Opened 8 years ago

Last modified 8 years ago

#1254 new Erweiterung

Änderung an set_customers_status_by_id.inc.php — at Initial Version

Reported by: Volker Strähle Owned by: somebody
Priority: normal Milestone:
Component: Shop Version: 2.0.2.2
Keywords: Cc:
Blocked By: Blocking:

Description

Ich habe die Datei DIR_FS_INC.'set_customers_status_by_id.inc.php' geändert in eine Funktion:

  // include needed function
  require_once(DIR_FS_INC.'set_customers_status_by_id.inc.php');
  
  // write customers status in session
  function write_customers_status_in_session(){
	if (isset($_SESSION['customer_id'])) {
		$customer_status_query = xtc_db_query("SELECT customers_status
												 FROM " . TABLE_CUSTOMERS . "
												WHERE customers_id = '" . (int)$_SESSION['customer_id'] . "'");

		if (xtc_db_num_rows($customer_status_query) == 1) {
		  $customer_status = xtc_db_fetch_array($customer_status_query);      

		  if ($customer_status['customers_status'] == '0' && !defined('RUN_MODE_ADMIN')) {
			set_customers_status_by_id(DEFAULT_CUSTOMERS_STATUS_ID_ADMIN);
        
			// additional 
			$_SESSION['customers_status']['customers_status_id'] = DEFAULT_CUSTOMERS_STATUS_ID_ADMIN;
			$_SESSION['customers_status']['customers_status'] = $customer_status['customers_status'];
		  } else {
			set_customers_status_by_id($customer_status['customers_status']);
        
			// additional 
			$_SESSION['customers_status']['customers_status_id'] = $customer_status['customers_status'];
			$_SESSION['customers_status']['customers_status'] = $customer_status['customers_status'];
		  }
		} else {
		  unset($_SESSION['customer_id']);
		  xtc_redirect(xtc_href_link(FILENAME_LOGOFF, '', 'SSL'));
		}
	  } else {
		set_customers_status_by_id(DEFAULT_CUSTOMERS_STATUS_ID_GUEST);
    
		// additional 
		$_SESSION['customers_status']['customers_status_id'] = DEFAULT_CUSTOMERS_STATUS_ID_GUEST;
		$_SESSION['customers_status']['customers_status'] = DEFAULT_CUSTOMERS_STATUS_ID_GUEST;
	}
}

write_customers_status_in_session();
  1. a. rufe ich diese Funktion in der Datei login.php und logoff.php vor den redirects auf.

Ich habe keine Ahnung mehr warum ich das in di 2.0.0.0 eingebaut hatte, meine aber dass es mit weiteren Erweiterungen über autoinclude zu tun hatte.

Theoretisch könnte man damit auch Erweiterungen schreiben, welche den user kurzfristig in eine andere Kundengruppe haben um eine bestimtme Aktion mit erhöhten Rechten auszuführen (z. B. Artikel anlegen) und danach wieder in die alte Gruppe zurücksetzen, ohne generell die Kundengruppe zu ändern.

Change History (0)

Note: See TracTickets for help on using tickets.