Al Brookbanks Posted February 16, 2004 Share Posted February 16, 2004 Name: new_names.rar Version: 1.0 Author: Joker Short Description: Add new users Long Description: You can remove, add, change user rights. Some group rights. [Download File] Link to comment Share on other sites More sharing options...
Guest Dirtdigger66 Posted February 17, 2004 Share Posted February 17, 2004 I found a few errors in the install.txt that I think you would like the (or at least MY) fixes to for the MYSQL tables.. CREATE TABLE shp_store_adm ( `id` int( 32 ) NOT NULL AUTO_INCREMENT , `name` varchar( 32 ) NOT NULL , `pass` varchar( 32 ) NOT NULL , `email` varchar( 40 ) NOT NULL , `date` varchar( 10 ) NOT NULL , `change_pass` varchar( 10 ) NOT NULL , `group_user` int( 1 ) NOT NULL default '0', `userright` int( 1 ) NOT NULL default '0', PRIMARY KEY ( `id` )) INSERT INTO `shp_store_adm` ( `id` , `user` , `pass` , `email` , `date` , `change_pass` , `group_user` , `userright` ) VALUES ( '', 'admin', 'e10adc3949ba59abbe56e057f20f883e', '', '', '', '0', '0' Has typos and errors that was likely oversights. Replace with the following; CREATE TABLE store_adm( `id` int( 32 ) NOT NULL AUTO_INCREMENT , `user` varchar( 32 ) NOT NULL , `pass` varchar( 32 ) NOT NULL , `email` varchar( 40 ) NOT NULL , `date` varchar( 10 ) NOT NULL , `change_pass` varchar( 10 ) NOT NULL , `group_user` int( 1 ) NOT NULL default '0', `userright` int( 1 ) NOT NULL default '0', PRIMARY KEY ( `id` )) INSERT INTO `store_adm` ( `id` , `user` , `pass` , `email` , `date` , `change_pass` , `group_user` , `userright` ) VALUES ( '', 'admin', 'e10adc3949ba59abbe56e057f20f883e', '', '', '', '0', '0' ); Here are the changes; CREATE TABLE shp_store_adm ( SHOULD BE CREATE TABLE store_adm( `name` varchar( 32 ) NOT NULL , SHOULD BE `user` varchar( 32 ) NOT NULL , Once I made those changes, it all seems to be working. I hope this helps someone Link to comment Share on other sites More sharing options...
Guest Joker Posted February 17, 2004 Share Posted February 17, 2004 TRICK: CHANGE PASSWORD IN FIRST LOGON If someone want that user change password in first logon, then change user_edit.php. Find lines: if (empty($group_edit)) $group_edit=$group_admin; And change with: if (empty($group_edit) && $editor == "pass") $group_edit=$group_admin; in logon page comes information in first logon: Your password is expired. CLICK HERE to change it! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ TRICK: PASSWORD EXPIRED After every 4 month will be text Your password is expired. CLICK HERE to change it! in user logon page. If you want change month period, then change user_edit line: $month=$month+4; ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ INFORMATION: MORE ABOUT GROUPS One more time about groups! A. group "0" is the highest group. Superuser with group "0" and rights "0" can put users to group 1, 2, 100, ..... B. If group admin (group with number "1", "2", "100", ... and rights Superuser (0)) add new user , then system put new user same group as group admin. Example: I belong to group "1" with rights Superuser (0). I add user Brooky to Superuser(0), then he belong to group "1" with rights Superuser (0). Brooky can delete users or renew passwords only in group "1". This group and users rights work only in "Password" section. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ TRICK: ADMIN RIGHTS TO DELETE ORDERS Now very easy use this group and user rights in other files too! Example: I don't want that Normal user can delete orders. Open orders.php a. after line: include_once ("header.inc.php"); add lines: // User rights $sql_select = mysql_query( "SELECT * FROM ".$prefix."store_adm where user='$admin'"); while ( $row = mysql_fetch_array($sql_select))    {   $group_admin = $row["group_user"];   $userright = $row["userright"];   }  // End user rights b. change line: if($del==1){ with: if($del==1 && $userright == 0){ c. after lines: if($del==1 && $userright == 0){ $del = mysql_query("delete from ".$prefix."store_order_sum where cart_order_id = '$order_id'"); $del = mysql_query("delete from ".$prefix."store_order_inv where cart_order_id = '$order_id'"); echo"<br><br><p align=\"center\">$la_ord_deleted</p><br>"; } Add: else if ($del==1 && $userright >0) echo"<br><br><p align=\"center\">You have no rights delete this order!</p><br>"; And that's all, very easy ! Brgrds, Joker Link to comment Share on other sites More sharing options...
Guest Joker Posted February 18, 2004 Share Posted February 18, 2004 TRICK: RIGHTS WITH DIFFERENT GROUPS More tricks with users and groups. If you want that many users with different groups add products, but not possible remove/see/edit other groups products... 1. Change in database "store_adm" field "group_user" to varchar(10) Example in SQL: ALTER TABLE `test_store_adm` CHANGE `group_user` `group_user` VARCHAR( 10 ) DEFAULT '0' NOT NULL; 2. Add to store_inventory field "user_group" with parameters varchar(10) Example in SQL: ALTER TABLE `test_store_inventory` ADD `user_group` VARCHAR( 10 ) NOT NULL AFTER `sale_price`; 3. Open file add_product.php after line: include_once ("header.inc.php"); add lines: //admin control/////////////////// $sql_select = mysql_query( "SELECT * FROM ".$prefix."store_adm where user='$admin'"); while ( $row = mysql_fetch_array($sql_select))    {   $group_admin = $row["group_user"];   $userright = $row["userright"];   } // end admin control In line 328 change line: $sql_insert = "insert into ".$prefix."store_inventory (product, quantity, description, image, price, title, cat_id, sale_price) values ('$product', '$quantity', '$description', '$userfile_name', '$price', '$title', '$cat_id', '$sale_price')"; with line: $sql_insert = "insert into ".$prefix."store_inventory (product, quantity, description, image, price, title, cat_id, sale_price, user_group) values ('$product', '$quantity', '$description', '$userfile_name', '$price', '$title', '$cat_id', '$sale_price', '$group_admin')"; In line 444 change line: $sql_insert = "insert into ".$prefix."store_inventory (product, quantity, description, image, price, title, cat_id, sale_price) values ('$product', '$quantity', '$description', '$userfile_name', '$price', '$title', '$cat_id', '$sale_price', '$sale_price')"; with line: $sql_insert = "insert into ".$prefix."store_inventory (product, quantity, description, image, price, title, cat_id, sale_price, user_group) values ('$product', '$quantity', '$description', '$userfile_name', '$price', '$title', '$cat_id', '$sale_price', '$sale_price', '$group_admin')"; 6. Open inventory.php After line: include_once ("header.inc.php"); add lines: //admin control/////////////////// $sql_select = mysql_query( "SELECT * FROM ".$prefix."store_adm where user='$admin'"); while ( $row = mysql_fetch_array($sql_select))    {   $group_admin = $row["group_user"];   $userright = $row["userright"];   } // end admin control Find line: $query_count = " SELECT * FROM ".$prefix."store_inventory where cat_id=$list_cat"; and replase it with: if ($group_admin==0) $sql_cat = "select * from ".$prefix."store_category where cat_id=$list_cat"; else $sql_cat = "select * from ".$prefix."store_category where cat_id=$list_cat and $user_group=$group_admin"; Find line: $query_count = " SELECT * FROM ".$prefix."store_inventory"; and replase it with: if ($group_admin==0) $query_count = " SELECT * FROM ".$prefix."store_inventory"; else $query_count = " SELECT * FROM ".$prefix."store_inventory where $user_group=$group_admin"; Find line: $query = "SELECT * FROM ".$prefix."store_inventory order by $order $direction LIMIT $limitvalue, $limit"; and replase it with: if ($group_admin==0) $query = "SELECT * FROM ".$prefix."store_inventory order by $order $direction LIMIT $limitvalue, $limit"; else $query = "SELECT * FROM ".$prefix."store_inventory where $user_group=$group_admin order by $order $direction LIMIT $limitvalue, $limit"; Find line: $sql_count = "select * from ".$prefix."store_inventory"; and change it with: if ($group_admin==0) $sql_count = "select * from ".$prefix."store_inventory"; else $sql_count = "select * from ".$prefix."store_inventory where $user_group=$group_admin"; Brgrds, Joker Link to comment Share on other sites More sharing options...
