Jump to content
Sign in to follow this  
korsh

(Contribution) Control Login 2.0

Recommended Posts

Hi,

 

I have installed Control Login 2.0

 

When I a new customer creates a new account and receives a new password then tries to log in the page merely refreshes.

 

When the account is activated in administration and the status set to green

the customer can now log in

 

However they now receive the warning that until their account is activated they cannot log in.

 

Am I color blind? Below are the instructions and corrections that I followed.

 

This instruction will guide you to enable controlling over signingup/logging in to your shopping cart. This will force your customers to not be able to login, nor check out until you have activate his account in admin area. 

This mod is based on snapshot july 2002; however, it should work with current snapshot, wouldn't be hard to adjust it. 


1. create new column in table Customers.
 ALTER TABLE customers ADD customers_status int(1) NOT NULL default '0';


2. control login, if customers status is 1, then login succeed, else fail... 
file to edit: catalog/login.php
find:
// Check if email exists
   $check_customer_query = tep_db_query("select customers_id, customers_firstname, customers_password, customers_email_address, customers_default_address_id from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "'");
   if (!tep_db_num_rows($check_customer_query)) {
     $HTTP_GET_VARS['login'] = 'fail';
   } else {
     $check_customer = tep_db_fetch_array($check_customer_query);

replace with:
// Check if email exists and status is activated
   $check_customer_query = tep_db_query("select customers_id, customers_firstname, customers_password, customers_email_address, customers_default_address_id, customers_status from " . TABLE_CUSTOMERS . " where customers_status = '1' and customers_email_address = '" . tep_db_input($email_address) . "'");
   if (!tep_db_num_rows($check_customer_query)) {
     $HTTP_GET_VARS['login'] = 'fail';
   } else {
     $check_customer = tep_db_fetch_array($check_customer_query);

3. also edit lang file. 
file to edit: catalog/includes/languages/english/login.php
find TEXT_LOGIN_ERROR  and write more info why visitor can't login such as..account has not been activated/email is not in database/ wrong password...blah blah blah.

4.  now edit file in admin, so you can activate/deactivate customer in your comfort admin area.
file to edit: admin/customers.php

find: case 'update':
before case 'update'; and below switch ($HTTP_GET_VARS['action']) {
add the following in between:    
case 'setflag':
       if ( ($HTTP_GET_VARS['flag'] == '0') || ($HTTP_GET_VARS['flag'] == '1') ) {
             if ($HTTP_GET_VARS['cID']) {
           tep_set_customers_status($HTTP_GET_VARS['cID'], $HTTP_GET_VARS['flag']);
   }
         }

       tep_redirect(tep_href_link(FILENAME_CUSTOMERS, '', 'NONSSL'));
       break;



find: 
<td class="dataTableHeadingContent"><?php echo TABLE_HEADING_LASTNAME; ?></td>
               <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_FIRSTNAME; ?></td>
               <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACCOUNT_CREATED; ?></td>
               <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?> </td>

replace with:
<td class="dataTableHeadingContent"><?php echo TABLE_HEADING_LASTNAME; ?></td>
               <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_FIRSTNAME; ?></td>
               <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACCOUNT_CREATED; ?></td>
   <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_CUSTOMERS_STATUS; ?></td>
               <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?> </td>



find: 
<td class="dataTableContent"><?php echo $customers['customers_lastname']; ?></td>
               <td class="dataTableContent"><?php echo $customers['customers_firstname']; ?></td>
               <td class="dataTableContent" align="right"><?php echo tep_date_short($info['date_account_created']); ?></td>
<td class="dataTableContent" align="right"><?php if ( (is_object($cInfo)) && ($customers['customers_id'] == $cInfo->customers_id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '<a href="' . tep_href_link(FILENAME_CUSTOMERS, tep_get_all_get_params(array('cID')) . 'cID=' . $customers['customers_id']) . '">' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . '</a>'; } ?> </td>
            
replace with:
<td class="dataTableContent"><?php echo $customers['customers_lastname']; ?></td>
               <td class="dataTableContent"><?php echo $customers['customers_firstname']; ?></td>
               <td class="dataTableContent" align="right"><?php echo tep_date_short($info['date_account_created']); ?></td>
   <td class="dataTableContent" align="right"><?php   if ($customers['customers_status'] == '1') {
       echo tep_image(DIR_WS_IMAGES . 'icon_status_green.gif', IMAGE_ICON_STATUS_GREEN, 10, 10) . '  <a href="' . tep_href_link(FILENAME_CUSTOMERS, 'action=setflag&flag=0&cID=' . $customers['customers_id'], 'NONSSL') . '">' . tep_image(DIR_WS_IMAGES . 'icon_status_red_light.gif', IMAGE_ICON_STATUS_RED_LIGHT, 10, 10) . '</a>';
       } else {
       echo '<a href="' . tep_href_link(FILENAME_CUSTOMERS, 'action=setflag&flag=1&cID=' . $customers['customers_id'], 'NONSSL') . '">' . tep_image(DIR_WS_IMAGES . 'icon_status_green_light.gif', IMAGE_ICON_STATUS_GREEN_LIGHT, 10, 10) . '</a>  ' . tep_image(DIR_WS_IMAGES . 'icon_status_red.gif', IMAGE_ICON_STATUS_RED, 10, 10);
     } ?></td>
               <td class="dataTableContent" align="right"><?php if ( (is_object($cInfo)) && ($customers['customers_id'] == $cInfo->customers_id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '<a href="' . tep_href_link(FILENAME_CUSTOMERS, tep_get_all_get_params(array('cID')) . 'cID=' . $customers['customers_id']) . '">' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . '</a>'; } ?> </td>
             
