Modify

Opened 8 years ago

Last modified 8 years ago

#1254 new Erweiterung

Änderung an write_customers_status.php

Reported by: Volker Strähle Owned by: somebody
Priority: normal Milestone:
Component: Shop Version: 2.0.2.2
Keywords: Cc:
Blocked By: Blocking:

Description (last modified by Ronald Parcinski)

Ich habe die Datei includes/write_customers_status.php geändert in eine Funktion:

  // include needed function
  require_once(DIR_FS_INC.'set_customers_status_by_id.inc.php');
  
  // write customers status in session
  function write_customers_status_in_session(){
	if (isset($_SESSION['customer_id'])) {
		$customer_status_query = xtc_db_query("SELECT customers_status
												 FROM " . TABLE_CUSTOMERS . "
												WHERE customers_id = '" . (int)$_SESSION['customer_id'] . "'");

		if (xtc_db_num_rows($customer_status_query) == 1) {
		  $customer_status = xtc_db_fetch_array($customer_status_query);      

		  if ($customer_status['customers_status'] == '0' && !defined('RUN_MODE_ADMIN')) {
			set_customers_status_by_id(DEFAULT_CUSTOMERS_STATUS_ID_ADMIN);
        
			// additional 
			$_SESSION['customers_status']['customers_status_id'] = DEFAULT_CUSTOMERS_STATUS_ID_ADMIN;
			$_SESSION['customers_status']['customers_status'] = $customer_status['customers_status'];
		  } else {
			set_customers_status_by_id($customer_status['customers_status']);
        
			// additional 
			$_SESSION['customers_status']['customers_status_id'] = $customer_status['customers_status'];
			$_SESSION['customers_status']['customers_status'] = $customer_status['customers_status'];
		  }
		} else {
		  unset($_SESSION['customer_id']);
		  xtc_redirect(xtc_href_link(FILENAME_LOGOFF, '', 'SSL'));
		}
	  } else {
		set_customers_status_by_id(DEFAULT_CUSTOMERS_STATUS_ID_GUEST);
    
		// additional 
		$_SESSION['customers_status']['customers_status_id'] = DEFAULT_CUSTOMERS_STATUS_ID_GUEST;
		$_SESSION['customers_status']['customers_status'] = DEFAULT_CUSTOMERS_STATUS_ID_GUEST;
	}
}

write_customers_status_in_session();
  1. a. rufe ich diese Funktion in der Datei login.php und logoff.php vor den redirects auf.

Ich habe keine Ahnung mehr warum ich das in di 2.0.0.0 eingebaut hatte, meine aber dass es mit weiteren Erweiterungen über autoinclude zu tun hatte.

Theoretisch könnte man damit auch Erweiterungen schreiben, welche den user kurzfristig in eine andere Kundengruppe haben um eine bestimtme Aktion mit erhöhten Rechten auszuführen (z. B. Artikel anlegen) und danach wieder in die alte Gruppe zurücksetzen, ohne generell die Kundengruppe zu ändern.

Attachments (0)

Change History (3)

comment:1 by Ronald Parcinski, 8 years ago

Description: modified (diff)
Summary: Änderung an set_customers_status_by_id.inc.phpÄnderung an write_customers_status.php

comment:2 by Ronald Parcinski, 8 years ago

Milestone: modified-shop-2.0.3.0modified-shop-2.0.3.1

EDIT web28: Dateinnamen geändert

comment:3 by Torsten Riemer, 8 years ago

Milestone: modified-shop-2.0.4.0

Modify Ticket

Action
as new The owner will remain somebody.

Add Comment
E-mail address and name can be saved in the Preferences .
AttachmentsDescription
 
Note: See TracTickets for help on using tickets.