Thanks I will look forward to it.Quote:
Originally Posted by kuroi
Printable View
Thanks I will look forward to it.Quote:
Originally Posted by kuroi
Missing 'P' please....
My 'P' wasn't showing up so i backed up my admin.php file and replaced it with the one in 'extras - patched files for ZC1.3.6' and it showed up instantly - I'm a happy chappy once again.
Jamie
Hello
First off this is a great module and you offer fantastic support for it. I have installed it twice will no issues what so ever. However I justmoved pcs so I had to download the version form the zencart site and now after installing on a new site I am just getting errors.
Downloaded, read instructions, ran sql - everything was processed fine.
Ftp'd up the files in to the correct folders - now I am getting
Parse error: syntax error, unexpected T_STRING in /home/QH684H3P/htdocs/upstream/admin/includes/functions/admin_profiles.php on line 209
I have opened the file up and the code is not "coloured" as it normally is but I don't know enough about php to see where there might be a wee syntax etc out of place.
but from line 190 down it doesn't look right and then it looks fine from line 235 onwards
Code as below
<?php
/**
* @package admin profiles
* @copyright Copyright 2003-2006 Zen Cart Development Team
* @copyright Portions Copyright 2004 Jonathan Kontuk
* @copyright Portions Copyright 2003 osCommerce
* @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
* @version $Id: admin_profiles.php - last updated 2006-05-01 by kuroi
*/
function strip_suffix($filename,$suffix){
// This function is used in preference to the php basename function as one of the
// config entries currently includes a slash which basename unfortunately interprets
// as part of a filepath and discards everything in front of it.
$slen = strlen($suffix);
if (substr($filename,-$slen,$slen) == $suffix){
$result = substr($filename,0,strlen($filename)-$slen);
}else{
$result = $filename;
}
return $result;
}
function menu_header_visible($header){
// This function tests whether the header passed as a parameter in $header is available
// to the currently logged in admin user. If so it returns 'true', otherwise 'false'
global $db;
$query = "select id from ".TABLE_ADMIN_MENU_HEADERS." where header = '".$header."'";
$included = $db->Execute($query);
if ($included->fields['id'] != ''){
$who_allow = $db->Execute("select admin_id from ".TABLE_ADMIN_VISIBLE_HEADERS." where header_id = '".$included->fields['id']."'");
while (!$who_allow->EOF){
if ($who_allow->fields['admin_id']==$_SESSION['admin_id']){return 'true';}
$who_allow->MoveNext();
}
}
return 'false';
}
function page_allowed($page, $param=''){
// This function determines whether the page passed as parameter $page should be
// displayed in the admin menu for the currently logged on user. After stripping
// any .php suffix, it looks up the page ID and if it doesn't find one, assumes
// that this is a new function (e.g. a 3rd party mod) and inserts the page into
// the admin_files table. Otherwise it checks whether the page is allowed for the
// currently logged on user. If so, it returns 'true'. If not (including for a new
// insertion) it returns 'false'.
global $db;
$page = strip_suffix($page,".php");
if ($page=='configuration') return check_page($page, $param);
$query = "select id from ".TABLE_ADMIN_FILES." where page = '".$page."'";
$included = $db->Execute($query);
if ($included->fields['id'] == ''){
$sql = "insert into ". TABLE_ADMIN_FILES." set page = '".$page."'";
$db->Execute($sql);
}else{
$who_allow = $db->Execute("select admin_id from ".TABLE_ADMIN_ALLOWED." where page_id = '".$included->fields['id']."'");
while (!$who_allow->EOF){
if ($who_allow->fields['admin_id']==$_SESSION['admin_id']){return 'true';}
$who_allow->MoveNext();
}
}
return 'false';
}
function check_page($page, $param=''){
// This function checks whether the currently logged on user has permission to access
// the page passed as parameter $page. The function returns 'true' if the user is
// allowed access to the page, and 'false' otherwise (including when the page is auto
// inserted - see below for more details).
global $db;
// Most entries (normal case) have their own pages. However, everything on the Config
// and Modules menus are handled by the single pages config.php and modules.php which
// must be broken down into subpages for display on the Admin Profiles permissions page.
// If the page name is passed with a .php suffix, it is stripped.
if ($page == 'modules'){
$page = 'modulesset='.$_GET['set'];
}elseif ($page == 'configuration'){
$cid = str_replace('gID=', '', $param) . $_GET['gID'];
$config = $db->Execute("select configuration_group_title from ".TABLE_CONFIGURATION_GROUP." where configuration_group_id = '".$cid."'");
$page = $config->fields['configuration_group_title'];
}else{
$page = strip_suffix($page,".php");
}
// Look up the the ID for the page name passed as parameter $page. If no ID is found
// assume that this is a new function (e.g. a 3rd party mod) and insert the page into
// the admin_files table. Otherwise compile a list of users allowed access to the page.
