Link to comment
Share on other sites

it sounds like you got further than I. I can't get past the login to even see the customer's page.

 

I noticed that my ID changed with every page load on the admin side and the first fix posted talked about hardcoding the ID wich leads me to believe that those who have it working have constant session id throughour their login.

 

Is anybody else seeing the constant id change that has the contrib working with SSL.

 

 

Still looking for an answer to this..anyone?

Link to comment
Share on other sites

Hi

I figured it out, I had a problem with one of my other contribs.

 

Does anyone know how to implement the Custom Sort Order.

 

This link in admin/includes/boxes/catalog.php is what makes the problem.

 

'<a href="sort_order.php" class="menuBoxContentLink">Sort Order</a><br>'

Link to comment
Share on other sites

Hi,

 

I am trying to run a php script inside the /admin/ directory on my site via a cron job.

 

Is there any way to pass the username & password for the admin access levels via a URL string.

 

I have tried;

 

http://www.site.com/admin/login.php?email_...&action=process

 

But even though this is a valid username & password - I still get a password error.

 

My question is Am I able to login via a URL string, or does this ahve to be done manually?

 

Cheers,

 

Callum

Link to comment
Share on other sites

Still looking for an answer to this..anyone?

 

Yep,

 

I still can't get it to work with SSL enabled. Without SSL on the admin side everything works fine but once I turn SSL on I get stuck in a login loop but the secure link to the forgot password page works. I am guessing that it is not validating my login due to the changing adminID I get with every secure page load.

 

any ideas?

 

Mark

Link to comment
Share on other sites

Heres a mod to this contrib I have been working on borrowing some code here and there and then writing the rest myself. As always BACKUP! BACKUP! BACKUP!

 

WHAT IT DOES:

It disables an email address after 5 login tries for 5 minutes and emails the administrator the offenders IP Address. After 5 minutes you can log right back in automagically!

 

WHY:

To stop brut force attacks, its not perfect but the next step after basic password protection. It helps keep a hacker from using 100s or 1000s of requests to guess your password....

......

 

Nice sub-contribution. It works perfectly I think :thumbsup:

 

Regards

Stefan

Link to comment
Share on other sites

Hi

I'm trying to get a link to work in boxes, but cant seem to do it.

 

The link

'<a href="sort_order.php" class="menuBoxContentLink">Modify Sort Order</a><br>'

 

I have changed it to:

 

tep_admin_files_boxes('sort_order.php', 'Product sort'));

 

Can anyone tell me what I'm doing wrong?

 

The link is in admin/includes/boxes/catalog.php

Edited by melhaa
Link to comment
Share on other sites

Hi

I'm trying to get a link to work in boxes, but cant seem to do it.

 

The link

'<a href="sort_order.php" class="menuBoxContentLink">Modify Sort Order</a><br>'

 

I have changed it to:

 

tep_admin_files_boxes('sort_order.php', 'Product sort'));

 

Can anyone tell me what I'm doing wrong?

 

The link is in admin/includes/boxes/catalog.php

 

Hi

I fixed it, used a , instead of a . between the lines.

Link to comment
Share on other sites

Okay, I'm desperately trying to add entries to the boxes, and it is utterly failing to work. I have added

tep_admin_files_boxes(FILENAME_STATS_ORDERLIST, BOX_REPORTS_ORDERLIST) .

to the reports.php in admin/includes/boxes. I have added

insert into admin_files (admin_files_id, admin_files_name, admin_files_is_boxes, admin_files_to_boxes, admin_groups_id) values ('43', 'orderlist.php', '0', '8', '1,2');

to the sql database that I imported into my database. I am utterly failing in making this work. I did, however, manage to make my header tags controller box appear, but failed to create an easypopulate box and make it appear. Can someone explain to me, in small, easy-to-understand words, exactly how to add more links to the boxes on the left with this contribution?

Always BACK UP your files and your database before making any changes. Before asking questions, check out the Knowledge Base. Check out the contributions to see if your problem's solved there. Search the forums.

 

Useful threads: Store Speed Optimization How to make a horrible shop Basics for design change How to search the forums

 

Useful contributions: Easypopulate Fast, Easy Checkout Header Tag Controller

Link to comment
Share on other sites

Okay, I'm desperately trying to add entries to the boxes, and it is utterly failing to work. I have added
tep_admin_files_boxes(FILENAME_STATS_ORDERLIST, BOX_REPORTS_ORDERLIST) .

to the reports.php in admin/includes/boxes. I have added

insert into admin_files (admin_files_id, admin_files_name, admin_files_is_boxes, admin_files_to_boxes, admin_groups_id) values ('43', 'orderlist.php', '0', '8', '1,2');

to the sql database that I imported into my database. I am utterly failing in making this work. I did, however, manage to make my header tags controller box appear, but failed to create an easypopulate box and make it appear. Can someone explain to me, in small, easy-to-understand words, exactly how to add more links to the boxes on the left with this contribution?

 

this is the correct link to add into the box file

tep_admin_files_boxes(FILENAME_STATS_ORDERLIST, BOX_REPORTS_ORDERLIST) .

 

however once it's added their - you need to go the administrator section and add that page to the correct menu before the links will show. hope that makes sense.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...