There is a minor bug in Admin Tools>Admin Settings which probably most will never notice. It caused me problems when I installed the new Admin Profiles contribution where the effect of the bug is very noticeable.
The bug is only apparent when register globals is 'On'
When a new admin is created or an existing admin is deleted the logged in admin identity changes to that of the new or deleted admin. Checking the admin_activity_log table in the database will confirm this.
The only difference noticeable in Admin Settings would be if the new or deleted admin had a different 'Admin Level' from that of the originally logged in admin. When attempting to 'Edit' the settings for an admin the Admin Levels box would or would not be visible dependant upon the new or deleted admin's permissions and not as per the original login admins permissions. Most people would not notice this and of course logging out and logging back in corrects this.
With register globals set 'Off' there is no problem. I know that this is the recommended setting but I believe ZenCart is supposed to work either way.
I have tested this using v 1.3 and v1.3.0.1 but I also checked an existing install of v1.2.7 and it too has this bug.
I only came across this on my test server when trying out Admin Profiles. Because I was 'just testing' I hadn't bothered to overide the server's register glogals setting using .htaccess.
Caused me a lot of grief before it finally clicked what was wrong.
Regards,
Alan
Bookmarks