// If the currently logged in user is on the list return 'true'. If not (including for
// a new insertion) return 'false'.
$query = "select id from ".TABLE_ADMIN_FILES." where page = '".$page."'";
$included = $db->Execute($query);
if ($included->fields['id'] == ''){
$sql = "insert into ". TABLE_ADMIN_FILES." set page = '".$page."'";
$db->Execute($sql);
}else{
$query = "select admin_id from ".TABLE_ADMIN_ALLOWED." where page_id = '".$included->fields['id']."'";
$who_allow = $db->Execute($query);
while (!$who_allow->EOF){
if ($who_allow->fields['admin_id']==$_SESSION['admin_id']){return 'true';}
$who_allow->MoveNext();
}
}
return 'false';
}
function display_profiles($headers, $adminID){
// This function is used to display headers and associated pages when the Edit Permissions option is
// selected from Admin Settings. It displays the information for the headings and associated pages
// listed in the array passed to the function as the parameter $headings, and indicates which are
// currently available to the user with the ID passed as $adminID.
global $db;
while (!$headers->EOF){ // for each valid menu header
// From the list of headers in the array passed as a parameter, compile a subset of those visible
// for the user with parameter adminID. Display all header titles with checkbox, checked if header
// is visible for this user, unchecked otherwise. Except for the third party mods header which
// does not have a checkbox and instead has extra explanatory text. Display buttons allowing all
// boxes under each heading to be checked or unchecked with a single click.
$query = "select * from ".TABLE_ADMIN_VISIBLE_HEADERS." where header_id = '".$headers->fields['id']."' and admin_id = '".$adminID."'";
$visible = $db->Execute($query);
if ($headers->fields['id'] == 0){
echo '<div class="menuHeaderOff"><span class="menuTitle">';
echo $headers->fields['header'].' (when enabled these 3rd party contributions will appear in the Admin menus determined by their authors)';
}else{
if ($visible->fields['admin_id']==$adminID){
echo '<div class="menuHeaderOn">'."\n";
echo "\t".'<span class="menuTitle">';
echo '<label><input name="'.$headers->fields['header'].'" type="checkbox" checked="on" value="on">';
}else{
echo '<div class="menuHeaderOff">'."\n";
echo "\t".'<span class="menuTitle">';
echo '<label><input name="'.$headers->fields['header'].'" type="checkbox" value="off">';
}
echo $headers->fields['header'].' Menu</label>';
}
echo "</span>\n";
echo "\t".'<span class="headerCheckButtons">'."\n";
echo "\t\t".'<input type="button" value="check All" onclick="checkAll(this.form,\''.$headers->fields['header'].'\',true);">'."\n";
echo "\t\t".'<input type="button" value="Uncheck All" onclick="checkAll(this.form,\''.$headers->fields['header'].'\',false);">'."\n";
echo "\t</span>\n";
echo "</div>\n\n";
// Read in list of all pages under this header from dB thsn for each page. Then for each page
// read dB to see if the user with parameter adminID is allowed access to this page. Output
// check box (ticked if page is allowed) and page name. Page name is constructed by stripping
// out the 10 characters if page is called from the modules menu and replacing underlines
// space otherwise. Add an asterisk to pages that do not appear directly in the admin menus.
echo '<div class="checkboxBlock">'."\n";
$query = "select * from ".TABLE_ADMIN_FILES." where header = '".$headers->fields['id']."'";
$pages = $db->Execute($query);
while (!$pages->EOF){
echo "\t".'<label class="permissionBox"><input name="'.$pages->fields['page'].'" class="'.$headers->fields['header'].'" type="checkbox" ';
$query = "select * from ".TABLE_ADMIN_ALLOWED." where page_id = '".$pages->fields['id']."' and admin_id = '".$adminID."'";
$allow = $db->Execute($query);
if ($allow->fields['admin_id']==$adminID) {echo 'checked="on" value="on">';}
else {echo 'value="off">';}
if (substr($pages->fields['page'],0,11)=='modul<?php
/**
* @package admin profiles
* @copyright Copyright 2003-2006 Zen Cart Development Team
* @copyright Portions Copyright 2004 Jonathan Kontuk
* @copyright Portions Copyright 2003 osCommerce
* @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
* @version $Id: admin_profiles.php - last updated 2006-05-01 by kuroi
*/
function strip_suffix($filename,$suffix){
// This function is used in preference to the php basename function as one of the
// config entries currently includes a slash which basename unfortunately interprets
// as part of a filepath and discards everything in front of it.
