korsh Posted April 7, 2004 Share Posted April 7, 2004 Hi, I have installed Control Login 2.0 When I a new customer creates a new account and receives a new password then tries to log in the page merely refreshes. When the account is activated in administration and the status set to green the customer can now log in However they now receive the warning that until their account is activated they cannot log in. Am I color blind? Below are the instructions and corrections that I followed. This instruction will guide you to enable controlling over signingup/logging in to your shopping cart. This will force your customers to not be able to login, nor check out until you have activate his account in admin area. This mod is based on snapshot july 2002; however, it should work with current snapshot, wouldn't be hard to adjust it. 1. create new column in table Customers. ALTER TABLE customers ADD customers_status int(1) NOT NULL default '0'; 2. control login, if customers status is 1, then login succeed, else fail... file to edit: catalog/login.php find: // Check if email exists $check_customer_query = tep_db_query("select customers_id, customers_firstname, customers_password, customers_email_address, customers_default_address_id from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "'"); if (!tep_db_num_rows($check_customer_query)) { $HTTP_GET_VARS['login'] = 'fail'; } else { $check_customer = tep_db_fetch_array($check_customer_query); replace with: // Check if email exists and status is activated $check_customer_query = tep_db_query("select customers_id, customers_firstname, customers_password, customers_email_address, customers_default_address_id, customers_status from " . TABLE_CUSTOMERS . " where customers_status = '1' and customers_email_address = '" . tep_db_input($email_address) . "'"); if (!tep_db_num_rows($check_customer_query)) { $HTTP_GET_VARS['login'] = 'fail'; } else { $check_customer = tep_db_fetch_array($check_customer_query); 3. also edit lang file. file to edit: catalog/includes/languages/english/login.php find TEXT_LOGIN_ERROR and write more info why visitor can't login such as..account has not been activated/email is not in database/ wrong password...blah blah blah. 4. now edit file in admin, so you can activate/deactivate customer in your comfort admin area. file to edit: admin/customers.php find: case 'update': before case 'update'; and below switch ($HTTP_GET_VARS['action']) { add the following in between: case 'setflag': if ( ($HTTP_GET_VARS['flag'] == '0') || ($HTTP_GET_VARS['flag'] == '1') ) { if ($HTTP_GET_VARS['cID']) { tep_set_customers_status($HTTP_GET_VARS['cID'], $HTTP_GET_VARS['flag']); } } tep_redirect(tep_href_link(FILENAME_CUSTOMERS, '', 'NONSSL')); break; find: <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_LASTNAME; ?></td> <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_FIRSTNAME; ?></td> <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACCOUNT_CREATED; ?></td> <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?> </td> replace with: <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_LASTNAME; ?></td> <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_FIRSTNAME; ?></td> <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACCOUNT_CREATED; ?></td> <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_CUSTOMERS_STATUS; ?></td> <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?> </td> find: <td class="dataTableContent"><?php echo $customers['customers_lastname']; ?></td> <td class="dataTableContent"><?php echo $customers['customers_firstname']; ?></td> <td class="dataTableContent" align="right"><?php echo tep_date_short($info['date_account_created']); ?></td> <td class="dataTableContent" align="right"><?php if ( (is_object($cInfo)) && ($customers['customers_id'] == $cInfo->customers_id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '<a href="' . tep_href_link(FILENAME_CUSTOMERS, tep_get_all_get_params(array('cID')) . 'cID=' . $customers['customers_id']) . '">' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . '</a>'; } ?> </td> replace with: <td class="dataTableContent"><?php echo $customers['customers_lastname']; ?></td> <td class="dataTableContent"><?php echo $customers['customers_firstname']; ?></td> <td class="dataTableContent" align="right"><?php echo tep_date_short($info['date_account_created']); ?></td> <td class="dataTableContent" align="right"><?php if ($customers['customers_status'] == '1') { echo tep_image(DIR_WS_IMAGES . 'icon_status_green.gif', IMAGE_ICON_STATUS_GREEN, 10, 10) . ' <a href="' . tep_href_link(FILENAME_CUSTOMERS, 'action=setflag&flag=0&cID=' . $customers['customers_id'], 'NONSSL') . '">' . tep_image(DIR_WS_IMAGES . 'icon_status_red_light.gif', IMAGE_ICON_STATUS_RED_LIGHT, 10, 10) . '</a>'; } else { echo '<a href="' . tep_href_link(FILENAME_CUSTOMERS, 'action=setflag&flag=1&cID=' . $customers['customers_id'], 'NONSSL') . '">' . tep_image(DIR_WS_IMAGES . 'icon_status_green_light.gif', IMAGE_ICON_STATUS_GREEN_LIGHT, 10, 10) . '</a> ' . tep_image(DIR_WS_IMAGES . 'icon_status_red.gif', IMAGE_ICON_STATUS_RED, 10, 10); } ?></td> <td class="dataTableContent" align="right"><?php if ( (is_object($cInfo)) && ($customers['customers_id'] == $cInfo->customers_id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '<a href="' . tep_href_link(FILENAME_CUSTOMERS, tep_get_all_get_params(array('cID')) . 'cID=' . $customers['customers_id']) . '">' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . '</a>'; } ?> </td> 5. edit admin lang file. file to edit: admin/includes/languages/english/customers.php after this line: define('TABLE_HEADING_ACCOUNT_CREATED', 'Account Created');define('TABLE_HEADING_CUSTOMERS_STATUS', 'Status'); add: define('TABLE_HEADING_CUSTOMERS_STATUS', 'Status'); 6. add tep_set_customers_status file to edit: admin/includes/functions/general.php add the follow lines before ?> // Customers Status function tep_set_customers_status($customers_id, $customers_status) { if ($customers_status == '1') { return tep_db_query("update " . TABLE_CUSTOMERS . " set customers_status = '1'"); } elseif ($customers_status == '0') { return tep_db_query("update " . TABLE_CUSTOMERS . " set customers_status = '0'"); } else { return -1; } } ================================================================================ ========== That's about it. Hope I don't forget anything. I might add some cosmatic or features later. This is it for now. Enjoy! DIMSUMGIRL;) Hi Tammy, I've downloaded your contribution and basically it is a nice peace of work. However I've found a view serious mistakes you've made in your description you might want to check and maybe release an updated version. 1. You have to add WHERE statement to your query, otherwise a click on the red or green button updates all customers at once... Your Text: 6. add tep_set_customers_status file to edit: admin/includes/functions/general.php add the follow lines before ?> // Customers Status function tep_set_customers_status($customers_id, $customers_status) { if ($customers_status == '1') { return tep_db_query("update " . TABLE_CUSTOMERS . " set customers_status = '1'"); } elseif ($customers_status == '0') { return tep_db_query("update " . TABLE_CUSTOMERS . " set customers_status = '0'"); } else { return -1; } } Should be: // Customers Status function tep_set_customers_status($customers_id, $customers_status) { if ($customers_status == '1') { return tep_db_query("update " . TABLE_CUSTOMERS . " set customers_status = '1' WHERE customers_id = '" . $customers_id . "'"); } elseif ($customers_status == '0') { return tep_db_query("update " . TABLE_CUSTOMERS . " set customers_status = '0' WHERE customers_id = '" . $customers_id . "'"); } else { return -1; } } 2. You have to get the customer_status out of the database in order to make your if statement work: (in admin/customers.php) So add to $customers_query_raw = "select c.customers_id, c.customers_lastname, the c.customers_status $customers_query_raw = "select c.customers_status, c.customers_id, c.customers_lastname, 3. I suggest that you give an info to add tep_session_destroy(); to the create_account_success.php. I've added this right to the beginning of this file, but it doesn't really matter. If you don't add this the user that just registered is already logged in, even that the customers_status is set to '0'. Of course, after logging out, he/she can't login anymore until account has been activated. Would be nice to hear from you, best regards Matt if anyone has had any experience with this I would love to hear from them James Quote Link to comment Share on other sites More sharing options...
d-lexy Posted August 31, 2004 Share Posted August 31, 2004 Hello, has anyone made this contrib work under MS2.2? I can't even start editing the files because they have some major differences. In step 2 they describe that there should be code like this $HTTP_GET_VARS['login'] = 'fail'; } else { $check_customer = tep_db_fetch_array($check_customer_query); while I have it like this: $error = true; } else { $check_customer = tep_db_fetch_array($check_customer_query); other lines differ too. If anyone has this contrib edited to work fine, please let me know! Thanks in advance! Quote Link to comment Share on other sites More sharing options...
Darklings Posted February 28, 2007 Share Posted February 28, 2007 I Couldn't find the original topic either.. so instead of making again a new one.. i 'll use this one! I got it working perfect.. BUT.. i need it to do one more thing... I set it up so that when you set the flag (if you activate the account in the admin) it sends a mail to the customer telling that his account has been activated. That mail contains the customers name, and his email, i 'm now working on his password. After long searching i saw this is kinda impossible. Since you actually make the password (its a random generated one) when you add a new customer. And it can take years (for example :P) before you activate that persons account. The problem in osC (not really a problem, i guess its good the way it works!) that you can't reverse the coded password. So I was thinking. Since the account isn't active anyway, its not bad that there would not be a password at that time. So I want to make the password (random generated) at the moment when you activate a customer. So I guess that code goes into my case 'setflag' ? Will this work? Is this stupid?? or..... are their other solutions I didn't think of? Any feedback is appreciated! Quote Even in this dark place, yes, I am afraid of my own shadow. Contributions | KnowledgeBase | osCommerce 2.2 pdf Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.