Guest Joker Posted February 19, 2004 Share Posted February 19, 2004 TRICK: RIGHTS AND EDIT NAV.PHP Backup file nav.php and try this: Change lines: var TREE_ITEMS = [ ['<?echo$la_admin_home;?>', '<?echo"$site_url/admin";?>',  ['<?echo$la_nav_products;?>', '<?echo"$site_url/admin/inventory.php";?>',   ['<?echo$la_nav_ad;?>', '<?echo"$site_url/admin/add_product.php";?>'],   ['<?echo$la_nav_edit_del;?>', '<?echo"$site_url/admin/inventory.php";?>'],   ['<?echo$la_product_options;?>', '<?echo"$site_url/admin/product_options.php";?>'],  ],  ['<?echo$la_categories_title;?>', '<?echo"$site_url/admin/categories.php";?>',   ['<?echo$la_nav_ad;?>', '<?echo"$site_url/admin/add_category.php";?>'],   ['<?echo$la_nav_edit_del;?>', '<?echo"$site_url/admin/categories.php";?>'],  ],  ['<?echo$la_customers_title;?>', '<?echo"$site_url/admin/customers.php";?>',   ['<?echo$la_nav_ad;?>', '<?echo"$site_url/admin/add_customer.php";?>'],   ['<?echo$la_nav_edit_del;?>', '<?echo"$site_url/admin/customers.php";?>'],  ],  ['<?echo$la_nav_docs;?>', '<?echo"$site_url/admin/docs.php";?>',   ['<?echo$la_nav_ad;?>', '<?echo"$site_url/admin/add_doc.php";?>'],   ['<?echo$la_nav_edit_del;?>', '<?echo"$site_url/admin/docs.php";?>'],  ],  ['<?echo$la_orders_title;?>', '<?echo"$site_url/admin/orders.php";?>',   ['<?echo$la_nav_all;?>', '<?echo"$site_url/admin/orders.php";?>'],   ['<?echo$la_nav_pen;?>', '<?echo"$site_url/admin/orders.php?type=1";?>'],   ['<?echo$la_nav_wait_ship;?>', '<?echo"$site_url/admin/orders.php?type=2";?>'],   ['<?echo$la_nav_shipped;?>', '<?echo"$site_url/admin/orders.php?type=3";?>'],   ['<?echo$la_nav_dec;?>', '<?echo"$site_url/admin/orders.php?type=4";?>'],  ],  ['<?echo$la_nav_settings;?>', '#',    ['<?echo$la_shipping_title;?>', '<?echo"$site_url/admin/shipping.php";?>'],    ['<?echo$la_nav_gateways;?>', '<?echo"$site_url/admin/gateways.php";?>'],    ['<?echo$la_nav_gen;?>', '<?echo"$site_url/admin/edit_settings.php";?>'],    ['<?echo$la_nav_style;?>', '<?echo"$site_url/admin/style.php";?>'],    ],  ['<?echo$la_nav_security;?>', '#',    ['<?echo$la_nav_ip;?>', '<?echo"$site_url/admin/ip.php";?>'],    ['<?echo$la_nav_pass;?>', '<?echo"$site_url/admin/edit_user.php?task=view";?>'],    ],  ['<?echo$la_help_sup;?>', '#',   ['<?echo$la_faqs;?>', 'http://cubecart.com/faq.php'],   ['<?echo$la_store_com;?>', 'http://forums.cubecart.com/'],  ],  ['<?echo$la_stats_title;?>', '<?echo"$site_url/admin/statistics.php";?>'],  ['<?echo$la_nav_backup;?>', '<?echo"$site_url/admin/backup.php";?>'],  ['<?echo$la_email_title;?>', '<?echo"$site_url/admin/email.php";?>'],  ['<?echo$la_nav_env;?>', '<?echo"$site_url/admin/server_environment.php";?>'],  ['<?echo$la_nav_license;?>', '<?echo"$site_url/admin/license.php";?>'],  <?  if (!session_is_registered("admin"))  {?>['<?echo$la_account_login;?>', '<?echo"$site_url/admin/login.php";?>'],<?}   if (session_is_registered("admin"))  {?>['<?echo$la_logout;?>', '<?echo"$site_url/admin/logout.php";?>'],<?}?> ], ]; with lines: <?$sql_select = mysql_query( "SELECT * FROM ".$prefix."store_adm where user='$admin'"); while ( $row = mysql_fetch_array($sql_select))    {   $group_admin = $row["group_user"];   $userright = $row["userright"];   } //System operator view  if ($group_admin == 0) {?> var TREE_ITEMS = [ ['<?echo$la_admin_home;?>', '<?echo"$site_url/admin";?>',  ['<?echo$la_nav_products;?>', '<?echo"$site_url/admin/inventory.php";?>',   ['<?echo$la_nav_ad;?>', '<?echo"$site_url/admin/add_product.php";?>'],   ['<?echo$la_nav_edit_del;?>', '<?echo"$site_url/admin/inventory.php";?>'],   ['<?echo$la_product_options;?>', '<?echo"$site_url/admin/product_options.php";?>'],  ],  ['<?echo$la_categories_title;?>', '<?echo"$site_url/admin/categories.php";?>',   ['<?echo$la_nav_ad;?>', '<?echo"$site_url/admin/add_category.php";?>'],   ['<?echo$la_nav_edit_del;?>', '<?echo"$site_url/admin/categories.php";?>'],  ],  ['<?echo$la_customers_title;?>', '<?echo"$site_url/admin/customers.php";?>',   ['<?echo$la_nav_ad;?>', '<?echo"$site_url/admin/add_customer.php";?>'],   ['<?echo$la_nav_edit_del;?>', '<?echo"$site_url/admin/customers.php";?>'],  ],  ['<?echo$la_nav_docs;?>', '<?echo"$site_url/admin/docs.php";?>',   ['<?echo$la_nav_ad;?>', '<?echo"$site_url/admin/add_doc.php";?>'],   ['<?echo$la_nav_edit_del;?>', '<?echo"$site_url/admin/docs.php";?>'],  ],  ['<?echo$la_orders_title;?>', '<?echo"$site_url/admin/orders.php";?>',   ['<?echo$la_nav_all;?>', '<?echo"$site_url/admin/orders.php";?>'],   ['<?echo$la_nav_pen;?>', '<?echo"$site_url/admin/orders.php?type=1";?>'],   ['<?echo$la_nav_wait_ship;?>', '<?echo"$site_url/admin/orders.php?type=2";?>'],   ['<?echo$la_nav_shipped;?>', '<?echo"$site_url/admin/orders.php?type=3";?>'],   ['<?echo$la_nav_dec;?>', '<?echo"$site_url/admin/orders.php?type=4";?>'],  ],  ['<?echo$la_nav_settings;?>', '#',    ['<?echo$la_shipping_title;?>', '<?echo"$site_url/admin/shipping.php";?>'],    ['<?echo$la_nav_gateways;?>', '<?echo"$site_url/admin/gateways.php";?>'],    ['<?echo$la_nav_gen;?>', '<?echo"$site_url/admin/edit_settings.php";?>'],    ['<?echo$la_nav_style;?>', '<?echo"$site_url/admin/style.php";?>'],    ],  ['<?echo$la_nav_security;?>', '#',    ['<?echo$la_nav_ip;?>', '<?echo"$site_url/admin/ip.php";?>'],    ['<?echo$la_nav_pass;?>', '<?echo"$site_url/admin/edit_user.php?task=view";?