Orphon Posted August 12, 2003 Share Posted August 12, 2003 How do you set https for admin? this is my admin configure.php <?php /* osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2003 osCommerce Released under the GNU General Public License */ // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://www.orphonsoul.com'); // eg, http://localhost - should not be empty for productive servers define('HTTP_CATALOG_SERVER', 'http://www.orphonsoul.com'); define('HTTPS_CATALOG_SERVER', 'https://orphonsoul.com'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module define('DIR_FS_DOCUMENT_ROOT', '/home/username/public_html/'); // where the pages are located on the server define('DIR_WS_ADMIN', '/catalog/admin/'); // absolute path required define('DIR_FS_ADMIN', '/home/username/public_html/catalog/admin/'); // absolute path required define('DIR_WS_CATALOG', '/catalog/'); // absolute path required define('DIR_FS_CATALOG', '/home/username/public_html/catalog/'); // absolute path required define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); // define our database connection define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers define('DB_SERVER_USERNAME', 'DBusername'); define('DB_SERVER_PASSWORD', 'DBpassword'); define('DB_DATABASE', 'DBname'); define('USE_PCONNECT', 'false'); // use persisstent connections? define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql' ?> Quote Angela Link to comment Share on other sites More sharing options...
Guest Posted August 12, 2003 Share Posted August 12, 2003 Change your HTTP_SERVER variable to the https URL, i.e. define('HTTP_SERVER', 'https://www.orphonsoul.com'); or whatever your HTTPS_SERVER is in catalog. If you wanted your whole site to be in SSL, you could do this in catalog as well. However, for performance reasons, it makes more sense to make just the private pages (account, checkout, etc.) be SSL, so catalog has two server variables between which it can switch. Hth, Matt Quote Link to comment Share on other sites More sharing options...
Orphon Posted August 12, 2003 Share Posted August 12, 2003 That worked thanks!!!!!! Now for another question... I changed my password and I got an auto email. The Subject was: ADMIN_EMAIL_SUBJECT And the body was: ADMIN_EMAIL_TEXT I looked in admin/includes/languages/english/admin_members.php and it looks like they are both defined. Thanks again, I love this place :) vimalm4u 1 Quote Angela Link to comment Share on other sites More sharing options...
Strider Posted August 12, 2003 Share Posted August 12, 2003 Actually the answer to the ssl question is that admin/includes/configure.php needs the line define('ENABLE_SSL', 'true'); // secure webserver for admin module I think placed in it. because in the current setup it is still not working and yet your catalog store is playing fine with the https. but then I am no code monger so I could be very wrong Quote (my knowledge is so small you would think that an ant was a genius in comparison) Link to comment Share on other sites More sharing options...
Orphon Posted August 13, 2003 Share Posted August 13, 2003 The previous answere fixed my SSL problem... But I still don't know why my email isn't defined Quote Angela Link to comment Share on other sites More sharing options...
Strider Posted August 13, 2003 Share Posted August 13, 2003 yes it did make it work .... but when you mixup your http and your https and call a straight http with https instead .. will it work? .. Quote (my knowledge is so small you would think that an ant was a genius in comparison) Link to comment Share on other sites More sharing options...
Orphon Posted August 13, 2003 Share Posted August 13, 2003 As of yet I don;t see a way to call any page that comes up broken in the catalog.... And in the admin, this makes it ALL https Quote Angela Link to comment Share on other sites More sharing options...
Guest Posted August 13, 2003 Share Posted August 13, 2003 Can I Specify the Password for my Top Adminstrator, rather then have the auto assigned password? I thought I seen an option before about changing the passwords but buggered if I can find it now.. Cheers MaxiDVD :-) Quote Link to comment Share on other sites More sharing options...
Strider Posted August 13, 2003 Share Posted August 13, 2003 I always wondered what that default password was. Quote (my knowledge is so small you would think that an ant was a genius in comparison) Link to comment Share on other sites More sharing options...
Guest Posted August 13, 2003 Share Posted August 13, 2003 Where is it? Quote Link to comment Share on other sites More sharing options...
Orphon Posted August 13, 2003 Share Posted August 13, 2003 Go to "My Account" after you log in and change the password Quote Angela Link to comment Share on other sites More sharing options...
Guest Posted August 13, 2003 Share Posted August 13, 2003 To easy, thanks Angela... Quote Link to comment Share on other sites More sharing options...
Strider Posted August 13, 2003 Share Posted August 13, 2003 so what is the default password so you can login Quote (my knowledge is so small you would think that an ant was a genius in comparison) Link to comment Share on other sites More sharing options...
papasan Posted August 13, 2003 Author Share Posted August 13, 2003 doesn't anyone actually read the readme? login: admin password: default Quote Link to comment Share on other sites More sharing options...
