Originally Posted by
Ajeh
You are doing a work around if you have the Customer details setup based on Customer Authorization ... so I am really not sure how to advise you on this ...
Yes, its actually a bad workaround as it only allowed access after creating account. No access again if having to re-login. So we are going to dump the modification we did.
Code:
if ($ezpage_id == 16) {
if (!$_SESSION['customer_id']) {
$_SESSION['navigation']->set_snapshot();
$messageStack->add_session('header', 'Please login to access Member\'s area', 'caution');
zen_redirect(zen_href_link(FILENAME_LOGIN, '', 'SSL'));
}
if ($_SESSION['customer_id'] != 2 && $_SESSION['customer_id'] != 7) {
$messageStack->add_session('header', 'Sorry you do not have access to Member\'s area', 'caution');
zen_redirect(zen_href_link(FILENAME_EZPAGES, 'id=17', 'NONSSL'));
A question though on using sessions? I see that "$_SESSION['customer_id']" is checking if a customer is logged in and if logged in to check their customer id. I have it modified further to include $_SESSION['customer_first_name'] and it works well. I can get customer id and first name to get checked but not others.
But I cannot get any other sessions to work to check other info such as $_SESSION['customer_last name'] or $_SESSION['customer_telephone']. I seen other posts back in 2007 to set these sessions in the login - header_php.php file by adding 2 lines. But even then it does not seem to work. Do you know what fields are allowed to be checked besides customer id and first name.
NOTE: since we don't use the zencart admin to use the data, we decided to modify the language files to show what we want on the form. So for example, we used the first name field as a "Code". We would like to use the last name field as a "Sub code". Presently we are using the first name "Code" field to automatically grant access certain ez pages. The sub code will let them access the other pages so it would be nice to have another session check so we don't have to go in this header_php file to manually update. Instead we can change access codes and such from the "extra filename" file we made.
Thanks
Bookmarks