>'],    ],  ['<?echo$la_help_sup;?>', '#',   ['<?echo$la_faqs;?>', 'http://cubecart.com/faq.php'],   ['<?echo$la_store_com;?>', 'http://forums.cubecart.com/'],  ],  ['<?echo$la_stats_title;?>', '<?echo"$site_url/admin/statistics.php";?>'],  ['<?echo$la_nav_backup;?>', '<?echo"$site_url/admin/backup.php";?>'],  ['<?echo$la_email_title;?>', '<?echo"$site_url/admin/email.php";?>'],  ['<?echo$la_nav_env;?>', '<?echo"$site_url/admin/server_environment.php";?>'],  ['<?echo$la_nav_license;?>', '<?echo"$site_url/admin/license.php";?>'],  <?  if (!session_is_registered("admin"))  {?>['<?echo$la_account_login;?>', '<?echo"$site_url/admin/login.php";?>'],<?}   if (session_is_registered("admin"))  {?>['<?echo$la_logout;?>', '<?echo"$site_url/admin/logout.php";?>'],<?}?> ], ]; <?} //Group administrator view if ($group_admin > 0 && $userright == 0) {?> var TREE_ITEMS = [ ['<?echo$la_admin_home;?>', '<?echo"$site_url/admin";?>',  ['<?echo$la_nav_products;?>', '<?echo"$site_url/admin/inventory.php";?>',   ['<?echo$la_nav_ad;?>', '<?echo"$site_url/admin/add_product.php";?>'],   ['<?echo$la_nav_edit_del;?>', '<?echo"$site_url/admin/inventory.php";?>'],   ['<?echo$la_product_options;?>', '<?echo"$site_url/admin/product_options.php";?>'],  ],  ['<?echo$la_categories_title;?>', '<?echo"$site_url/admin/categories.php";?>',   ['<?echo$la_nav_ad;?>', '<?echo"$site_url/admin/add_category.php";?>'],   ['<?echo$la_nav_edit_del;?>', '<?echo"$site_url/admin/categories.php";?>'],  ],  ['<?echo$la_customers_title;?>', '<?echo"$site_url/admin/customers.php";?>',   ['<?echo$la_nav_ad;?>', '<?echo"$site_url/admin/add_customer.php";?>'],   ['<?echo$la_nav_edit_del;?>', '<?echo"$site_url/admin/customers.php";?>'],  ],  ['<?echo$la_orders_title;?>', '<?echo"$site_url/admin/orders.php";?>',   ['<?echo$la_nav_all;?>', '<?echo"$site_url/admin/orders.php";?>'],   ['<?echo$la_nav_pen;?>', '<?echo"$site_url/admin/orders.php?type=1";?>'],   ['<?echo$la_nav_wait_ship;?>', '<?echo"$site_url/admin/orders.php?type=2";?>'],   ['<?echo$la_nav_shipped;?>', '<?echo"$site_url/admin/orders.php?type=3";?>'],   ['<?echo$la_nav_dec;?>', '<?echo"$site_url/admin/orders.php?type=4";?>'],  ],  ['<?echo$la_help_sup;?>', '#',   ['<?echo$la_faqs;?>', 'http://cubecart.com/faq.php'],   ['<?echo$la_store_com;?>', 'http://forums.cubecart.com/'],  ],  ['<?echo$la_stats_title;?>', '<?echo"$site_url/admin/statistics.php";?>'],  ['<?echo$la_email_title;?>', '<?echo"$site_url/admin/email.php";?>'],  ['<?echo$la_nav_pass;?>', '<?echo"$site_url/admin/edit_user.php?task=view";?>'],  <?  if (!session_is_registered("admin"))  {?>['<?echo$la_account_login;?>', '<?echo"$site_url/admin/login.php";?>'],<?}   if (session_is_registered("admin"))  {?>['<?echo$la_logout;?>', '<?echo"$site_url/admin/logout.php";?>'],<?}?> ], ]; <? } //Group user view if ($group_admin > 0 && $userright > 0) {?> var TREE_ITEMS = [ ['<?echo$la_admin_home;?>', '<?echo"$site_url/admin";?>',  ['<?echo$la_nav_products;?>', '<?echo"$site_url/admin/inventory.php";?>',   ['<?echo$la_nav_ad;?>', '<?echo"$site_url/admin/add_product.php";?>'],   ['<?echo$la_nav_edit_del;?>', '<?echo"$site_url/admin/inventory.php";?>'],   ['<?echo$la_product_options;?>', '<?echo"$site_url/admin/product_options.php";?>'],  ],  ['<?echo$la_categories_title;?>', '<?echo"$site_url/admin/categories.php";?>',   ['<?echo$la_nav_ad;?>', '<?echo"$site_url/admin/add_category.php";?>'],   ['<?echo$la_nav_edit_del;?>', '<?echo"$site_url/admin/categories.php";?>'],  ],  ['<?echo$la_customers_title;?>', '<?echo"$site_url/admin/customers.php";?>',   ['<?echo$la_nav_ad;?>', '<?echo"$site_url/admin/add_customer.php";?>'],   ['<?echo$la_nav_edit_del;?>', '<?echo"$site_url/admin/customers.php";?>'],  ],  ['<?echo$la_orders_title;?>', '<?echo"$site_url/admin/orders.php";?>',   ['<?echo$la_nav_all;?>', '<?echo"$site_url/admin/orders.php";?>'],   ['<?echo$la_nav_pen;?>', '<?echo"$site_url/admin/orders.php?type=1";?>'],   ['<?echo$la_nav_wait_ship;?>', '<?echo"$site_url/admin/orders.php?type=2";?>'],   ['<?echo$la_nav_shipped;?>', '<?echo"$site_url/admin/orders.php?type=3";?>'],   ['<?echo$la_nav_dec;?>', '<?echo"$site_url/admin/orders.php?type=4";?>'],  ],  ['<?echo$la_nav_pass;?>', '<?echo"$site_url/admin/edit_user.php?task=view";?>'],  <?  if (!session_is_registered("admin"))  {?>['<?echo$la_account_login;?>', '<?echo"$site_url/admin/login.php";?>'],<?}   if (session_is_registered("admin"))  {?>['<?echo$la_logout;?>', '<?echo"$site_url/admin/logout.php";?>'],<?}?> ], ]; <? } ?> Everyone can add or remove links how he want . Brgrds, Joker Link to comment Share on other sites More sharing options...
Guest Joker Posted February 19, 2004 Share Posted February 19, 2004 ABOUT TRICKS If you want try all this tricks, before you must install mod: Add new users!!!!!!!!!!!! All this tricks work with cubecart 2.0 and bigger. ABOUT RIGHTS System administrator Rights example: * (0) //group * poweruser (0) //rights Group administrator //in example group 1 Rights example: * (1) //group. You can put user to others groups too (example 1, 2, 3, ...) * Superuser (0) //rights Group user //in example group 1 Rights example: * (1) //group * Normaluser (1) //rights Brgrds, Joker Link to comment Share on other sites More sharing options...