5. edit admin lang file.
file to edit: admin/includes/languages/english/customers.php
after this line:
define('TABLE_HEADING_ACCOUNT_CREATED', 'Account Created');define('TABLE_HEADING_CUSTOMERS_STATUS', 'Status');

add: define('TABLE_HEADING_CUSTOMERS_STATUS', 'Status');

6. add tep_set_customers_status
file to edit: admin/includes/functions/general.php
add the follow lines before ?>

// Customers Status
 function tep_set_customers_status($customers_id, $customers_status) {
   if ($customers_status == '1') {
     return tep_db_query("update " . TABLE_CUSTOMERS . " set customers_status = '1'");
   } elseif ($customers_status == '0') {
     return tep_db_query("update " . TABLE_CUSTOMERS . " set customers_status = '0'");
   } else {
     return -1;
   }
 }

 
================================================================================
==========
That's about it. Hope I don't forget anything. I might add some cosmatic or features later. This is it for now.
Enjoy! 
DIMSUMGIRL;)

Hi Tammy, 

I've downloaded your contribution and basically it is a nice peace of work. However I've found a view serious mistakes you've made in your description you might want to check and maybe release an updated version. 

1. You have to add WHERE statement to your query, otherwise a click on the red or green button updates all customers at once... 

Your Text: 

6. add tep_set_customers_status 
file to edit: admin/includes/functions/general.php 
add the follow lines before ?> 

// Customers Status 
function tep_set_customers_status($customers_id, $customers_status) { 
if ($customers_status == '1') { 
return tep_db_query("update " . TABLE_CUSTOMERS . " set customers_status = '1'"); 
} elseif ($customers_status == '0') { 
return tep_db_query("update " . TABLE_CUSTOMERS . " set customers_status = '0'"); 
} else { 
return -1; 
} 
} 

Should be: 

// Customers Status 
function tep_set_customers_status($customers_id, $customers_status) { 
if ($customers_status == '1') { 
return tep_db_query("update " . TABLE_CUSTOMERS . " set customers_status = '1' WHERE customers_id = '" . $customers_id . "'"); 
} elseif ($customers_status == '0') { 
return tep_db_query("update " . TABLE_CUSTOMERS . " set customers_status = '0' WHERE customers_id = '" . $customers_id . "'"); 
} else { 
return -1; 
} 
} 


2. You have to get the customer_status out of the database in order to make your if statement work: 
(in admin/customers.php)
So add to 

$customers_query_raw = "select c.customers_id, c.customers_lastname, 

the c.customers_status 

$customers_query_raw = "select c.customers_status, c.customers_id, c.customers_lastname, 


3. I suggest that you give an info to add tep_session_destroy(); to the create_account_success.php. I've added this right to the beginning of this file, but it doesn't really matter. If you don't add this the user that just registered is already logged in, even that the customers_status is set to '0'. Of course, after logging out, he/she can't login anymore until account has been activated. 

Would be nice to hear from you, 

best regards Matt

 

if anyone has had any experience with this I would love to hear from them

 

James

Share this post


Link to post
Share on other sites

Hello, has anyone made this contrib work under MS2.2?

 

I can't even start editing the files because they have some major differences.

 

In step 2 they describe that there should be code like this

   $HTTP_GET_VARS['login'] = 'fail';
   } else {
     $check_customer = tep_db_fetch_array($check_customer_query);

while I have it like this:

$error = true;
   } else {
     $check_customer = tep_db_fetch_array($check_customer_query);

other lines differ too.

 

If anyone has this contrib edited to work fine, please let me know!

 

Thanks in advance!

Share this post


Link to post
Share on other sites

I Couldn't find the original topic either.. so instead of making again a new one.. i 'll use this one!

 

I got it working perfect.. BUT.. i need it to do one more thing...

 

I set it up so that when you set the flag (if you activate the account in the admin) it sends a mail to the customer telling that his account has been activated. That mail contains the customers name, and his email, i 'm now working on his password.

 

After long searching i saw this is kinda impossible. Since you actually make the password (its a random generated one) when you add a new customer. And it can take years (for example :P) before you activate that persons account. The problem in osC (not really a problem, i guess its good the way it works!) that you can't reverse the coded password.

 

So I was thinking. Since the account isn't active anyway, its not bad that there would not be a password at that time.

So I want to make the password (random generated) at the moment when you activate a customer.

 

So I guess that code goes into my case 'setflag' ?

 

Will this work? Is this stupid?? or..... are their other solutions I didn't think of?

Any feedback is appreciated!


Even in this dark place, yes, I am afraid of my own shadow.

 

 

 

Contributions | KnowledgeBase | osCommerce 2.2 pdf

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×