Guest Posted November 19, 2004 Posted November 19, 2004 I wanted to limit admin access for some of my employees to just a few areas, and the existing admin access contrib seemed a bit much for what I was looking for, so I wrote this up a couple of days ago: In catalog/admin/includes/header.php, find this: if ($messageStack->size > 0) { echo $messageStack->output(); } and add the following: if ( ($PHP_AUTH_USER!=adminuser1) && ($PHP_AUTH_USER!=adminuser2) ) { if ( ($PHP_SELF != "/admin/orders.php") && ($PHP_SELF != "/admin/customers.php") && ($PHP_SELF != "/admin/invoice.php") && ($PHP_SELF != "/admin/packing_slip.php") && ($PHP_SELF != "/admin/coupon_admin.php") && ($PHP_SELF != "/admin/gv_mail.php") && ($PHP_SELF != "/admin/gv_sent.php") && ($PHP_SELF != "/admin/edit_orders.php") && ($PHP_SELF != "/admin/gv_queue.php") ) { die("You are not authorized to view this page.\n\n"); } } The example assumes that you have 2 "full-rights" administrative users, named adminuser1 and adminuser2. Any other user that logs in (i.e. users that you've created in your webhost's control panel) will only have rights to the files listed in this code paragraph. From my example, you can see that I've installed, and granted access to the GV coupon admin pages, as well as the order editor. The other standard ones are there: orders.php, customers.php, invoice.php, and packing_slip.php. It should be cake to add / remove from this list, as the logic is fairly simple. If you're wondering where $PHP_SELF and $PHP_AUTH_USER came from, they are PHP environment variables. You can see them at http://your_server/admin/server_info.php . -jared
Guest Posted December 7, 2004 Posted December 7, 2004 Wow I like this better than the .htaccess admin authorization contrib that i'm currently installing... I can't even get the damn thing working. Can you release this as a contribution? I would definitely install it because i have certain files I'd like to hide from my clients. -George
Guest Posted December 7, 2004 Posted December 7, 2004 You got my little trick working, then? I'll go ahead and release it. -jared
Guest Posted December 8, 2004 Posted December 8, 2004 Simple Admin Access Control released at http://www.oscommerce.com/forums/index.php?act...=7&t=125058&st=. :) -jared
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.