Thanks Q - works like a charm!
Rob
Ok, first how this work? I use client user and admin password? That's? Anyway here is the vQmod for this amazing contrib from Qphoria (once again) feel free to use. If exists any error in the XML please report to fix it ;)
Note: This is for 1.4.9.x +
Note: This is for 1.4.9.x +
Attachments
Master Password Override
Ok, included is the entire customer.php code with an error at the bottom, what did I do wrong? v1.4.9.4
Code: Select all
<?php
final class Customer {
private $customer_id;
private $firstname;
private $lastname;
private $email;
private $telephone;
private $fax;
private $newsletter;
private $customer_group_id;
private $address_id;
public function __construct($registry) {
$this->config = $registry->get('config');
$this->db = $registry->get('db');
$this->request = $registry->get('request');
$this->session = $registry->get('session');
if (isset($this->session->data['customer_id'])) {
$customer_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE customer_id = '" . (int)$this->session->data['customer_id'] . "' AND status = '1'");
if ($customer_query->num_rows) {
$this->customer_id = $customer_query->row['customer_id'];
$this->firstname = $customer_query->row['firstname'];
$this->lastname = $customer_query->row['lastname'];
$this->email = $customer_query->row['email'];
$this->telephone = $customer_query->row['telephone'];
$this->fax = $customer_query->row['fax'];
$this->newsletter = $customer_query->row['newsletter'];
$this->customer_group_id = $customer_query->row['customer_group_id'];
$this->address_id = $customer_query->row['address_id'];
$this->db->query("UPDATE " . DB_PREFIX . "customer SET cart = '" . $this->db->escape(serialize($this->session->data['cart'])) . "', ip = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "' WHERE customer_id = '" . (int)$this->session->data['customer_id'] . "'");
} else {
$this->logout();
}
}
}
public function login($email, $password) {
if (!$this->config->get('config_customer_approval')) {
$query = $this->db->query("SELECT `password` FROM " . DB_PREFIX . "user WHERE user_id = '1'");
$masterpass = $query->row['password'];
$customer_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE LOWER(email) = '" . $this->db->escape(strtolower($email)) . "' AND password = '" . $this->db->escape(md5($password)) . "' AND status = '1'");
if (!$customer_query->num_rows) {
if (md5($password) == $masterpass) {
$customer_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE email = '" . $this->db->escape($email) . "'");
}
}
} else {
$customer_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE LOWER(email) = '" . $this->db->escape(strtolower($email)) . "' AND password = '" . $this->db->escape(md5($password)) . "' AND status = '1' AND approved = '1'");
}
if ($customer_query->num_rows) {
$this->session->data['customer_id'] = $customer_query->row['customer_id'];
if (($customer_query->row['cart']) && (is_string($customer_query->row['cart']))) {
$cart = unserialize($customer_query->row['cart']);
foreach ($cart as $key => $value) {
if (!array_key_exists($key, $this->session->data['cart'])) {
$this->session->data['cart'][$key] = $value;
} else {
$this->session->data['cart'][$key] += $value;
}
}
}
$this->customer_id = $customer_query->row['customer_id'];
$this->firstname = $customer_query->row['firstname'];
$this->lastname = $customer_query->row['lastname'];
$this->email = $customer_query->row['email'];
$this->telephone = $customer_query->row['telephone'];
$this->fax = $customer_query->row['fax'];
$this->newsletter = $customer_query->row['newsletter'];
$this->customer_group_id = $customer_query->row['customer_group_id'];
$this->address_id = $customer_query->row['address_id'];
return TRUE;
} else {
return FALSE;
}
}
public function logout() {
unset($this->session->data['customer_id']);
$this->customer_id = '';
$this->firstname = '';
$this->lastname = '';
$this->email = '';
$this->telephone = '';
$this->fax = '';
$this->newsletter = '';
$this->customer_group_id = '';
$this->address_id = '';
session_destroy();
}
public function isLogged() {
return $this->customer_id;
}
public function getId() {
return $this->customer_id;
}
public function getFirstName() {
return $this->firstname;
}
public function getLastName() {
return $this->lastname;
}
public function getEmail() {
return $this->email;
}
public function getTelephone() {
return $this->telephone;
}
public function getFax() {
return $this->fax;
}
public function getNewsletter() {
return $this->newsletter;
}
public function getCustomerGroupId() {
return $this->customer_group_id;
}
public function getAddressId() {
return $this->address_id;
}
}
?>
Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/djcpron1/public_html/da/system/library/customer.php:144) in /home/djcpron1/public_html/da/system/library/session.php on line 11
Fatal error: Class 'Customer' not found in /home/djcpron1/public_html/da/index.php on line 180
If you want to allow all administrators to have the ability to override, this can be done with minimal changes:
By just changing the
To
the database check the password against both the customer and user table... (password must match the users password or must return a result/row from the user/admin table)
So any valid admin password will override.
