Restricting access at a product level

[Lineage]

I'm managing a Zen Cart store for a customer who is selling t-shirts. Amung other requests, he has shirts that are available to the general public, but also wants to sell shirts for organizations through his site that aren't for the general public, such as company shirts, etc.

He wants to password protect the products that are to be restricted.

I was thinking it would be better to assign a token when the product is created which can be called from a URL or if it doesn't exist require it to be submitted before the product can be viewed.

I've searched the forums several times and searched through all the contributions and can't find anything to offer this solution, or a similar one.

Does anyone have any recommendations of how to do this?

I'm not afraid to try to code it myself, but I'm not so familar with altering the backend of Zen Cart. What files would I need to alter to make it happen?

The cart is the latest 1.3.9h with image handler, zen lightbox and google analytics addons installed.

[stevesh]

There's this:

http://www.zen-cart.com/index.php?ma...oducts_id=1389

I haven't used it.

[batman42ca]

These links might help too:

plugin:

hideCategories

thread:

Password Protected Categories (PPC) - Official Thread

The idea is to place all products that are to be hidden in the same category and then hide that category

[stevesh]

I didn't recommend the hideCategories mod since its page says it doesn't work with PHP5, which most servers have been upgraded to. If the mod has been updated, that's probably the way to go.

[Lineage]

I didn't recommend the hideCategories mod since its page says it doesn't work with PHP5, which most servers have been upgraded to. If the mod has been updated, that's probably the way to go.

I had seen this too and steered clear of it. My servers run PHP 5, so no support to that is a no go for me.

[Lineage]

What I've started working on is basically this:


I plan to write a script that will be called by cron at midnight every night that will take any product that has expired and change their status. In my case, my customer wants to keep all product in his store, even if it has expired, kind of as a portfolio of past products (most of his stuff is one time runs, consigned by customers, etc.) So for him, I've changed the language for "Call for price" to "Archived" which allows the product to stay visible in the cart, but prevent it from being purchased. The cron job will then run a MySQL query to change the value of "Call for Price" from off to on.

I'm still working on the idea of the token. The idea is to allow my customer to be able to send an email link to his customers so that all they need to do is click the link and gain access. If someone were to navigate to the product without the URL, it will prompt them for the token number, very similar to prompting for a password, before allowing the product to be viewed.

Upon submitting the new product (or editing an existing one) I'm thinking a simple Unix Timestamp should be adequate to use as a token. I can't foresee any issues with randomization picking an existing token that way. Something as simple as

Code:

SELECT UNIX_TIMESTAMP(NOW());

It would result in a token that when appended to the URL, should look like such:

Code:

http://testserv.local/zc/index.php?main_page=product_info&cPath=1_9&products_id=26&token=1290490762

Sadly, because of my day job and family life, I've not gotten much farther than figuring what files I needed to edit to add the fields in the screenshot above. Sometimes, it just helps me to write things out even if no one else may read it.