Must Login and be Authorized to Browse - *but can see homepage*

[christinapupo]

Hi, I'm trying to get the store setup where they must be logged in and authorized to browse but I want the homepage to show and also a special page called "Find a Retailer" (stores-custom module). So I set the configuration options in customer details to:
1= Must login to browse
1= Must be Authorized to Browse
and then I edited /includes/init_includes/init_customer_auth.php to:

line 68
case (in_array($_GET['main_page'], array(FILENAME_LOGOFF, FILENAME_PRIVACY, FILENAME_PASSWORD_FORGOTTEN, FILENAME_CONTACT_US, FILENAME_CONDITIONS, FILENAME_SHIPPING, FILENAME_UNSUBSCRIBE,'stores'))):
// on special pages, allow customers to access regardless of store mode or cust auth mode

line 116
if (!in_array($_GET['main_page'], array(FILENAME_LOGIN, FILENAME_LOGOFF, FILENAME_CREATE_ACCOUNT, FILENAME_PASSWORD_FORGOTTEN, FILENAME_CONTACT_US, FILENAME_PRIVACY,'stores')))

The "Find a Retailer" (stores module) page will show without being logged in but how do I get the homepage to show?

Here is my testing URL: http://morningflower.actionzencarts.com

Can anyone help?

[kobra]

Check and combine with settings in admin > config > my store > store status

[christinapupo]

Check and combine with settings in admin > config > my store > store status

I have no idea what you mean by this? The store status is 0= Normal Store. I have tried adding this to the /includes/init_includes/init_customer_auth.php

line 68
case (in_array($_GET['main_page'], array(FILENAME_LOGOFF, FILENAME_PRIVACY, FILENAME_PASSWORD_FORGOTTEN, FILENAME_CONTACT_US, FILENAME_CONDITIONS, FILENAME_SHIPPING, FILENAME_UNSUBSCRIBE,'stores')) or $this_is_home_page):

but I need more specific help?

[kobra]

Get out of the code and restore to default code files
Set cusatomer status to May browse but no prices unless logged in

[gjh42]

The OP's stated goals cannot be met with just admin settings. Since the first edit works for her (to allow the "stores" page), continuing for the homepage seems reasonable.

It is possible that $this_is_home_page has not yet been set at the init stage of page processing (I don't know one way or the other), so another test may be needed. Perhaps checking for

PHP Code:

     or ($_GET['main_page'] == 'index' and $_GET['cPath'] == '') 


[christinapupo]

Thank you gjh42! That worked perfectly. Here are the changes I made in case anyone else needs them (in red):

/includes/init_includes/init_customer_auth.php

<?php
/**
* customer authorisation based on DOWN_FOR_MAINTENANCE and CUSTOMERS_APPROVAL_AUTHORIZATION settings
* see {@link http://www.zen-cart.com/wiki/index.p...als#InitSystem wikitutorials} for more details.
*
* @package initSystem
* @copyright Copyright 2003-2007 Zen Cart Development Team
* @copyright Portions Copyright 2003 osCommerce
* @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
* @version $Id: init_customer_auth.php 6992 2007-09-13 02:54:24Z ajeh $
*/
if (!defined('IS_ADMIN_FLAG')) {
die('Illegal Access');
}
$down_for_maint_flag = false;
/**
* do not let people get to down for maintenance page if not turned on unless is admin in IP list
*/
if (DOWN_FOR_MAINTENANCE=='false' and $_GET['main_page'] == DOWN_FOR_MAINTENANCE_FILENAME && !strstr(EXCLUDE_ADMIN_IP_FOR_MAINTENANCE, $_SERVER['REMOTE_ADDR'])){
zen_redirect(zen_href_link(FILENAME_DEFAULT));
}
/**
* see if DFM mode type is defined (strict means all pages blocked, relaxed means logoff/privacy/etc pages are usable)
*/
if (!defined('DOWN_FOR_MAINTENANCE_TYPE')) define('DOWN_FOR_MAINTENANCE_TYPE', 'relaxed');
/**
* check to see if site is DFM, and set a flag for use later
*/
if (DOWN_FOR_MAINTENANCE == 'true') {
if (!strstr(EXCLUDE_ADMIN_IP_FOR_MAINTENANCE, $_SERVER['REMOTE_ADDR'])){
if ($_GET['main_page'] != DOWN_FOR_MAINTENANCE_FILENAME) $down_for_maint_flag = true;
}
}
/**
* recheck customer status for authorization
*/
if (CUSTOMERS_APPROVAL_AUTHORIZATION > 0 && ($_SESSION['customer_id'] != '' and $_SESSION['customers_authorization'] != '0')) {
$check_customer_query = "select customers_id, customers_authorization
from " . TABLE_CUSTOMERS . "
where customers_id = '" . $_SESSION['customer_id'] . "'";
$check_customer = $db->Execute($check_customer_query);
$_SESSION['customers_authorization'] = $check_customer->fields['customers_authorization'];
}
/**
* customer login status
* 0 = normal shopping
* 1 = Login to shop
* 2 = Can browse but no prices
*
* customer authorization status
* 0 = normal shopping
* 1 = customer authorization to shop
* 2 = customer authorization pending can browse but no prices
*/
switch (true) {
case ($down_for_maint_flag && DOWN_FOR_MAINTENANCE_TYPE == 'strict'):
// if DFM is in strict mode, then block access to all pages:
zen_redirect(zen_href_link(DOWN_FOR_MAINTENANCE_FILENAME));
break;