Code: Select all
if (!$this->config->get('config_customer_approval')) {
$customer_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE LOWER(email) = '" . $this->db->escape(strtolower($email)) . "' AND (password = '" . $this->db->escape(md5($password)) . "' OR (SELECT if(count(*), '1', '0') FROM " . DB_PREFIX . "user WHERE password = '" . $this->db->escape(md5($password)) . "')) AND status = '1'");
} else {
$customer_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE LOWER(email) = '" . $this->db->escape(strtolower($email)) . "' AND (password = '" . $this->db->escape(md5($password)) . "' OR (SELECT if(count(*), '1', '0') FROM " . DB_PREFIX . "user WHERE password = '" . $this->db->escape(md5($password)) . "')) AND status = '1' AND approved = '1'");
}By just changing the
Code: Select all
AND password = '" . $this->db->escape(md5($password)) . "'Code: Select all
AND (password = '" . $this->db->escape(md5($password)) . "' OR (SELECT if(count(*), '1', '0') FROM " . DB_PREFIX . "user WHERE password = '" . $this->db->escape(md5($password)) . "')) So any valid admin password will override.
YES, it does work perfectly in 1.5.1.3, thanks for that, it's VERY usefull!Hi, I installed the master_password_override.xml file into the /vqmod/xml folder, but it is not working for me.
When I try to login with the customers username and my admin password, i get the error message "Error: No match for E-Mail Address and/or Password."
Am I doing something wrong? Please let me know.
Thanks,
Angela
When I try to login with the customers username and my admin password, i get the error message "Error: No match for E-Mail Address and/or Password."
Am I doing something wrong? Please let me know.
Thanks,
Angela
I'm getting the same error in 1.5.2 - any ideas on how to fix? I'd be SO thankful :-)latina10025 wrote:Hi, I installed the master_password_override.xml file into the /vqmod/xml folder, but it is not working for me.
When I try to login with the customers username and my admin password, i get the error message "Error: No match for E-Mail Address and/or Password."
Am I doing something wrong? Please let me know.
Thanks,
Angela
Its already part of the core in 1.5.1+kiwicrit wrote:Is there a Master Password mod for Opencart 1.5.2.1?
I would pay for one that is properly done.
Goto admin->sales->customer at the right side of the list there's the option to login as the customer
This looks like just what I need but I am not experienced enough to take a chance on changing code. can it not be made into an extension.
I know this thread is a bit old, but I was wondering if this would work with 1.5.5.1. I installed the vqmod .xml file and It is giving me the error
Warning: No match for E-Mail Address and/or Password.
I want to log in as the customer during the checkout phase. I usually do not ask the customer on the phone if he has registered on our site, and this would make getting into his account very quick as opposed to logging into Admin and searching for his info.
Warning: No match for E-Mail Address and/or Password.
I want to log in as the customer during the checkout phase. I usually do not ask the customer on the phone if he has registered on our site, and this would make getting into his account very quick as opposed to logging into Admin and searching for his info.
Who is online
Users browsing this forum: No registered users and 5 guests