$slen = strlen($suffix);
if (substr($filename,-$slen,$slen) == $suffix){
$result = substr($filename,0,strlen($filename)-$slen);
}else{
$result = $filename;
}
return $result;
}
function menu_header_visible($header){
// This function tests whether the header passed as a parameter in $header is available
// to the currently logged in admin user. If so it returns 'true', otherwise 'false'
global $db;
$query = "select id from ".TABLE_ADMIN_MENU_HEADERS." where header = '".$header."'";
$included = $db->Execute($query);
if ($included->fields['id'] != ''){
$who_allow = $db->Execute("select admin_id from ".TABLE_ADMIN_VISIBLE_HEADERS." where header_id = '".$included->fields['id']."'");
while (!$who_allow->EOF){
if ($who_allow->fields['admin_id']==$_SESSION['admin_id']){return 'true';}
$who_allow->MoveNext();
}
}
return 'false';
}
function page_allowed($page, $param=''){
// This function determines whether the page passed as parameter $page should be
// displayed in the admin menu for the currently logged on user. After stripping
// any .php suffix, it looks up the page ID and if it doesn't find one, assumes
// that this is a new function (e.g. a 3rd party mod) and inserts the page into
// the admin_files table. Otherwise it checks whether the page is allowed for the
// currently logged on user. If so, it returns 'true'. If not (including for a new
// insertion) it returns 'false'.
global $db;
$page = strip_suffix($page,".php");
if ($page=='configuration') return check_page($page, $param);
$query = "select id from ".TABLE_ADMIN_FILES." where page = '".$page."'";
$included = $db->Execute($query);
if ($included->fields['id'] == ''){
$sql = "insert into ". TABLE_ADMIN_FILES." set page = '".$page."'";
$db->Execute($sql);
}else{
$who_allow = $db->Execute("select admin_id from ".TABLE_ADMIN_ALLOWED." where page_id = '".$included->fields['id']."'");
while (!$who_allow->EOF){
if ($who_allow->fields['admin_id']==$_SESSION['admin_id']){return 'true';}
$who_allow->MoveNext();
}
}
return 'false';
}
function check_page($page, $param=''){
// This function checks whether the currently logged on user has permission to access
// the page passed as parameter $page. The function returns 'true' if the user is
// allowed access to the page, and 'false' otherwise (including when the page is auto
// inserted - see below for more details).
global $db;
// Most entries (normal case) have their own pages. However, everything on the Config
// and Modules menus are handled by the single pages config.php and modules.php which
// must be broken down into subpages for display on the Admin Profiles permissions page.
// If the page name is passed with a .php suffix, it is stripped.
if ($page == 'modules'){
$page = 'modulesset='.$_GET['set'];
}elseif ($page == 'configuration'){
$cid = str_replace('gID=', '', $param) . $_GET['gID'];
$config = $db->Execute("select configuration_group_title from ".TABLE_CONFIGURATION_GROUP." where configuration_group_id = '".$cid."'");
$page = $config->fields['configuration_group_title'];
}else{
$page = strip_suffix($page,".php");
}
// Look up the the ID for the page name passed as parameter $page. If no ID is found
// assume that this is a new function (e.g. a 3rd party mod) and insert the page into
// the admin_files table. Otherwise compile a list of users allowed access to the page.
// If the currently logged in user is on the list return 'true'. If not (including for
// a new insertion) return 'false'.
$query = "select id from ".TABLE_ADMIN_FILES." where page = '".$page."'";
$included = $db->Execute($query);
if ($included->fields['id'] == ''){
$sql = "insert into ". TABLE_ADMIN_FILES." set page = '".$page."'";
$db->Execute($sql);
}else{
$query = "select admin_id from ".TABLE_ADMIN_ALLOWED." where page_id = '".$included->fields['id']."'";
$who_allow = $db->Execute($query);
while (!$who_allow->EOF){
if ($who_allow->fields['admin_id']==$_SESSION['admin_id']){return 'true';}
$who_allow->MoveNext();
}
}
return 'false';
}
function display_profiles($headers, $adminID){
// This function is used to display headers and associated pages when the Edit Permissions option is
// selected from Admin Settings. It displays the information for the headings and associated pages
// listed in the array passed to the function as the parameter $headings, and indicates which are
// currently available to the user with the ID passed as $adminID.
global $db;
while (!$headers->EOF){ // for each valid menu header
// From the list of headers in the array passed as a parameter, compile a subset of those visible
// for the user with parameter adminID. Display all header titles with checkbox, checked if header
// is visible for this user, unchecked otherwise. Except for the third party mods header which
// does not have a checkbox and instead has extra explanatory text. Display buttons allowing all
// boxes under each heading to be checked or unchecked with a single click.