Guest Joker Posted February 20, 2004 Share Posted February 20, 2004 TRICK: GOOD MORNING DEAR USER Small trick ... 1. Backup admin/index.php 2. Open admin/index.php 3. Change line: echo"<h2>$la_index_title!</h2><blockquote>"; with this: if (date(G) > 6 && date(G) < 12) echo"<h2></br>Good morning $admin</h2><blockquote>"; else if (date(G) > 11 && date(G) < 18) echo"<h2></br>Good day $admin</h2><blockquote>"; else if (date(G) > 17 && date(G) <= 23) echo"<h2></br>Good evening $admin</h2><blockquote>"; else if (date(G) >= 0 && date(G) < 7) echo"<h2>Good night $admin, you still working!</h2><blockquote>"; So strange, but people like this ! Brgrds, Joker Link to comment Share on other sites More sharing options...
Guest Joker Posted February 20, 2004 Share Posted February 20, 2004 TRICK: MODIFY BAN/ACCESS SYSTEM Bigger trick for weekend ... a. You have many users, you want know from which IP they login to admin module? b. maybe some hacker try login to you admin module and you want to know this? c. You want block hacker IP? and this is a solution. 1. Add to your database table mysql_query ("CREATE TABLE ".$prefix."store_login (   user varchar(225) NOT NULL,   ip varchar(225) NOT NULL,   date varchar(10) NOT NULL,   time varchar(10) NOT NULL,   status tinyint(1) DEFAULT '0' NOT NULL,   id int(60) NOT NULL auto_increment,   PRIMARY KEY (id),   KEY id (id) )"); Example in SQL: CREATE TABLE test_store_login( user varchar( 225 ) NOT NULL , ip varchar( 225 ) NOT NULL , date varchar( 10 ) NOT NULL , time varchar( 10 ) NOT NULL , status tinyint( 1 ) DEFAULT '0' NOT NULL , id int( 60 ) NOT NULL AUTO_INCREMENT , PRIMARY KEY ( id ) , KEY id( id ) ) 2. Backup admin/login.php 3. Open your admin/login.php and delete all lines in this file. 4. Copy to admin/login.php next script: <?php /*************************************************************************** *  File Info: admin/login.php *  Purpose:  Admin Login *  Updated:  31/07/2003 ****************************************************************************  *  Developer: Alistar Brookbanks (Brooky.com) *  Copyright: ©2003 http://www.brooky.com * Copyright: ©2003 http://www.cubecart.com *  This program is not "free" software and restrictions apply! *  Further Info: http://www.cubecart.com/license.php *  Contact [email protected] if any conditions are not clear. * *  Licensees holding valid "CubeCart Licence Number" may edit *  the (powered by CubeCart) from browser title and "Powered by CubeCart" *  and "© Brooky.com" from the web page footer. * *  This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING *  THE WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR *  PURPOSE. This and all others in the download package can only be * redistributed with written permission from Alistair Brookbanks! * *  The "CubeCart License" is available to purchase at *  https://secure.cubecart.com/ *  For pricing please contact us via e-mail at [email protected] ***************************************************************************/ session_start(); include ("config.php"); include( "settings.inc.php"); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <HTML>   <head>    <title><?echo "$site_name - $la_adm_header";?></title>   <meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'>     <style type="text/css">  <!--   @import url(<?echo"$site_url";?>/admin/style.css);  --> </style> </head> <body> <? if ($_POST['user'] && $_POST['pass']) {  $time=date("H:i");   $user= strtolower($user);   $ip= $_SERVER["REMOTE_ADDR"];  $query = "select * from ".$prefix."store_login where ip='$ip' and status='1'";  $result = mysql_query($query);  if (mysql_num_rows($result) >0 )   $status = 1;  else $status = 0;  $user = addslashes($user);  $pass = addslashes($pass);   $passwd = md5($pass);  $query = "select * from ".$prefix."store_adm where user='$user' and pass=('$passwd')";  $result = mysql_query($query);  if (mysql_num_rows($result) >0 )  {   // if they are in the database register the user for the session   $admin = $user;   session_register("admin");   $date=date("dmY");   $res = mysql_query ("update ".$prefix."store_adm set date='$date' where user = '$user'");  }  else if (mysql_num_rows($result) == 0 && $status == 0)   {   $status = 2; } $date=date("Ymd");  $sql = mysql_query("insert into ".$prefix."store_login set user='$user', ip='$ip', date='$date', time='$time', status='$status'");   mysql_query( "$sql");   if ($status == 1)   {   echo"<div align=\"center\"><p><b>Please contact with system administrator!</br> Your IP is blocked.</b></p></div>";   exit; } } // Redirect user to request page on successful authentication  if (session_is_registered("admin"))  {   echo "<script language=\"javascript\">window.location=\"index.php\"</script>";  }  // If not display error messages  else  {   if ($user)   {    // if they've tried and failed to log in    $error = "$la_login_no<br>";   }   else   {    // they have not tried to log in yet or have logged out    $error = "$la_login_not<br>";   }   // Provide form for login echo"<br><br><br><br><form method=\"post\" action=\"login.php\">  <table align=\"center\" width=\"400\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">       <tr><td bgcolor=\"$colour_2\"> <table width=\"100%\" align=\"center\" border=\"0\" cellpadding=\"2\" cellspacing=\"1\">  <tr bgcolor=\"$colour_3\">   <td width=\"400\" colspan=\"2\" height=\"20\" background=\"../images/bevel_bg.gif\">     <b>$la_account_login:</b>   </td>   </tr>  <tr bgcolor=\"$colour_3\">   <td width=\"400\" colspan=\"2\" height=\"10\">     <b>$error</b>   </td>   </tr>   <tr bgcolor=\"$colour_3\">    <td width=\"200\" height=\"10\">$la_account_username:</td>    <td height=\"10\" width=\"200\">     <input type=\"text\" class=\"textbox\" name=\"user\">    </td>   </tr>   <tr bgcolor=\"$colour_3\">    <td width=\"200\" height=\"10\">$la_account_password:</td>    <td height=\"10\" width=\"200\">     <input type=\"password\" class=\"textbox\" name=\"pass\">    </td>   </tr>   <tr bgcolor=\"$colour_3\">    <td width=\"200\" height=\"10\"> </td>    <td height=\"10\" width=\"200\"><a href=\"forgot_pass.php\" target=\"_self\">$la_account_i_fog_pass</a></td>   </tr>   <tr bgcolor=\"$colour_3\">    <td width=\"200\" height=\"10\"> </td>    <td height=\"10\" width=\"200\">     <input type=\"submit\" class=\"submit\" value=\"$la_account_login\" name=\"submit\">    </td>   </tr>  </table> </td></tr></table> </form>";  } include_once ("footer.inc.php"); ?> 5. Generate new file ipnew.php 6. Copy next lines to ipnew.php <?php /*************************************************************************** *    admin/ipnew.php       * *            ~~~~~~~~~~~~~~~~~~~~~~~~~~~~    * *  File Info:  Lists customers info      * *  Copyright:    Copyright 2003/2004 http://www.cubecart.com    * *  Modifications by: Joker ([email protected]) *            * ***************************************************************************/ /*************************************************************************** *           * *  This program is not "free" software and restrictions apply!   * ***************************************************************************/ session_start(); // if session is not registered go to login if (!session_is_registered("admin"))  {   echo "<script language=\"javascript\">window.location=\"login.php\"</script>";  } // if session is registered continue if(session_is_registered("admin")){ include ("config.php"); include( "settings.inc.php"); include_once ("header.inc.php"); //Control user rights $sql_select = mysql_query( "SELECT * FROM ".$prefix."store_adm where user='$admin'"); while ( $row = mysql_fetch_array($sql_select))    {   $group_admin = $row["group_user"];   $userright = $row["userright"];   } // end control echo"<form action=\"ipnew.php\" method=\"post\">"; echo"<h2>Admin access log</h2>"; // Only system operator can block users if ($task == 'allow' && $group_admin == 0 && $userright == 0) { $res = mysql_query ("update ".