Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

[contribution] Quick & Dirty Restrict Admin Access


ssnb

Recommended Posts

Quick and Dirty Restrict Admin Access

 

DOWNLOAD: http://addons.oscommerce.com/info/8050

 

We have about 6 admins that manage our site. I needed a way to prevent them from accidentally 'breaking' something on the site config etc.

How disappointed was I to find the only way to do this was to spend hours installing a complex contribution.

 

So I thought about maybe just hiding the links from specific users. Afterall, what the eye can't see....

 

So - rather than spending hours (days?) messing with your shop (and potentially breaking it!) why not use my method that I'm sharing here :-)

 

 

Basically, this is an incredibly fast, and simple way to "hide" pages / boxes from specific admins.

 

It does not prevent users from accessing pages if they already know the link - it only hides the page links (boxes) - therefore, making it harder for users to access them - since no links are on display - how do they know where to go!

 

If they know the links - they can still access the pages. Therefore, if you need a fully featured application to manage admin access - you should install something like http://www.oscommerce.com/community/contributions,1359

(good luck - you'll need it! And it'll take you a while !)

 

My solution should be all done in 5 minutes !

 

 

IMPORTANT: BACK UP YOUR DATABASE AND FILES FIRST.

DISCLAIMER: USE AT YOUR OWN RISK

 

HOW TO USE

 

It's very simple.

 

open the included file: catalog/admin/includes/column_left.php in your favourite HTML editor

Compare with your own file and add my commented lines.

You can see what's going on right?

 

Basically, query the DB to look at usernames. Then, if username = 'XYZ' show ABCDEF boxes, else only show ADF boxes

 

 

1. go to your OSC admin and write down the names of the admin usernames

2. in column_left.php file, simply add the name of the main (super) admin who has access to everything.

3. further below in this file, you will the code repeated (it's commented out). This just says, if username = 'someone_else' show them ABCDEF

4) further on, you'll find the ELSE statement that says - for all other users, display only BDF - or whatever!

 

 

 

Also attached are boxes/catalog and boxes/customers

You can easily modify each individual box to show what you want.

 

 

Hope that makes sense

 

Good luck

Sol

Edited by ssnb
Link to comment
Share on other sites

  • 1 year later...
  • 2 years later...

This contribution works also very well in 2.3.4 version.

 

You can make the described changes in admin/includes/column_left.php file, but first you have to disable the code from

 

 

if (tep_session_is_registered('admin')) {

 

to

 

 

    foreach ( $cl_box_groups as &$group ) {
      usort($group['apps'], 'tep_sort_admin_boxes_links');
    }

 

and all between.

 

Also you must disable the

 

 

}

 

 

just before the last

 

 

?>

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...