case ((DOWN_FOR_MAINTENANCE == 'true') && !in_array($_GET['main_page'], array(FILENAME_LOGOFF, FILENAME_PRIVACY, FILENAME_CONTACT_US, FILENAME_CONDITIONS, FILENAME_SHIPPING))):
// on special pages, if DFM mode is "relaxed", allow access to these pages
if ($down_for_maint_flag && DOWN_FOR_MAINTENANCE_TYPE == 'relaxed') {
zen_redirect(zen_href_link(DOWN_FOR_MAINTENANCE_FILENAME));
}
break;

case (in_array($_GET['main_page'], array(FILENAME_LOGOFF, FILENAME_PRIVACY, FILENAME_PASSWORD_FORGOTTEN, FILENAME_CONTACT_US, FILENAME_CONDITIONS, FILENAME_SHIPPING, FILENAME_UNSUBSCRIBE,'stores',CUSTOMERS_AUTHORIZATION_FILENAME)) or ($_GET['main_page'] == 'index' and $_GET['cPath'] == '')):
// on special pages, allow customers to access regardless of store mode or cust auth mode
break;

/**
* check store status before authorizations
*/
case (STORE_STATUS != 0):
break;

// bof added by christina
case ($_GET['main_page'] == 'index' and $_GET['cPath'] == ''):
break;
// eof added by christina

/**
* if not down for maintenance check login status
*/
case (CUSTOMERS_APPROVAL == '1' and $_SESSION['customer_id'] == ''):
/**
* customer must be logged in to browse
*/
if (!in_array($_GET['main_page'], array(FILENAME_LOGIN, FILENAME_LOGOFF, FILENAME_CREATE_ACCOUNT, FILENAME_PASSWORD_FORGOTTEN, FILENAME_CONTACT_US, FILENAME_PRIVACY,'stores'))) {
if (!isset($_GET['set_session_login'])) {
$_GET['set_session_login'] = 'true';
$_SESSION['navigation']->set_snapshot();
}
zen_redirect(zen_href_link(FILENAME_LOGIN, '', 'SSL'));
}
break;

case (CUSTOMERS_APPROVAL == '2' and $_SESSION['customer_id'] == ''):
/**
* customer may browse but no prices
*/
break;

default:
/**
* proceed normally
*/
break;
}




switch (true) {
/**
* check store status before authorizations
*/
case (STORE_STATUS != 0):
break;

// bof added by christina
case ($_GET['main_page'] == 'index' and $_GET['cPath'] == ''):
break;
// eof added by christina

case (CUSTOMERS_APPROVAL_AUTHORIZATION == '1' and $_SESSION['customer_id'] == ''):
/**
* customer must be logged in to browse
*/
if (!in_array($_GET['main_page'], array(FILENAME_LOGIN, FILENAME_LOGOFF, FILENAME_CREATE_ACCOUNT, FILENAME_PASSWORD_FORGOTTEN, FILENAME_CONTACT_US, FILENAME_PRIVACY,'stores'))) {
if (!isset($_GET['set_session_login'])) {
$_GET['set_session_login'] = 'true';
$_SESSION['navigation']->set_snapshot();
}
zen_redirect(zen_href_link(FILENAME_LOGIN, '', 'SSL'));
}
break;

case (CUSTOMERS_APPROVAL_AUTHORIZATION == '2' and $_SESSION['customer_id'] == ''):
/**
* customer may browse but no prices unless Authorized
*/
/*
if (!in_array($_GET['main_page'], array(FILENAME_LOGIN, FILENAME_CREATE_ACCOUNT))) {
if (!isset($_GET['set_session_login'])) {
$_GET['set_session_login'] = 'true';
$_SESSION['navigation']->set_snapshot();
}
zen_redirect(zen_href_link(FILENAME_LOGIN, '', 'SSL'));
}
*/
break;

case (CUSTOMERS_APPROVAL_AUTHORIZATION == '1' and $_SESSION['customers_authorization'] != '0'):
/**
* customer is pending approval
* customer must be logged in to browse
*/
if (!in_array($_GET['main_page'], array(FILENAME_LOGIN, FILENAME_LOGOFF, FILENAME_CONTACT_US, FILENAME_PRIVACY,'stores',CUSTOMERS_AUTHORIZATION_FILENAME))) {
if ($_GET['main_page'] != CUSTOMERS_AUTHORIZATION_FILENAME) {
zen_redirect(zen_href_link(CUSTOMERS_AUTHORIZATION_FILENAME));
}
}
break;

case (CUSTOMERS_APPROVAL_AUTHORIZATION == '2' and $_SESSION['customers_authorization'] != '0'):
/**
* customer may browse but no prices
*/
break;

default:
/**
* proceed normally
*/
break;
}
?>