$prefix."store_login set status='0' where ip = '$ip'"); } if ($task == 'block' && $group_admin == 0 && $userright == 0) { $my_ip= $_SERVER["REMOTE_ADDR"]; if ($my_ip !== $ip) {$res = mysql_query ("update ".$prefix."store_login set status='1' where ip = '$ip'");} else echo"</br><b>Sorry, but you use same IP what you want to block!</b>"; } if ($task == 'del' && $group_admin == 0 && $userright == 0) { mysql_query("delete from ".$prefix."store_login where status='0'"); } $sql_count = "select * from ".$prefix."store_login"; $result_count = mysql_query ($sql_count); $total = mysql_num_rows($result_count); // see if customers are in database if ($total==0){ echo "<p align=\"center\">There are currently no logged!</p>"; include ("footer.inc.php"); exit;} if (empty($ddlimit)){$ddlimit=25;} // form data to search for customers and number to view per page echo"<table width=\"95%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr align=\"left\"><td>Total lines: $total"; if ($group_admin == 0 && $userright == 0) {  echo"</br><a href=\"ipnew.php?task=del&ddlimit=$ddlimit\"><b>Delete safe IPs</b></a>"; } echo "</td>   <td align=\"right\">View <select name=\"ddlimit\" > <option value=\"5\" ";if($ddlimit==5){echo "selected";}echo">5</option> <option value=\"10\" ";if($ddlimit==10){echo "selected";}echo">10</option> <option value=\"25\" ";if($ddlimit==25){echo "selected";}echo">25</option> <option value=\"50\" ";if($ddlimit==50){echo "selected";}echo">50</option> <option value=\"100\" ";if($ddlimit==100){echo "selected";}echo">100</option> </select> results per page <input class=\"submit\" type=\"submit\" value=\"Go!\"></form></td></tr></table>"; // set limit value for number of records to be shown per page from drop down menu // query database to find total number of records to display $limit = $ddlimit; // get info $query_count = " SELECT * FROM ".$prefix."store_login where (user like '%$searchStr%')"; $result_count = mysql_query($query_count); $totalrows = mysql_num_rows($result_count); if(empty($page)) $page = 1; $limitvalue = $page * $limit - ($limit); // if no search was made, list rows and allow sorting by columns if($sort != "") {   if($sort=="ip")    {    $query = "SELECT * FROM ".$prefix."store_login order by id LIMIT $limitvalue, $limit ";    }   if($sort=="user")    {    $query = "SELECT * FROM ".$prefix."store_login order by user LIMIT $limitvalue, $limit ";    }   if($sort=="status")    {    $query = "SELECT * FROM ".$prefix."store_login order by status LIMIT $limitvalue, $limit ";    }   if($sort=="date")    {    $query = "SELECT * FROM ".$prefix."store_login order by date LIMIT $limitvalue, $limit ";    }   if($sort=="ip")    {    $query = "SELECT * FROM ".$prefix."store_login order by ip LIMIT $limitvalue, $limit ";    } } else if($search!=="yes"){ $query = "SELECT * FROM ".$prefix."store_login order by id desc LIMIT $limitvalue, $limit";} // if search was made if($search=="yes"){ $query = "SELECT * FROM ".$prefix."store_login where (user like '%$searchStr%' or ip like '%$searchStr%') order by user LIMIT $limitvalue, $limit ";} $result = mysql_query($query) or die("Error: " . mysql_error()); $count_result = mysql_num_rows($result); // check results if((mysql_num_rows($result) == 0)){ if(empty($search)){ echo("<p align=\"center\"><br>There doesn't appear to be any search results!</p><br>");} if($search){ echo"<p align=\"center\"><br>No customers match \"<b>$searchStr</b>\"!<br><br><a href=\"ipnew.php?ddlimit=$ddlimit\">Reset listings</a></p>";} include("footer.inc.php"); exit; } // search info with reset if((mysql_num_rows($result) > 0)){ if($search){ echo"<p align=\"center\"><br>Customers matching \"<b>$searchStr</b>\"<br><br><a href=\"ipnew.php?ddlimit=$ddlimit\">Reset listings</a></p>";} } // Display links at the top to indicate current page and number of pages displayed $numofpages = ceil($totalrows / $limit); $from=$limit*$page-$limit+1; $to=$from + $count_result-1; echo "<table align=\"center\" width=\"95%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">       <tr><td width=\"50%\" bgcolor=\"$bg_colour\" align=\"left\">";if($numofpages>1){echo"Showing: $from - $to</td><td width=\"50%\" bgcolor=\"$bg_colour\" align=\"right\"><b>Go to page:</b> ";} // prev link if($page != 1){ $pageprev = $page - 1; echo("<a href=\"$PHP_SELF?page=$pageprev&ddlimit=$ddlimit\"><< PREV</a> "); } // page for($i = 1; $i <= $numofpages; $i++){ if($numofpages>1){ if($i == $page) echo(" ".$i." "); else echo(" <a href=\"$PHP_SELF?page=$i&ddlimit=$ddlimit\">$i</a> "); }} // next link if(($totalrows - ($limit * $page)) > 0){ $pagenext = $page + 1; echo("<a href=\"$PHP_SELF?page=$pagenext&ddlimit=$ddlimit\">NEXT >></a>"); } echo"</tr></td></table><br>"; // build table of data echo"<table align=\"center\" width=\"95%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">       <tr><td bgcolor=\"$colour_2\"> <table cellpadding=\"2\" cellspacing=\"1\" border=\"0\" width=\"100%\" align=\"center\">   <tr bgcolor=\"$colour_1\" height=\"20\" background=\"../images/bevel_bg.gif\">   <td align=\"center\" height=\"20\" background=\"../images/bevel_bg.gif\" nowrap><b>ID</b></td>   <td align=\"center\" height=\"20\" background=\"../images/bevel_bg.gif\" nowrap><a href=\"ipnew.php?sort=user\"><b>Name</b></a></td>   <td align=\"center\" height=\"20\" background=\"../images/bevel_bg.gif\" nowrap><a href=\"ipnew.php?sort=date\"><b>Logged Time</b></a></td>   <td align=\"center\" height=\"20\" background=\"../images/bevel_bg.gif\" nowrap><a href=\"ipnew.php?sort=ip\"><b>IP</b></a></td>";   if ($group_admin == 0 && userright == 0)   echo"<td align=\"center\" height=\"20\" background=\"../images/bevel_bg.gif\" nowrap><b></b></td>";   echo"</tr>"; $bgcolour=$colour_3; $nr = 0; while($row = mysql_fetch_array($result)){   $id=$row["id"];       $user= $row["user"];   $day = substr($row["date"],6,2);    $month = substr($row["date"],4,2);    $year = substr($row["date"],0,4);   $time = $row["time"];   $ip = $row["ip"];   $ip_status = $row["status"];     ++ $nr;   // US date format   if($date_style=="0")   {   $date="$month/$day/$year";}   // EU date format   if($date_style=="1")   {   $date="$day/$month/$year";}    if ($bgcolour ==$colour_3){   $bgcolour =$colour_4;}  elseif ($bgcolour ==$colour_4){   $bgcolour =$colour_3;}     if ($ip_status == 1){ $bgcolour = "FFB3B3";}   if ($ip_status == 2){ $bgcolour = "FFFFCC";}     echo"   <tr bgcolor=\"$bgcolour\">   <td align=\"center\">$nr</td>   <td align=\"center\"><b><font color=\"#990000\">$user</font></b></td>   <td align=\"center\">$date $time</td>   <td align=\"center\">$ip</td>";  if ($group_admin == 0 && userright == 0)   echo"<td align=\"center\"><a href=\"ipnew.php?task=allow&ip=$ip&page=$page&ddlimit=$ddlimit\">Allow</a> / <a href=\"ipnew.php?task=block&ip=$ip&page=$page&ddlimit=$ddlimit\">Block</a></td>";   echo"</tr>";  if ($ip_status == 1 | $ip_status == 2){   $bgcolour = $colour_4;} } echo"</table></td></tr></table><br>"; // Display links at the bottom to indicate current page and number of pages displayed echo "<table align=\"center\" width=\"95%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">       <tr><td bgcolor=\"$bg_colour\" align=\"right\">";if($numofpages>1){echo"<b>Go to page:</b> ";} if($page != 1){ $pageprev = $page - 1; echo("<a href=\"$PHP_SELF?page=$pageprev&ddlimit=$ddlimit\"><< PREV</a> "); } $numofpages = ceil($totalrows / $limit); for($i = 1; $i <= $numofpages; $i++){ if($numofpages>1){ if($i == $page) echo(" ".$i." "); else echo(" <a href=\"$PHP_SELF?page=$i&ddlimit=$ddlimit\">$i</a> "); }} if(($totalrows - ($limit * $page)) > 0){ $pagenext = $page + 1; echo("<a href=\"$PHP_SELF?page=$pagenext&ddlimit=$ddlimit\">NEXT >></a>"); }else mysql_free_result($result); echo"<br><br></tr></td></table>"; include_once ("footer.inc.php"); }// end if session is registered ?> 7. Open nap.php and find line ip.php after line: ['<?echo$la_nav_ip;?>', '<?echo"$site_url/admin/ip.php";?>'], 8. add line: ['<?echo"IP access";?>', '<?echo"$site_url/admin/ipnew.php";?>'], you will know , when Hacker comes ! Brgrds, Joker Link to comment Share on other sites More sharing options...
