Check external session before store loads

[DrByte]

It may depend on what you want to happen if you find the "check" returning a response that says the person isn't logged in.
What do you want ZC to do in that case?

[urgentprog]

It may depend on what you want to happen if you find the "check" returning a response that says the person isn't logged in.
What do you want ZC to do in that case?

I would just like to do a header('Location: /');

[DrByte]

In that case simply put your custom detection code in /includes/extra_configures/check_kohana.php as there's no need for the complexity of observers.

[urgentprog]

In that case simply put your custom detection code in /includes/extra_configures/check_kohana.php as there's no need for the complexity of observers.

Thanks. There are two issues:

Wouldn't accessing kohana from zencart using require, curl, fopen or file_get_contents start a different session, as the user logs in with the browser and the script uses the server?

Also is there an issue if authorize.net calls a form_action_url from a cronjob and the kohana session does not exists?

[DrByte]

There are lots more questions beyond those, that still need consideration. This whole issue is way larger than those few small things, and there's far too little detail about what you're ultimately trying to do here for me to give any answers suitable for use on a live site.

[urgentprog]

There are lots more questions beyond those, that still need consideration. This whole issue is way larger than those few small things, and there's far too little detail about what you're ultimately trying to do here for me to give any answers suitable for use on a live site.

I want to limit zencart access to only users currently logged into kohana. I am using zencart 1.3.9 and php 5.2.10.

Could you please tell me what are the larger issues you see?

[urgentprog]

There are lots more questions beyond those, that still need consideration. This whole issue is way larger than those few small things, and there's far too little detail about what you're ultimately trying to do here for me to give any answers suitable for use on a live site.

Could you please suggest resources on what else would need access to zen cart which could be blocked?

[DrByte]

What exactly are you trying to accomplish here? Why are you talking about cron jobs and authorize.net and curl and fopen and file_get_contents from outside Zen Cart?
When you start talking about triggering payment systems from code running outside the store's code base, you raise zillions of security flags, and so on.

Without having a solid understanding of what you're wanting to end up with, more specifically the bigger picture of the business issues you're trying to solve here and the detailed list of end-results you're targeting, I've very reluctant to send you off with technical information that could result in you creating security problems on your site.

And, is this *your* site? Or merely some site you've been contracted to do some custom work for?