Results 1 to 3 of 3
  1. #1
    Join Date
    Jan 2007
    Posts
    1,484
    Plugin Contributions
    10

    Default tweaking encrypted master password and cowoa

    Been banging my head on this one for a while, I hope someone can show me how to get this to work.

    Here's the scenario: We use COWOA and Encrypted Master Password(EMP). It works great but there is one instance that I am trying to change. That is when we take a phone order for an existing customer that has checked out in the past using COWOA (or we have done a phone order with them before, whenever we take a phone order for a new customer we always run it through COWOA to avoid them getting the welcome email and then us having to email them the password when they are really just trying to make a purchase and don't want to deal with the website for whatever reason). It is much faster to simply log in to their "account" using EMP than to enter all of their details again through COWOA.

    I think that this could be useful for many people that take phone orders, it's such a time saver. I want to get this figured out so I can update one or the other modules and upload to the free downloads section or at least put a tutorial in their support threads for how to do this.

    Here's the code from includes/modules/pages/login/header.php that I have been working with:
    PHP Code:
    // Check if email exists
      
    $check_customer_query "SELECT customers_id, customers_firstname, customers_password,
                                        customers_email_address, customers_default_address_id,
                                        customers_authorization, customers_referral
                               FROM " 
    TABLE_CUSTOMERS "
                               WHERE customers_email_address = :email
                               AND COWOA_account != 1"
    ;

      
    $check_customer_query  =$db->bindVars($check_customer_query':email'$email_address'string');
      
    $check_customer $db->Execute($check_customer_query);

      if (!
    $check_customer->RecordCount()) {
        
    $error true;
      } else {  
          
    // *** start Encrypted Master Password by stagebrace ***
        
    $get_admin_query "SELECT admin_id, admin_pass
                            FROM " 
    TABLE_ADMIN "
                            WHERE admin_id = '2' "
    ;
        
    $check_administrator $db->Execute($get_admin_query);
        
    $customer = (zen_validate_password($password$check_customer->fields['customers_password']));
        
    $administrator = (zen_validate_password($password$check_administrator->fields['admin_pass']));
        if (
    $customer) {
          
    $ProceedToLogin true;
        } else {
          if (
    $administrator) {
            
    $ProceedToLogin true;
          } else {
            
    $ProceedToLogin false;
          }
        }
        if (!(
    $ProceedToLogin)) {
        
    // *** end Encrypted Master Password by stagebrace ***
          
    $error true;
        } else {
          if (
    SESSION_RECREATE == 'True') { 
    Since in the sql query it has a WHERE clause to check if COWOA_account !=1 then in this instance
    PHP Code:
    if (!$check_customer->RecordCount()) {
        
    $error true;
      } 
    will always be true and I can never "log in" to their account. If I remove the AND COWOA_account !=1 from the sql statement it works like I want. But then people who have gone through COWOA and then decide to create an account later can't log into their account since the COWOA record comes first.

    I have tried all sorts of ways around this but can't get it to work. Of course, I am a mediocre code hacker and not a true coder so I figure I am missing something that is probably pretty obvious.

    I'd really appreciate some help!

    Zen Cart and it's community are the best!!

  2. #2
    Join Date
    Jan 2007
    Posts
    1,484
    Plugin Contributions
    10

    Default Re: tweaking encrypted master password and cowoa

    OK, I got this to work. Amazing what a good night's sleep and a bit of perspective will do!

    For anyone else wanting to do this, in includes/modules/pages/login/header.php change the code from:
    PHP Code:
    // Check if email exists
      
    $check_customer_query "SELECT customers_id, customers_firstname, customers_password,
                                        customers_email_address, customers_default_address_id,
                                        customers_authorization, customers_referral
                               FROM " 
    TABLE_CUSTOMERS "
                               WHERE customers_email_address = :email
                               AND COWOA_account != 1"
    ;

      
    $check_customer_query  =$db->bindVars($check_customer_query':email'$email_address'string');
      
    $check_customer $db->Execute($check_customer_query);

      if (!
    $check_customer->RecordCount()) {
        
    $error true;
      } else { 
    to:
    PHP Code:
        $get_admin_query "SELECT admin_id, admin_pass
                            FROM " 
    TABLE_ADMIN "
                            WHERE admin_id = '2' "
    ;
        
    $check_administrator $db->Execute($get_admin_query);
        
    $administrator = (zen_validate_password($password$check_administrator->fields['admin_pass']));
        if (
    $administrator) {
            
    $check_customer_query "SELECT customers_id, customers_firstname, customers_password,
                                        customers_email_address, customers_default_address_id,
                                        customers_authorization, customers_referral
                               FROM " 
    TABLE_CUSTOMERS "
                               WHERE customers_email_address = :email"
    ;

      
    $check_customer_query  =$db->bindVars($check_customer_query':email'$email_address'string');
      
    $check_customer $db->Execute($check_customer_query);

                        } else {

      
    // Check if email exists
      
    $check_customer_query "SELECT customers_id, customers_firstname, customers_password,
                                        customers_email_address, customers_default_address_id,
                                        customers_authorization, customers_referral
                               FROM " 
    TABLE_CUSTOMERS "
                               WHERE customers_email_address = :email
                               AND COWOA_account != 1"
    ;

      
    $check_customer_query  =$db->bindVars($check_customer_query':email'$email_address'string');
      
    $check_customer $db->Execute($check_customer_query);
                        }

      if (!
    $check_customer->RecordCount()) {
        
    $error true;
      } else { 
    By putting in the conditional to check if it's the admin's password we can specify whether to include COWOA accounts or not when checking if customer's email exists. If it's not the admin's password then it goes to the else part of the conditional and the sql statement for checking the customer's email address will include the filter to exclude COWOA accounts by adding AND COWOA_account !=1.

    NOTE: I am using admin ID 2, since that is the admin that has this clearance on my site. You might use admin ID 1 if you only have one admin. Use whatever the admin ID is in the regular Encrypted Master Password section further down the page.
    Last edited by lankeeyankee; 29 Jan 2012 at 05:26 PM.

    Zen Cart and it's community are the best!!

  3. #3
    Join Date
    Sep 2011
    Posts
    18
    Plugin Contributions
    0

    Default Re: tweaking encrypted master password and cowoa

    I know this thread's not exactly new, but I'm bumping it for a fix well done. Dropped in your code where it belonged and it worked on the first time, even on a more heavily modified file. Thanks for going through the frustration for me. :)

 

 

Similar Threads

  1. Encrypted Master Password support
    By stagebrace in forum Addon Admin Tools
    Replies: 209
    Last Post: 11 May 2023, 07:40 PM
  2. Master Password Encrypted mod support
    By Woodymon in forum All Other Contributions/Addons
    Replies: 62
    Last Post: 16 May 2011, 02:48 AM
  3. encrypted master password stopped working
    By stagebrace in forum All Other Contributions/Addons
    Replies: 3
    Last Post: 23 Jan 2010, 06:48 AM
  4. Master Password vs Encrypted Master Password
    By srturner47 in forum All Other Contributions/Addons
    Replies: 3
    Last Post: 24 Apr 2008, 04:05 PM
  5. Encrypted master password probs
    By icklebits in forum All Other Contributions/Addons
    Replies: 0
    Last Post: 5 Jun 2007, 06:00 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR