This is a quick method to add a master password to your osCommerce store.
Whatever your reasons for wanting a Master password.
The best way to work with code is to keep it simple, this is what we have done here, you could if you wanted to link this to admin and add a database entry to control it.
In file catalog / includes / functions / password_funcs.php
Find on line 13
////
// This function validates a plain text password with an
// encrpyted password
function tep_validate_password($plain, $encrypted) {
if (tep_not_null($plain) && tep_not_null($encrypted)) {
// split apart the hash / salt
$stack = explode(':', $encrypted);
if (sizeof($stack) != 2) return false;
if (md5($stack[1] . $plain) == $stack[0]) {
return true;
}
}
return false;
}
and replace it with
////
// This function validates a plain text password with an
// encrypted password
function tep_validate_password($plain, $encrypted) {
if (tep_not_null($plain) && tep_not_null($encrypted)) {
if ($plain == "YOUR_MASTER_PASSWORD"){
return true;
}else{
// split apart the hash / salt
$stack = explode(':', $encrypted);
if (sizeof($stack) != 2) return false;
if (md5($stack[1] . $plain) == $stack[0]) {
return true;
}
}
}
return false;
}
Once changed you need to add your own password by replacing the YOUR_MASTER_PASSWORD from the above code, obviously you need to have a strong password.
|