Strider Posted August 13, 2003 Share Posted August 13, 2003 actually I did read the read me .. and I quote from that esteemed bible " The default admin is 'admin@localhost' with the password 'admin'. Your first job may well be changing this security hole. but it didn't seem to work that's why I had to write an md5 filter to place one in there *smiles* Quote (my knowledge is so small you would think that an ant was a genius in comparison) Link to comment Share on other sites More sharing options...
jgraham Posted August 14, 2003 Share Posted August 14, 2003 I found a very small detail in admin/index.php that affects if you are not using english as main language (as I do) Where it says: (line 77 in my index.php file) 'children' => array(array('title' => 'My Account', 'link' => tep_href_link(FILENAME_ADMIN_ACCOUNT), 'access' => 'true'), array('title' => 'Logoff', 'link' => tep_href_link(FILENAME_LOGOFF), You need to change to: 'children' => array(array('title' => HEADER_TITLE_ACCOUNT, 'link' => tep_href_link(FILENAME_ADMIN_ACCOUNT), 'access' => 'true'), array('title' => HEADER_TITLE_LOGOFF, 'link' => tep_href_link(FILENAME_LOGOFF), Hope that helps... And one question... I just set this thing up and I noticed that no matter what "boxes" each user has activated, every time a user logs in, the index.php page shows all the options. Is there a way to only show the options that the user has activated (sorta like what is done in colum_left.php)? Thanks in advance! Quote Link to comment Share on other sites More sharing options...
Strider Posted August 14, 2003 Share Posted August 14, 2003 yes you have to edit the index.php file with the if statements like in the example it comes with. Quote (my knowledge is so small you would think that an ant was a genius in comparison) Link to comment Share on other sites More sharing options...
DavidR Posted August 14, 2003 Share Posted August 14, 2003 yes you have to edit the index.php file with the if statements like in the example it comes with. I haven't been able to figure out what examples you mean here. Can you explain? I have the same issue with email to the main admin coming through with "ADMIN_EMAIL_SUBJECT" in the subject and "ADMIN_EMAIL_TEXT" in the body. These seem to be defined properly in english/admin_members.php and nothing else looks wrong. Has anyone else figures this one out? I'm also having a problem not mentioned here. When a new admin user is created, the email that is sent is correct except that the password value is "-hidden-" in the body of the email. I have no clue on this one. This looks like an excellent (and necessary) contribution. I might be able to figure more out with a clear head tomorrow, but any feedback is appreciated. I am installing on an "almost" fresh copy of MS2. Thanks! David Quote Link to comment Share on other sites More sharing options...
papasan Posted August 14, 2003 Author Share Posted August 14, 2003 actually I did read the read me .. and I quote from that esteemed bible" The default admin is 'admin@localhost' with the password 'admin'. Your first job may well be changing this security hole. but it didn't seem to work that's why I had to write an md5 filter to place one in there *smiles* d'oh! <remove foot from mouth> logon: admin@localhost pass: admin definatly will change the readme... I have the same issue with email to the main admin coming through with "ADMIN_EMAIL_SUBJECT" in the subject and "ADMIN_EMAIL_TEXT" in the body. These seem to be defined properly in english/admin_members.php and nothing else looks wrong. Has anyone else figures this one out? this is caused because the definitions are too low in the file, they need to be moved up to the top. this was changed in the 2.2 release. i now get two emails sometimes, one correct and one old one, but at least the correct info is being sent. Quote Link to comment Share on other sites More sharing options...
papasan Posted August 14, 2003 Author Share Posted August 14, 2003 btw, admin@localhost / admin seems to work fine for me, i just ran the SQL from the distro and logged onto my admin section. Quote Link to comment Share on other sites More sharing options...
papasan Posted August 14, 2003 Author Share Posted August 14, 2003 I found a very small detail in admin/index.php that affects if you are not using english as main language (as I do)... thanks, i made the changes for the next distro package. Quote Link to comment Share on other sites More sharing options...
jgraham Posted August 14, 2003 Share Posted August 14, 2003 yes you have to edit the index.php file with the if statements like in the example it comes with. Hmm, what example are you talking about? I tried the if statement that comes with column_left.php on the index.php but it didnt work... could you help me a bit more on this issue? thanks! Quote Link to comment Share on other sites More sharing options...
