In Magento, when trying to generate a link from the front end to edit a customer, the link I generate is always redirecting me back to the dashboard of the admin area even though it looks correct.
I've tried it on multiple versions of Magento (and on both community and Enterprise), with the same result.
$adminUrl = Mage::helper('adminhtml')->getUrl('adminhtml/customer/edit/index',array('id'=>7));
$adminUrl2 = Mage::helper("adminhtml")->getUrl("adminhtml/customer/edit/id/".'7'."/");
This produces a url such as: /admin/customer/edit/id/7/key/f126e6cd7af2eb8cd068ff80fb512d4a/
Which appears to be right, but when it's clicked it sends me back to the dashboard of the admin area.
However, the following code works and does not redirect me to the dashboard:
$adminUrl = Mage::helper('adminhtml')->getUrl('adminhtml/catalog_product/edit', array('id' => 157990));
If I manually copy the url minus the key, and replace the key with a key that was generated by navigating through the admin area (i.e. by copying a working key from the navigation bar in my browser), it works - so I'm thinking it must be related to that somehow.
When you generate an admin URL from the frontend, Magento uses the form key from the frontend session. Then, when you click that link, Magento regenerates the admin URL key to compare against the key in the link, only this time, it uses the adminhtml form key. Since the form keys don't match, the hashed URL key doesn't match, and your link will not work. Magento's behavior at this point is to kick you back to the admin dashboard (or to the admin login page).
Any controller that inherits from Mage_Adminhtml_Controller_Action can allow certain actions to not require a admin URL key by adding them to the $_publicActions array.
For example, add into Mage_Adminhtml_CustomerController
public $_publicActions = array('edit');
Related
I have a subdomain say dev.domain.com that points to document root public_html/dev.
Worked fine, but for good reasons I renamed the folder dev to devm19, also modified the subdomain to point to public_html/devm19.
Problem is I can't login to the admin - The form for UN and PW is there, credentials are correct, but the form key in URL bar keeps refreshing, you just can't get inside to admin.
Any idea?
See the result of the below SQL
select * from core_config_data where path like '%web/cookie/cookie_domain%';
If it gives you "dev.domain.com" in the value field, then either make it blank or give "devm19.domain.com" as value.
Then flush the cache, open the admin panel in private window and you will be able to login.
I was able to solve the issue by modifying app/etc/local.xml.
Added/replaced records for:
<session_save><![CDATA[files]]></session_save>
<session_save_path><![CDATA[/tmp/session]]></session_save_path>
I tried to change the admin url of magento. As per the basic settings, it was located on www.domain.com/admin
I tried to change that and now I can't even access the login page. When I enter the new word that I replaced with "admin", I am taken to a login page which just appears like a basic html page with a box for username and password, and when I login I'm taken to the homepage of the website.
I also noticed that the word has started to appear twice in the url of backend such as if the correct address is to be:
www.domain.com/index.php/newadminword/system_config/index/key/0ddf3e37ef9a494c10afe626dee8efc7/
but when I login by that basic html page, the url becomes:
www.domain.com/newadminword/index.php/newadminword/system_config/index/key/0ddf3e37ef9a494c10afe626dee8efc7/
I removed the first 'newadminword' from the url and then I'm being led to the magento admin area, but here as well, the page is again basic html. The following link is a pic of how my magento dashboard looks now.
http://i.stack.imgur.com/2Qnva.jpg
Can anybody help me with this? I'm not so good at programming so please try to keep the instructions as simple as possible. Thanks.
My current Magento website is requesting a store (via lightbox) when the user first arrives on the home page. The user will continue navigating the website and content will appear properly without any issues.
The problem is when they arrive on a sub-page of the website and the store has not been set previously by the user. This also impacts SEO.
Question: How do I set the default store, without affecting the lightbox that is appearing on the home page.
From the comments traded back and forth, it sounds like your default store isn't set properly. If you aren't using any index.php hacks to do with store view setting, you should be able to follow the following steps to resolve this:
Magento: Setting the default homepage / store when you have multiple stores
I'm building a component for the backend. I don't want the users who will access it to access ANYTHING else in the backend except for this component.
I tried following these two instructions:
http://www.aclmanager.net/blog/general/31-how-to-add-basic-acl-support-to-your-extension
http://docs.joomla.org/Developing_a_Model-View-Controller_%28MVC%29_Component_for_Joomla!1.6_-_Part_14#Describing_the_ACL
I made a new User Group with a parent of public and allow admin login (which would lock them out of everything) and then tried adding the ACL code from those links above with permissions to create and edit but I just get a blank screen (not even a logout link). The "Debug Permissions Report" showed the correct permissions but nothing's showing up.
Any ideas? My next step is to manually go through every component and not allow access to that new User Group but it seems like there's an easier way.
Thanks!
In Joomla! 2.5 we regularly create "Content" only backend users that have access only to the 'com_content' component.
Going back through our steps the only thing you haven't specified is adding the new user group to a View Access Level. If you're using the standard sample content installed when setting up a Joomla! website you can add your new user group to the "Special" view access (although any will do).
If a new group has 'admin login' privileges it can login but without a View Access level it can't see anything.. it's a subtle difference but it's the way Joomla! works.
We are trying to setup a simple BTB site to support our retailers (somewhere they can download product text/images and corporate branding). We are using Joomla 1.5.2 and Virtuemart 1.1.9
We want it to be completely secure (unregistered viewers - and competition - just see simple intro page, and login with option to register). Not any content at all.
And we also also want to use VM registration for registering new users.
I set up the secure access for categories/products using Joomla menu items pointed to virtuemart categories, and set the menu item access to "registered". Worked perfect, user not logged in, don't see anything but splash page. Logged in, all of the product categories were available via the menu items.
But we just realized this messes up user registration. We want to use Virtuemarts user reg so we don't have to gather all of that data (address info, etc.) and come back and enter by hand.
Apparantly, with the virtuemart menu items set to "registered" access, the user gets redirected to joomla's registration page(which doesn't gather the data we need into Virtuemart). I've pasted a valid VM registration url everywhere I could find in the backend login files (com_user and mod_user), but no luck (didn't think that would work, im a beginner).
Anyone know if there is a workaround? Or a better way to do this?
Thank you.
I can you tell with absolute certainty that you'll need to make a minor adjustment in the VM code if you want to do this. The hurdle is that VM uses the same menu Item ID as it's default throughout the script, so even if you create a different menu item for the registration, it's always going to fall back to the first one that you had.
The only way around this is a small hack in the VM function that always forces this to happen. Put the below code at the very beginning of function getShopItemid() located in ps_session.php somewhere around line 459. Leave all the existing code in place, but this needs to run before that does.
/*Hack For multiple VM menu itemids, if there is a page specified, find THAT Itemid */
global $page;
if($_REQUEST['Itemid']) {
$_REQUEST['shopItemid'] = $_REQUEST['Itemid'];
} elseif($page) {
$db_hack = new ps_DB;
$q = "SELECT id FROM #__menu WHERE link='index.php?option=com_virtuemart' AND published=1 AND params like '%page=".$page."%'";
$db_hack->query( $q );
if( $db_hack->next_record() ) {
$_REQUEST['shopItemid'] = $db_hack->f("id");
}
}
Once this is in place, you'll need to have a Joomla menu item that includes at least this:
option=com_virtuemart&page=shop.registration
With that menu item in the database, the above code will find the menu item for that page, and use that one instead of the default VM method. The Joomla security will trigger as you expect because it has the correct menu item.