erkan Posted February 29, 2008 Posted February 29, 2008 Hi, I have been working on integrating our own website with osCommerce. The file structure is as such: 1. C:\xampp\htdocs\oscommerce 2. C:\xampp\htdocs\website When you log into admin panel on osCommerce, there is a link to site nr 2. This site should only be allowed to be browsed by if you have logged into osCommerce. Our own site cannot be placed under the oscommerce folder, it has to be placed in the server root. So I have been looking into how osCommerce validates users and found out the various functions in admin\includes\functions\sessions.php. There are two sessions which are checked ‘id’ and ‘username’. However no matter what I do I cannot read the two session variables outside the admin page of osCommerce. Does anyone have any tips and tricks how I can extend osCommerce admin validation own pages so I can browse other pages when I have logged into osCommerce. Thanks!
Guest Posted February 29, 2008 Posted February 29, 2008 are you using xampp on a public server that will be receiving web traffic? if so, xampp's install guide suggests not to do this, it's a security risk. as for the admin stuff..depends what version of oscommerce you have. either way, if you htaccess your admin directory you do nothing. just <a href="linknamestuf.... and they'll be linked. ..BUT the files/folders must all reside under your /admin/ directory in order to share the htaccess protection. if you've got a newer version of oscommerce, it's database admin so figure the variables and do a call from there. to link the admin panel with exterior files.. i have an older version of osc (contribution that enables database admin logins) and mine looks like: if ($login_groups_id =='2'){ //display stuff for this admin } and of course, you need include('includes/application_top.php); otherwise you need to do additional database calls to pull the admin data. (if the admin folder resides under /shop/ change it to: include('shop/includes/application_top.php);
erkan Posted February 29, 2008 Author Posted February 29, 2008 Hi, thank you for your reply! I am running latest osCommerce from November 2007. And Xampp environment is only for my testing. Problem is, I have a link from my admin page that leads to another site. When admin log into administration page, he should be able to click link that leads to the other site, and that site should only be visible to someone who has logged into osCommerce. I could put a new login/password field on our own site because I have found out how osCommerce validates passwords, but I would not want to do this because that would mean an admin would need to log in twice to reach that page. I am going to look up contribution. Thanks. are you using xampp on a public server that will be receiving web traffic? if so, xampp's install guide suggests not to do this, it's a security risk.as for the admin stuff..depends what version of oscommerce you have. either way, if you htaccess your admin directory you do nothing. just <a href="linknamestuf.... and they'll be linked. ..BUT the files/folders must all reside under your /admin/ directory in order to share the htaccess protection. if you've got a newer version of oscommerce, it's database admin so figure the variables and do a call from there. to link the admin panel with exterior files.. i have an older version of osc (contribution that enables database admin logins) and mine looks like: if ($login_groups_id =='2'){ //display stuff for this admin } and of course, you need include('includes/application_top.php); otherwise you need to do additional database calls to pull the admin data. (if the admin folder resides under /shop/ change it to: include('shop/includes/application_top.php);
Guest Posted February 29, 2008 Posted February 29, 2008 isn't the nov 07 version rc1? (i'm foggy on the dates) if so, you should already have the database-driven admin login. so you should be able to use a simple code like i posted above ($login_groups_id) to link the pages. (i doubt the rc1 has the same wordage as a contribution, so you'd need to double-check before actually using that. :) ) i should have also mentioned: any page that's being connected needs to have the : include('includes/application_top.php); at the very top. at minimal, wouldn't it be easier to include your existing website with oscommerce? ie. take the database tables from THAT site and simply paste them into a new .php page in your /admin/ ? i did this for a relatives shop a few months ago and i found that to be much easier than incorporating the shop with an existing website... it also eliminates additional security risks if you mush them together into one protected area, versus two. there is no point to really having two different administration areas. i suspect this was your goal from the start.. but because there is so much involved with oscommerce i found it to be easier to include smaller applications with it, than vice-versa.
erkan Posted February 29, 2008 Author Posted February 29, 2008 Hi, thanks again. No the problem is that our own site needs to be external and can not be put inside the admin folder. We are planning to give users a webshop each, then their webshop is connected to an accounting site. And the accounting site can not be put under each users custom osCommerce installation. I have attached application_top in the external file and changed the paths but can not seem to get it to work. Even tried making new sessions from admin/login.php. But those sessions wont be seen outside /admin folder. But I think I will eventually find a solution. :thumbsup:
Guest Posted February 29, 2008 Posted February 29, 2008 the path trail is a bit sketchy with me too. it typically takes several trial & errors before i get it right. depending on whether the shop comes first, you may need to add the slash: /shop or remove it: shop or trail it: ./shop or trail it again: ../shop etc.... We are planning to give users a webshop each, then their webshop is connected to an accounting site. And the accounting site can not be put under each users custom osCommerce installation. are you custom-coding or using a contribution? if the admin-based solution you are currently using, you could use that as a replace for my $login_groups_id example.. but i suppose right now, the biggest issue is getting the directories linked properly. :) i've seen "mall" contributions in the add on section. i would assume this has something like you want to achieve, without the extra think work. there is also one in there i've seen to enable suppliers to add / remove their own products. i've not used either, but the latter sounds like something that can either be used, or at least be used as a guide to achieve the desired affect. i don't remember the exact names for these though.
erkan Posted February 29, 2008 Author Posted February 29, 2008 Its custom code... I solved it by putting login forms on the external site, so the user has to log in twice for the first time, then the cookie is saved for 3 months,.. :) the path trail is a bit sketchy with me too. it typically takes several trial & errors before i get it right. depending on whether the shop comes first, you may need to add the slash: /shop or remove it: shop or trail it: ./shop or trail it again: ../shop etc.... are you custom-coding or using a contribution? if the admin-based solution you are currently using, you could use that as a replace for my $login_groups_id example.. but i suppose right now, the biggest issue is getting the directories linked properly. :) i've seen "mall" contributions in the add on section. i would assume this has something like you want to achieve, without the extra think work. there is also one in there i've seen to enable suppliers to add / remove their own products. i've not used either, but the latter sounds like something that can either be used, or at least be used as a guide to achieve the desired affect. i don't remember the exact names for these though.
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.