Strider Posted August 14, 2003 Share Posted August 14, 2003 it is in the changed files/admin/index.php the first part looks like <?php /* $Id: index.php,v 1.19 2003/06/27 09:38:31 dgw_ Exp $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright © 2003 osCommerce Released under the GNU General Public License */ require('includes/application_top.php'); $cat = array(array('title' => BOX_HEADING_CONFIGURATION, //Admin begin 'access' => tep_admin_check_boxes('configuration.php'), //Admin end 'image' => 'configuration.gif', 'href' => tep_href_link(FILENAME_CONFIGURATION, 'selected_box=configuration&gID=1'), 'children' => array(array('title' => BOX_CONFIGURATION_MYSTORE, 'link' => tep_href_link(FILENAME_CONFIGURATION, 'selected_box=configuration&gID=1')), array('title' => BOX_CONFIGURATION_LOGGING, 'link' => tep_href_link(FILENAME_CONFIGURATION, 'selected_box=configuration&gID=10')), array('title' => BOX_CONFIGURATION_CACHE, 'link' => tep_href_link(FILENAME_CONFIGURATION, 'selected_box=configuration&gID=11')))), array('title' => BOX_HEADING_MODULES, //Admin begin 'access' => tep_admin_check_boxes('modules.php'), //Admin end 'image' => 'modules.gif', 'href' => tep_href_link(FILENAME_MODULES, 'selected_box=modules&set=payment'), 'children' => array(array('title' => BOX_MODULES_PAYMENT, 'link' => tep_href_link(FILENAME_MODULES, 'selected_box=modules&set=payment')), array('title' => BOX_MODULES_SHIPPING, 'link' => tep_href_link(FILENAME_MODULES, 'selected_box=modules&set=shipping')))), array('title' => BOX_HEADING_CATALOG, //Admin begin 'access' => tep_admin_check_boxes('catalog.php'), //Admin end 'image' => 'catalog.gif', 'href' => tep_href_link(FILENAME_CATEGORIES, 'selected_box=catalog'), 'children' => array(array('title' => CATALOG_CONTENTS, 'link' => tep_href_link(FILENAME_CATEGORIES, 'selected_box=catalog')), array('title' => BOX_CATALOG_MANUFACTURERS, 'link' => tep_href_link(FILENAME_MANUFACTURERS, 'selected_box=catalog')))), array('title' => BOX_HEADING_LOCATION_AND_TAXES, //Admin begin 'access' => tep_admin_check_boxes('taxes.php'), //Admin end 'image' => 'location.gif', 'href' => tep_href_link(FILENAME_COUNTRIES, 'selected_box=taxes'), 'children' => array(array('title' => BOX_TAXES_COUNTRIES, 'link' => tep_href_link(FILENAME_COUNTRIES, 'selected_box=taxes')), array('title' => BOX_TAXES_GEO_ZONES, 'link' => tep_href_link(FILENAME_GEO_ZONES, 'selected_box=taxes')))), array('title' => BOX_HEADING_CUSTOMERS, //Admin begin 'access' => tep_admin_check_boxes('customers.php'), //Admin end 'image' => 'customers.gif', 'href' => tep_href_link(FILENAME_CUSTOMERS, 'selected_box=customers'), 'children' => array(array('title' => BOX_CUSTOMERS_CUSTOMERS, 'link' => tep_href_link(FILENAME_CUSTOMERS, 'selected_box=customers')), array('title' => BOX_CUSTOMERS_ORDERS, 'link' => tep_href_link(FILENAME_ORDERS, 'selected_box=customers')))), array('title' => BOX_HEADING_LOCALIZATION, //Admin begin 'access' => tep_admin_check_boxes('localization.php'), //Admin end 'image' => 'localization.gif', 'href' => tep_href_link(FILENAME_CURRENCIES, 'selected_box=localization'), 'children' => array(array('title' => BOX_LOCALIZATION_CURRENCIES, 'link' => tep_href_link(FILENAME_CURRENCIES, 'selected_box=localization')), array('title' => BOX_LOCALIZATION_LANGUAGES, 'link' => tep_href_link(FILENAME_LANGUAGES, 'selected_box=localization')))), array('title' => BOX_HEADING_REPORTS, //Admin begin 'access' => tep_admin_check_boxes('reports.php'), //Admin end 'image' => 'reports.gif', 'href' => tep_href_link(FILENAME_STATS_PRODUCTS_PURCHASED, 'selected_box=reports'), 'children' => array(array('title' => REPORTS_PRODUCTS, 'link' => tep_href_link(FILENAME_STATS_PRODUCTS_PURCHASED, 'selected_box=reports')), array('title' => REPORTS_ORDERS, 'link' => tep_href_link(FILENAME_STATS_CUSTOMERS, 'selected_box=reports')))), //Admin begin array('title' => BOX_HEADING_MY_ACCOUNT, 'access' => 'true', 'image' => 'my_account.gif', 'href' => tep_href_link(FILENAME_ADMIN_ACCOUNT), 'children' => array(array('title' => 'My Account', 'link' => tep_href_link(FILENAME_ADMIN_ACCOUNT), 'access' => 'true'), array('title' => 'logoff', 'link' => tep_href_link(FILENAME_LOGOFF), 