$query = "select * from ".TABLE_ADMIN_VISIBLE_HEADERS." where header_id = '".$headers->fields['id']."' and admin_id = '".$adminID."'";
$visible = $db->Execute($query);
if ($headers->fields['id'] == 0){
echo '<div class="menuHeaderOff"><span class="menuTitle">';
echo $headers->fields['header'].' (when enabled these 3rd party contributions will appear in the Admin menus determined by their authors)';
}else{
if ($visible->fields['admin_id']==$adminID){
echo '<div class="menuHeaderOn">'."\n";
echo "\t".'<span class="menuTitle">';
echo '<label><input name="'.$headers->fields['header'].'" type="checkbox" checked="on" value="on">';
}else{
echo '<div class="menuHeaderOff">'."\n";
echo "\t".'<span class="menuTitle">';
echo '<label><input name="'.$headers->fields['header'].'" type="checkbox" value="off">';
}
echo $headers->fields['header'].' Menu</label>';
}
echo "</span>\n";
echo "\t".'<span class="headerCheckButtons">'."\n";
echo "\t\t".'<input type="button" value="check All" onclick="checkAll(this.form,\''.$headers->fields['header'].'\',true);">'."\n";
echo "\t\t".'<input type="button" value="Uncheck All" onclick="checkAll(this.form,\''.$headers->fields['header'].'\',false);">'."\n";
echo "\t</span>\n";
echo "</div>\n\n";
// Read in list of all pages under this header from dB thsn for each page. Then for each page
// read dB to see if the user with parameter adminID is allowed access to this page. Output
// check box (ticked if page is allowed) and page name. Page name is constructed by stripping
// out the 10 characters if page is called from the modules menu and replacing underlines
// space otherwise. Add an asterisk to pages that do not appear directly in the admin menus.
echo '<div class="checkboxBlock">'."\n";
$query = "select * from ".TABLE_ADMIN_FILES." where header = '".$headers->fields['id']."'";
$pages = $db->Execute($query);
while (!$pages->EOF){
echo "\t".'<label class="permissionBox"><input name="'.$pages->fields['page'].'" class="'.$headers->fields['header'].'" type="checkbox" ';
$query = "select * from ".TABLE_ADMIN_ALLOWED." where page_id = '".$pages->fields['id']."' and admin_id = '".$adminID."'";
$allow = $db->Execute($query);
if ($allow->fields['admin_id']==$adminID) {echo 'checked="on" value="on">';}
else {echo 'value="off">';}
if (substr($pages->fields['page'],0,11)=='modulesset=')
{echo substr($pages->fields['page'],11);}
else{echo str_replace('_', ' ', $pages->fields['page']);}
if ($pages->fields['submenu']==1)
{echo '*';}
echo "</label>\n";
$pages->MoveNext();
}
echo "</div>\n\n";
$headers->MoveNext();
}
}
?>
Any help would be most appreciated.
I think as well there was a wee ! missing on line 24 in admin/includes/overrides/int_admin_auth.php as that error also popped up but after adding this in it fixed it (as before I really don't know much about php but the rest of the code had ! in a similar place)
@peanut77
The big chunk of code that you posted was corrupted. The file is fine until line 181 and then it restarts again from the beginning. I recommend downloading a fresh copy, keeping a close look on any error logs, then FTPing the new files over the top of the ones that you have on your server (and again watching the error logs closely).
You shouldn't need to re-install the database patch, or repatch the admin file (unless you used one of the pre-patched files, in which case I would replace it with the new download as a precaution).
Hello Thank you so much for your super fast reply - I downloaded this copy this morning from the download area - where do I get a new uncorrupted version?
Thanks.
Same place. This mod hasn't changed for almost 11 months. Your copy got corrupted somewhere in your download from Zen Cart, or your upload to your server.Quote:
Originally Posted by peanut77
(I thought it hadn't changed as the date is still showing as last year on the download page) Just downloaded it again - same code corrupted.
Sorry to be a pest - but should I just remove the code from where it starts repeating?
Thanks
Sorry - I just downloaded that file from another site (should have thought of that before bothering you!) which has fixed that problem but I am now getting parse errors
Parse error: syntax error, unexpected $end in /home/kiaranv/QH684H3P/htdocs/upstream/admin/admin_control.php on line 200
Would every file have been corrupted? And I should just recreate my copy by downloading from the site where it does work?
I've just downloaded the mod from the Zen Cart site and there's no problem with the files there, so the problem is definitely in the way in which you are moving files about. Something is wrong there and trying to work out which files are getting corrupted and eliminating those corruptions will be a arduous and tedious task. Better to try to find the root of the problem and stamp it out.
How are you downloading the files? Is your server local or remote? If remote, how do you upload files? Are the files already corrupt before you try to send them to your server? How do you unzip them?