Guest Joker Posted February 21, 2004 Share Posted February 21, 2004 About colors in Admin access log page (TRICK: MODIFY BAN/ACCESS SYSTEM): 1. Red color - this user is banned and he is not possible to login to admin module. 2. Yellow color - user tried to login to admin module, but inserted wrong username or password. You must control this kind of users! 3. Blue color - user logged in to admin module seccessfuly. In this page you can block only by one IP address. If you want ban more addresses, you must use Brooky access system! Brgrds, Joker Link to comment Share on other sites More sharing options...
Guest Joker Posted February 22, 2004 Share Posted February 22, 2004 SUNDAY TRICK: ADD CURRENCY CHANGE MOD IN SHOP 1. Backup admin/setting.inc.php admin/nav.php admin/nav.php admin/edit_settings.php 2. Add to database new table: mysql_query ("CREATE TABLE ".$prefix."store_currency (   currency_name varchar(20) NOT NULL,   currency_short varchar(4) NOT NULL,   currency_mark char(4) NOT NULL,   currency_rate decimal(10,4) DEFAULT '0.00' NOT NULL,   currency_status tinyint(1) DEFAULT '0' NOT NULL,   id int(60) NOT NULL auto_increment,   PRIMARY KEY (id),   KEY id (id) )"); Example in SQL: INSERT INTO `test_store_currency` ( `currency_name` , `currency_short` , `currency_mark` , `currency_rate` , `currency_status` , `id` ) VALUES ( 'US Dollar', 'USD', '$', '1', '1', '' ); 3. Find line admin/setting.inc.php: $site_currency=$row["site_currency"]; Replase with: //$site_currency=$row["site_currency"]; 4. Delete lines: if($site_currency=="usd") {$currency= "$";$currency_desc= $la_set_cur_usa; $currency_sym = "$";} if($site_currency=="aud") {$currency= "$";$currency_desc= $la_set_cur_aus; $currency_sym = "$";} if($site_currency=="cad") {$currency= "$";$currency_desc= $la_set_cur_can; $currency_sym = "$";} if($site_currency=="gbp") {$currency= "£";$currency_desc= $la_set_cur_gbp; $currency_sym = "£";} if($site_currency=="jpy") {$currency= "¥";$currency_desc= $la_set_cur_jpy; $currency_sym = "";} if($site_currency=="eur") {$currency= "€";$currency_desc= $la_set_cur_eur;$currency_sym = "€";} if($site_currency=="chf") {$currency= "CHF";$currency_desc= $la_set_cur_chf; $currency_sym = "CHF ";} if($site_currency=="sek") {$currency= "SEK";$currency_desc= $la_set_cur_swe; $currency_sym = "SEK";} if($site_currency=="dkk") {$currency= "DKK";$currency_desc= $la_set_cur_dkk; $currency_sym = "DKK";} if($site_currency=="nok") {$currency= "NOK";$currency_desc= $la_set_cur_dan; $currency_sym = "NOK";} if($site_currency=="hkd") {$currency= "$";$currency_desc= $la_set_cur_hkd; $currency_sym = "$";} if($site_currency=="nzd") {$currency= "$";$currency_desc= $la_set_cur_nzd; $currency_sym = "$";} if($site_currency=="inr") {$currency= "INR";$currency_desc= $la_set_cur_inr; $currency_sym = "INR";} if($site_currency=="twd") {$currency= "$";$currency_desc= $la_set_cur_twd; $currency_sym = "$";} if($site_currency=="sgd") {$currency= "$";$currency_desc= $la_set_cur_spd; $currency_sym = "$";} if($site_currency=="myr") {$currency= "$";$currency_desc= $la_set_cur_mld; $currency_sym = "$";} if($site_currency=="mxp") {$currency= "MXP";$currency_desc= $la_set_cur_mxp; $currency_sym = "MXP";} if($site_currency=="grd") {$currency= "$";$currency_desc= $la_set_cur_gds; $currency_sym = "GRD";} if($site_currency=="brl") {$currency= "R$";$currency_desc= "Brazilian Real (BRL)"; $currency_sym = "R$";} After line: $site_name = $site_name." $la_powered_by_cc"; Add lines: $sql_select = mysql_query( "SELECT * FROM ".$prefix."store_currency where currency_status='1'");  while ( $row = mysql_fetch_array($sql_select))     {    $site_currency = $row["currency_short"];    $currency = $row["currency_mark"];    $currency_desc = $row["currency_name"];    $currency_sym = $row["currency_mark"];     } 5. Open admin/nav.php and after line: ['<?echo$la_shipping_title;?>', '<?echo"$site_url/admin/shipping.php";?>'], add line: ['<?echo"Rates";?>', '<?echo"$site_url/admin/currency.php";?>'], 5. Create file currency.php to admin catalog 6. Add next lines to currency.php <?php /*************************************************************************** *            admin/currency.php       * *            ~~~~~~~~~~~~~~~~~~~~~~~~~~~~    * *  Copyright:    Copyright 2003/2004      * * Creator:     Joker ([email protected])      * ***************************************************************************/ /*************************************************************************** *           * *  This program is not "free" software and restrictions apply!   * *           * ***************************************************************************/ session_start(); if (!session_is_registered("admin"))  {   echo "<script language=\"javascript\">window.location=\"login.php\"</script>";  } if(session_is_registered("admin")){ include("config.php"); include( "settings.inc.php"); include( "header.inc.php"); echo "<h2>Currency</h2>"; // If user change shop currency default, then system disable old default if ($currency_status == 1 && $task=="add") {  $res = mysql_query ("update ".$prefix."store_currency set currency_status = '0' where currency_status = '1'");  $currency_rate = 1;  } // If user add new currency, then add to database if ($task=="add" && $currency_rate>0 && !empty($currency_name) && !empty($currency_short) && empty($id)) {  //Control double currency with currency_short  $query = "select * from ".$prefix."store_currency where currency_short='$currency_short'";  $result = mysql_query($query);   if (mysql_num_rows($result) >0)   {    echo"<div align=\"center\"><b>You already have this currency!</b></div></br>";  }  else if (mysql_num_rows($result) < 1)  {   $sql = mysql_query("insert into ".$prefix."store_currency set currency_name='$currency_name', currency_short='$currency_short', currency_mark='$currency_mark', currency_rate='$currency_rate', currency_status='$currency_status'") or die(mysql_error());    mysql_query( "$sql");  } } //if user change currency, then update database if ($task=="add" && $currency_rate>0 && !empty($currency_name) && !empty($currency_short) && $id) { if ($res | (!$res && $currency_status != 1))  $upd = mysql_query ("update ".$prefix."store_currency set currency_name = '$currency_name', currency_short='$currency_short', currency_mark='$currency_mark', currency_rate='$currency_rate', currency_status='$currency_status' where id = '$id'") or die(mysql_error()); } //If user want remove currency from database. If currency is shop default money, then he can't remove this from database if ($remove && $currency_status != 1) { mysql_query("delete from ".$prefix."store_currency where id='$remove'"); mysql_query("delete from ".