'access' => 'true'))), array('title' => BOX_HEADING_ADMINISTRATOR, 'access' => tep_admin_check_boxes('administrator.php'), 'image' => 'administrator.gif', 'href' => tep_href_link(tep_selected_file('administrator.php'), 'selected_box=administrator'), 'children' => array(array('title' => BOX_ADMINISTRATOR_MEMBER, 'link' => tep_href_link(FILENAME_ADMIN_MEMBERS, 'selected_box=administrator'), 'access' => tep_admin_check_boxes(FILENAME_ADMIN_MEMBERS, 'sub_boxes')), array('title' => BOX_ADMINISTRATOR_BOXES, 'link' => tep_href_link(FILENAME_ADMIN_FILES, 'selected_box=administrator'), 'access' => tep_admin_check_boxes(FILENAME_ADMIN_FILES, 'sub_boxes')))), //Admin end array('title' => BOX_HEADING_TOOLS, //Admin begin 'access' => tep_admin_check_boxes('tools.php'), //Admin end 'image' => 'tools.gif', 'href' => tep_href_link(FILENAME_BACKUP, 'selected_box=tools'), 'children' => array(array('title' => TOOLS_BACKUP, 'link' => tep_href_link(FILENAME_BACKUP, 'selected_box=tools')), array('title' => TOOLS_BANNERS, 'link' => tep_href_link(FILENAME_BANNER_MANAGER, 'selected_box=tools')), array('title' => TOOLS_FILES, 'link' => tep_href_link(FILENAME_FILE_MANAGER, 'selected_box=tools'))))); $languages = tep_get_languages(); $languages_array = array(); $languages_selected = DEFAULT_LANGUAGE; for ($i = 0, $n = sizeof($languages); $i < $n; $i++) { $languages_array[] = array('id' => $languages[$i]['code'], 'text' => $languages[$i]['name']); if ($languages[$i]['directory'] == $language) { $languages_selected = $languages[$i]['code']; } } ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> ************ and the second change is on about line 178 and quoting from line 175 looks like while ($orders_status = tep_db_fetch_array($orders_status_query)) { $orders_pending_query = tep_db_query("select count(*) as count from " . TABLE_ORDERS . " where orders_status = '" . $orders_status['orders_status_id'] . "'"); $orders_pending = tep_db_fetch_array($orders_pending_query); //Admin begin // $orders_contents .= '<a href="' . tep_href_link(FILENAME_ORDERS, 'selected_box=customers&status=' . $orders_status['orders_status_id']) . '">' . $orders_status['orders_status_name'] . '</a>: ' . $orders_pending['count'] . '<br>'; if (tep_admin_check_boxes(FILENAME_ORDERS, 'sub_boxes') == true) { $orders_contents .= '<a href="' . tep_href_link(FILENAME_ORDERS, 'selected_box=customers&status=' . $orders_status['orders_status_id']) . '">' . $orders_status['orders_status_name'] . '</a>: ' . $orders_pending['count'] . '<br>'; } else { $orders_contents .= '' . $orders_status['orders_status_name'] . ': ' . $orders_pending['count'] . '<br>'; } //Admin end } $orders_contents = substr($orders_contents, 0, -4); $heading = array(); $contents = array(); ************* that's it in a nut shell Quote (my knowledge is so small you would think that an ant was a genius in comparison) Link to comment Share on other sites More sharing options...
jgraham Posted August 14, 2003 Share Posted August 14, 2003 strider thanks for the reply, but I checked my index.php file... it does look exactly like yours, but it doesnt matter which user logs in, it always shows all the menus and options, I mean, it does not hide the options that the user should not see. So when the user tries to access an option that he does not have permissions to, then a page is diplayed saying that he cant access that! Am I missing something in order to hide those options that the user is not suppose to see/access? (My english is not too good, so I dont know if Im explaining myself) Quote Link to comment Share on other sites More sharing options...
Orphon Posted August 14, 2003 Share Posted August 14, 2003 I'm also having a problem not mentioned here. When a new admin user is created, the email that is sent is correct except that the password value is "-hidden-" in the body of the email. I have no clue on this one. I think that might be on purpose... A lot of emails you get when you sign up for things don't print the password... that is a good thing. I hate it when I get a password sent to me in plian text... Quote Angela Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.