Printable View
Thanks for this, you saved my bacon! We had the security issue on one of our most important client sites.Quote:
Originally Posted by kuroi
SO glad it's fixed. :clap:
Actually... 3rd Party Mods - they won't save any changes made to them. I click 'Save' and it stays on the page as expected, but it doesn't remember that the box is ticked.
Has that issue alread
I just realized something..
On the admin login page, access is denied to the "resend password" page. You get this message:
Sorry, your security clearance does not allow you to access this resource...
I didn't see this listed in the thread but I could have missed it. Any suggestions on how to correct?
thanks
Kuroi,
Thank you for the response! I know this was covered for the admin profiles...and I read through that. But I couldnt find anything on the user restrict addition so thank you for clarifying both for me.
Cody
Which version of Zen Cart? Which version of Admin Profiles?Quote:
Originally Posted by SirBuck
You're welcome. I think it was worth bringing the relevant comments for both together into a single post for a complete answer, even if it's not the one people are hoping for.Quote:
Originally Posted by chelgeson
:(
WoW, Thank you very much your a genius, sorry for my late reply. I downloaded the security patch again and uploaded it , walla, that was all it was that fixed my problem with not bieng able to save my admin settings which stuffed around all my other options i was trying to work with.Quote:
Originally Posted by kuroi
Thank you heaps for your time and knowledge, great work
double
bigups:
Hi,
I have installed the admin Module..
I am editing the box files as suggested in the instructions so 3rd party mods can work in the admin.
I was wondering about one file though: linkpoint_api_payment_module
Here is the box file edit I have edited so far:
<?php
/**
* @package admin
* @copyright Copyright 2003-2006 Zen Cart Development Team
* @copyright Portions Copyright 2003 osCommerce
* @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
* @version $Id: product_music_extras_dhtml.php - amendment for Admin Profiles 2006-04-17 by kuroi
*/
if (!defined('IS_ADMIN_FLAG')) {
die('Illegal Access');
}
$options = array( array('box' => BOX_CATALOG_AJAX_IMAGE_SWAPPER, 'page' => FILENAME_AJAX_IMAGE_SWAPPER),
array('box' => BOX_TOOLS_IMAGE_HANDLER, 'page' => FILENAME_IMAGE_HANDLER),
array('box' => BOX_CATALOG_PRODUCTS_WITH_ATTRIBUTES_STOCK, 'page' => FILENAME_PRODUCTS_WITH_ATTRIBUTES_STOCK),
array('box' => BOX_CUSTOMERS_SUBSCRIPTION_MANAGER, 'page' => FILENAME_SUBSCRIPTION_MANAGER),
array('box' => BOX_CUSTOMERS_LINKPOINT_REVIEW, 'page' => FILENAME_LINKPOINT_REVIEW)
);
foreach ($options as $key => $value)
if (page_allowed($value['page'])=='true') $za_contents[] = array('text' => $value['box'], 'link' => zen_href_link($value['page'], '', 'NONSSL'));
?>
My concern is with this: array('box' => BOX_CUSTOMERS_LINKPOINT_REVIEW, 'page' => FILENAME_LINKPOINT_REVIEW
In the original file there is an If statement as I don't know if this is required or not or where to add it if it is:
?>
<?php
if (defined('MODULE_PAYMENT_LINKPOINT_API_STATUS') && MODULE_PAYMENT_LINKPOINT_API_STATUS == 'True')
$za_contents[] = array('text' => BOX_CUSTOMERS_LINKPOINT_REVIEW, 'link' => zen_href_link(FILENAME_LINKPOINT_REVIEW, '', 'NONSSL'));
?>
Any help is appreciated.
After re-reading I realised these should all be in separate files not the one.
I;m still not certain how to add if statement though:
if (!defined('IS_ADMIN_FLAG')) {
die('Illegal Access');
}
$options = array( array('box' => BOX_CUSTOMERS_LINKPOINT_REVIEW, 'page' => FILENAME_LINKPOINT_REVIEW)
);
foreach ($options as $key => $value)
if (page_allowed($value['page'])=='true') $za_contents[] = array('text' => $value['box'], 'link' => zen_href_link($value['page'], '', 'NONSSL'));
?>
THIS is what original file is:
<?php
if (defined('MODULE_PAYMENT_LINKPOINT_API_STATUS') && MODULE_PAYMENT_LINKPOINT_API_STATUS == 'True')
$za_contents[] = array('text' => BOX_CUSTOMERS_LINKPOINT_REVIEW, 'link' => zen_href_link(FILENAME_LINKPOINT_REVIEW, '', 'NONSSL'));
?>
@MuzzQuote:
Originally Posted by Muzz
It looks ot me as if you are basing your new box files on the wrong file. Please re-read the step-by-step guide.
Hi Kuroi,
Thanks for getting back to me.
I ended up getting things working on the Local TEST site by creating an individual file for each 3rd party mod in extra boxes folder.
I then had tick box options available in the admin settings to allow user access to mods etc..
This one below works.. however, does it work in full.?. I'm not sure.
From the original file in extra boxes:
<?php
if (defined('MODULE_PAYMENT_LINKPOINT_API_STATUS') && MODULE_PAYMENT_LINKPOINT_API_STATUS == 'True')
$za_contents[] = array('text' => BOX_CUSTOMERS_LINKPOINT_REVIEW, 'link' => zen_href_link(FILENAME_LINKPOINT_REVIEW, '', 'NONSSL'));
?>
It states in the instructions that you add
BOX_CUSTOMERS_LINKPOINT_REVIEW
and
FILENAME_LINKPOINT_REVIEW
To bottom of page code and overrite original file etc.. Thats fine.
BUT with all my other additional boxes, IH2, AJAX image swapper etc.. There NO if statement in the original code. So the edit is simple.
My concern is that this part won't work:
if (defined('MODULE_PAYMENT_LINKPOINT_API_STATUS') && MODULE_PAYMENT_LINKPOINT_API_STATUS == 'True') <-- does this need to be included to work correctly?
Below is what I have in the file and yes I can select it in admin settings in option box to allow mod. It is that something else may not function if the if statement is not included? Is this case or am I worried about nothing?
if (!defined('IS_ADMIN_FLAG')) {
die('Illegal Access');
}
$options = array( array('box' => BOX_CUSTOMERS_LINKPOINT_REVIEW, 'page' => FILENAME_LINKPOINT_REVIEW)
);
foreach ($options as $key => $value)
if (page_allowed($value['page'])=='true') $za_contents[] = array('text' => $value['box'], 'link' => zen_href_link($value['page'], '', 'NONSSL'));
?>