$prefix."store_currency where id='$remove'"); $remove=""; } //currency view echo"<form method=\"post\" action=\"currency.php?task=add\"> <table align=\"center\" width=\"90%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">       <tr><td bgcolor=\"$colour_2\">   <table cellpadding=\"2\" border=\"0\" cellspacing=\"1\" width=\"100%\" align=\"center\">    <tr bgcolor=\"$colour_1\" align=\"center\" height=\"20\" background=\"../images/bevel_bg.gif\">       <td align=\"center\" height=\"20\" background=\"../images/bevel_bg.gif\" nowrap><b>Short</b></a></td>       <td align=\"center\" height=\"20\" background=\"../images/bevel_bg.gif\" nowrap><b>Currency description</b></a></td>       <td align=\"center\" height=\"20\" background=\"../images/bevel_bg.gif\" nowrap><b>Symbol</b></a></td>       <td align=\"center\" height=\"20\" background=\"../images/bevel_bg.gif\" nowrap><b>Rate</b></a></td>       <td align=\"center\" height=\"20\" background=\"../images/bevel_bg.gif\" nowrap><b>.</b></a></td>      </tr>";   //currency output from database to deskdop   $sql_select = mysql_query( "SELECT * FROM ".$prefix."store_currency order by currency_short asc");  while ( $row = mysql_fetch_array($sql_select))     {    $currency_name = $row["currency_name"];     $currency_short = $row["currency_short"];     $currency_mark = $row["currency_mark"];     $currency_rate = $row["currency_rate"];     $currency_status = $row["currency_status"];     $id = $row["id"];       if ($currency_status == 1)    echo"<tr bgcolor=\"FFFF99\">";   else echo"<tr bgcolor=\"$colour_1\">";         echo"<td height=\"20\">$currency_short</td>       <td height=\"20\">$currency_name</td>       <td height=\"20\"><div align=\"center\">$currency_mark</div></td>       <td align=\"center\" height=\"20\">$currency_rate</td>       <td align=\"center\" height=\"20\"><a href=\"currency.php?modify=$id\">Edit</a>";      if ($currency_status != 1)    echo" | <a href=\"currency.php?remove=$id\">Remove</a>";            echo"</td></tr>";          if ($id == $modify)      {      $currency_name_memory = $currency_name;      $currency_short_memory = $currency_short;    $currency_rate_memory = $currency_rate;    $currency_status_memory = $currency_status;    $currency_mark_memory = $currency_mark;    echo "<input type=hidden name=\"id\" value=\"$id\">";   }          } echo"<table></td></tr></table>";  $currency_name = $currency_name_memory; $currency_short = $currency_short_memory; $currency_rate = $currency_rate_memory; $currency_status = $currency_status_memory; $currency_mark = $currency_mark_memory; //Add, modify table to output echo"<table align=\"center\" width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">       <tr><td bgcolor=\"$colour_2\">  <table cellpadding=\"2\" border=\"0\" cellspacing=\"1\" width=\"100%\" align=\"center\">   <tr bgcolor=\"$colour_1\">    <td colspan=\"3\" height=\"20\" background=\"../images/bevel_bg.gif\"><strong>";    if ($modify)    echo"Modify currency ($currency_short)"; else echo"Add currency";    echo"</strong></td>   </tr>   <tr bgcolor=\"$colour_1\">    <td>Short:</td>    <td><input type=\"text\" class=\"textbox\" name=\"currency_short\" value=\"$currency_short\" size=\"3\"> <font size=\"1\">Example: USD</font></td>   </tr>   <tr bgcolor=\"$colour_1\">    <td>Currency description:</td>    <td><input type=\"text\" class=\"textbox\" name=\"currency_name\" value=\"$currency_name\" size=\"25\"> <font size=\"1\">Example: US Dollar</font></td>   </tr>     <tr bgcolor=\"$colour_1\">    <td>Currency symbol:</td>    <td><input type=\"text\" class=\"textbox\" name=\"currency_mark\" value=\"$currency_mark\" size=\"3\"> <font size=\"1\">Example: $</font></td>   </tr>   <tr bgcolor=\"$colour_1\">    <td>Currency rate:</td>    <td><input type=\"text\" class=\"textbox\" name=\"currency_rate\" value=\"$currency_rate\" size=\"10\"> <font size=\"1\">Example: 12.3567</font></td>   </tr>   <tr bgcolor=\"$colour_1\">    <td><div align=\"right\"><input type=\"checkbox\" name=\"currency_status\" value=\"1\"";    if ($currency_status == 1)      echo "checked";    echo"></div></td>    <td>Shop default money</td>   </tr> <tr bgcolor=\"$colour_1\">    <td> </td>    <td colspan=\"2\"><input type=\"submit\" class=\"submit\" name=\"settings\" value=\"Submit!\">    </td>   </tr>  </table></td></tr></form></table>  <table cellpadding=\"2\" border=\"0\" cellspacing=\"1\" width=\"100%\" align=\"center\">   <tr bgcolor=\"$colour_1\">    <td><b>Help:</b></br></br>       <ul>    <li><b>Shop default money</b> - mark with yellow background. Shop default money must always be 1.000.</br>    <li><b>Rate</b> - currency rate to default money.</br>    <li>If dollar is default money and euro rate in table is 0.8. </br>    It is mean that 1 dollar = 0.8 euro.</li>    <ul>            </tr>   </tr>  </table>  ";   include_once('footer.inc.php'); }//end if session is registered ?> 7. Open edit_settings.php Delete lines: <tr bgcolor=\"$colour_1\"> <td>$la_site_cur_set</td> <td><select name=\"site_currency\"> <option value=\"usd\" ";if($site_currency=="usd"){echo "selected";}echo" >$la_set_cur_usa</option> <option value=\"cad\" ";if($site_currency=="cad"){echo "selected";}echo" >$la_set_cur_can</option> <option value=\"aud\" ";if($site_currency=="aud"){echo "selected";}echo" >$la_set_cur_aus</option> <option value=\"jpy\" ";if($site_currency=="jpy"){echo "selected";}echo" >$la_set_cur_jpy</option> <option value=\"gbp\" ";if($site_currency=="gbp"){echo "selected";}echo" >$la_set_cur_gbp</option> <option value=\"eur\" ";if($site_currency=="eur"){echo "selected";}echo" >$la_set_cur_eur</option> <option value=\"chf\" ";if($site_currency=="chf"){echo "selected";}echo" >$la_set_cur_chf</option> <option value=\"sek\" ";if($site_currency=="sek"){echo "selected";}echo" >$la_set_cur_swe</option> <option value=\"dkk\" ";if($site_currency=="dkk"){echo "selected";}echo" >$la_set_cur_dkk</option> <option value=\"nok\" ";if($site_currency=="nok"){echo "selected";}echo" >$la_set_cur_dan</option> <option value=\"hkd\" ";if($site_currency=="hkd"){echo "selected";}echo" >$la_set_cur_hkd</option> <option value=\"nzd\" ";if($site_currency=="nzd"){echo "selected";}echo" >$la_set_cur_nzd</option> <option value=\"inr\" ";if($site_currency=="inr"){echo "selected";}echo" >$la_set_cur_inr</option> <option value=\"twd\" ";if($site_currency=="twd"){echo "selected";}echo" >$la_set_cur_twd</option> <option value=\"sgd\" ";if($site_currency=="sgd"){echo "selected";}echo" >$la_set_cur_spd</option> <option value=\"myr\" ";if($site_currency=="myr"){echo "selected";}echo" >$la_set_cur_mld</option> <option value=\"mxp\" ";if($site_currency=="mxp"){echo "selected";}echo" >$la_set_cur_mxp</option> <option value=\"grd\" ";if($site_currency=="grd"){echo "selected";}echo" >$la_set_cur_gds</option>"; // added after language file - sorry echo"<option value=\"brl\" ";if($site_currency=="brl"){echo "selected";}echo" >Brazilian Real</option> </select></td> <td>$la_sec_compat</td> </tr> I don't know how currency rates integrate with shop. Can someone help me?! IDEA! If user change currency from dollar to euro in first page then he can see all product prices and shopping cart in euro. System use currency rate (in database field "currency_rate") to calculate prices from dollar to euro. Brgrds, Joker Link to comment Share on other sites More sharing options...
Guest Joker Posted March 21, 2004 Share Posted March 21, 2004 Don't download it, download version: new_name_2_0_beta1.zip Brgrds, Joker Link to comment Share on other sites More sharing options...
Guest Posted June 21, 2004 Share Posted June 21, 2004 Hi, i download the new name 2.0 but i cant install it because in the intall.txt guide there are an error. in the part to change the code : ['<?echo$la_nav_ip;?>', '<?echo"$site_url/admin/ip.php";?>'], ['<?echo$la_nav_pass;?>', '<?echo"$site_url/admin/password.php";?>'], the install.txt dont come in which file .php have to make the change. Please, help me.. Thanls. Link to comment Share on other sites More sharing options...
Guest Posted June 23, 2004 Share Posted June 23, 2004 Ok ,i can install the new_names 2.0 and run very well, but i need to do the next : 1.i want to create an "orders" user 2. i need that the "orders" user , only can view in menu , the orders seccion without the rest of administration and of course can delete orderes. Can anybody help me? thanks. Link to comment Share on other sites More sharing options...
Guest Posted November 18, 2004 Share Posted November 18, 2004 I found a few errors in the install.txt that I think you would like the (or at least MY) fixes to for the MYSQL tables.. CREATE TABLE shp_store_adm ( `id` int( 32 ) NOT NULL AUTO_INCREMENT , `name` varchar( 32 ) NOT NULL , `pass` varchar( 32 ) NOT NULL , `email` varchar( 40 ) NOT NULL , `date` varchar( 10 ) NOT NULL , `change_pass` varchar( 10 ) NOT NULL , `group_user` int( 1 ) NOT NULL default '0', `userright` int( 1 ) NOT NULL default '0', PRIMARY KEY ( `id` )) INSERT INTO `shp_store_adm` ( `id` , `user` , `pass` , `email` , `date` , `change_pass` , `group_user` , `userright` ) VALUES ( '', 'admin', 'e10adc3949ba59abbe56e057f20f883e', '', '', '', '0', '0' Has typos and errors that was likely oversights. Replace with the following; CREATE TABLE store_adm( `id` int( 32 ) NOT NULL AUTO_INCREMENT , `user` varchar( 32 ) NOT NULL , `pass` varchar( 32 ) NOT NULL , `email` varchar( 40 ) NOT NULL , `date` varchar( 10 ) NOT NULL , `change_pass` varchar( 10 ) NOT NULL , `group_user` int( 1 ) NOT NULL default '0', `userright` int( 1 ) NOT NULL default '0', PRIMARY KEY ( `id` )) INSERT INTO `store_adm` ( `id` , `user` , `pass` , `email` , `date` , `change_pass` , `group_user` , `userright` ) VALUES ( '', 'admin', 'e10adc3949ba59abbe56e057f20f883e', '', '', '', '0', '0' ); Here are the changes; CREATE TABLE shp_store_adm ( SHOULD BE CREATE TABLE store_adm( `name` varchar( 32 ) NOT NULL , SHOULD BE `user` varchar( 32 ) NOT NULL , Once I made those changes, it all seems to be working. I hope this helps someone I get this error when creating the store_adm table MySQL said: MySQL said: #1064 - You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'INSERT INTO `store_adm` ( `id` , `user` , `pass` , `email Here is what i put in sql: CREATE TABLE store_adm( `id` int( 32 ) NOT NULL AUTO_INCREMENT , `user` varchar( 32 ) NOT NULL , `pass` varchar( 32 ) NOT NULL , `email` varchar( 40 ) NOT NULL , `date` varchar( 10 ) NOT NULL , `change_pass` varchar( 10 ) NOT NULL , `group_user` int( 1 ) NOT NULL default '0', `userright` int( 1 ) NOT NULL default '0', PRIMARY KEY ( `id` )) INSERT INTO `store_adm` ( `id` , `user` , `pass` , `email` , `date` , `change_pass` , `group_user` , `userright` ) VALUES ( '', 'admin', 'e10adc3949ba59abbe56e057f20f883e', '', '', '', '0', '0' ); Please help! Neil :P Link to comment Share on other sites More sharing options...
Guest Joker Posted November 18, 2004 Share Posted November 18, 2004 Don't use this version, download version: admin.rar Brgrds, Joker Link to comment Share on other sites More sharing options...
Guest Posted November 19, 2004 Share Posted November 19, 2004 Don't use this version, download version: admin.rar Brgrds, Joker Does this support restricted user access tho? I am the webmaster for a customers cart i have setup and I want to allow them restricted access for them administer orders and customers but not be able to modify cart settings etc. Neil :) Link to comment Share on other sites More sharing options...
Guest Joker Posted November 21, 2004 Share Posted November 21, 2004 It's same script but I corrected some mistakes. I don't add any features to this script, because new Cubecart shop version will be soon?! out and I don't know how much Brooky add admin features to next version. Brgrds, Joker Link to comment Share on other sites More sharing options...
Guest Posted November 21, 2004 Share Posted November 21, 2004 I dont understand this script. What is a poweruser. From what I can see it can do everything an admin does exist not allow to add new groups. I want the user to be restricted to only the 'orders' and 'stats' section. As the webmaster I maintain everything else. This script seems a bit pointless to me at the moment. All it seems to do is allow other user logins with full access and thats it. I need something which enables me to exclude user from certain areas of the cart admin. Please help! Neil :( Link to comment Share on other sites More sharing options...
Guest Posted November 26, 2004 Share Posted November 26, 2004 bump Link to comment Share on other sites More sharing options...
Guest Joker Posted November 26, 2004 Share Posted November 26, 2004 Netmotiv8, this script doesn't do this what you want I don't add any features to this script before then Brooky will come out with new Cubecart version. Brgrds, Joker Link to comment Share on other sites More sharing options...
Guest Posted December 4, 2004 Share Posted December 4, 2004 I have installed the admin.rar mod but when i try to login it gives an error message Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/www/serpent.freeserverhost.com/admin/login.php on line 67 does anyone know why it is saying this? Link to comment Share on other sites More sharing options...
Guest Joker Posted December 4, 2004 Share Posted December 4, 2004 Use my install.php scipt to add this mod: I think that you didn't add user to admin database. In admin database must always by one user! http://www.cubecart.com/site/forums/index.php?showtopic=1484 Brgrds, Joker Link to comment Share on other sites More sharing options...
Recommended Posts