Jump to content

Recommended Posts

Witam mam mały problem związany z bezpieczeństwem relacji midzy klentami w multisklepie. Chodzi o to ze mjac zdefiniowana hierarchie sklepów







Jesli klient złozy zapytanie przez forularz kontaktowy w sklepie_1 to operatorzy sklepu_2 sa w stanie przez serwis klienta do nich wejść przez te box-y SAV mimo ze teoretycznie nie ma do nich uprawnień.

Jeśli ktoś ma pomysł jak to naprawić proszę o informację lub gdzie usunąć te boxy zeby wgóle sie nie pojawiały.



Share this post

Link to post
Share on other sites

* 2007-2012 PrestaShop
* This source file is subject to the Academic Free License (AFL 3.0)
* that is bundled with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://opensource.org/licenses/afl-3.0.php
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@prestashop.com so we can send you a copy immediately.
* Do not edit or add to this file if you wish to upgrade PrestaShop to newer
* versions in the future. If you wish to customize PrestaShop for your
* needs please refer to http://www.prestashop.com for more information.
*  @author PrestaShop SA <contact@prestashop.com>
*  @copyright  2007-2012 PrestaShop SA
*  @license    http://opensource.org/licenses/afl-3.0.php  Academic Free License (AFL 3.0)
*  International Registered Trademark & Property of PrestaShop SA

{extends file="helpers/list/list_header.tpl"}

{block name="override_header"}

<div id="CustomerThreadContacts">

 {assign var=nb_categories value=count($categories)}

 {foreach $categories as $key => $val}

  {assign var=total_thread value=0}
  {assign var=id_customer_thread value=0}

  {foreach $contacts as $tmp => $tmp2}
   {if $val.id_contact == $tmp2.id_contact}

 {assign var=total_thread value=$tmp2.total}
 {assign var=id_customer_thread value=$tmp2.id_customer_thread}


  <div class="blocSAV">


 {if $nb_categories < 6}

 {if $total_thread == 0}
  <span class="message-mail">{l s='No new messages'}</span>
  <a href="{$currentIndex}&token={$token}&id_customer_thread={$id_customer_thread}&viewcustomer_thread" class="button">
   {if $total_thread > 1}{l s='new messages'}{else}{l s='new message'}{/if}

 <div id="MeaningStatus" class="blocSAV">
  <h3> {l s='Meaning of status'}</h3>
   <li><img src="../img/admin/status_green.png" alt="{l s='Open'}">{l s='Open'}</li>
   <li><img src="../img/admin/status_red.png" alt="{l s='Closed'}">{l s='Closed'}</li>
   <li><img src="../img/admin/status_orange.png" alt="{l s='Pending 1'}">{l s='Pending 1'}</li>
   <li><img src="../img/admin/status_orange.png" alt="{l s='Pending 2'}">{l s='Pending 2'}</li>

 <div id="CustomerService">
  <table ccellspacing="0" cellpadding="0" class="table">
  <th colspan="2">{l s='Customer service'} : {l s='Statistics'}</th>
 {assign var=count value=0}
 {foreach $params as $key => $val}
  {assign var=count value=$count+1}
  <tr {if $count % 2 == 0}class="alt_row"{/if}>


<p class="clear"> </p>




Wie ktoś gdzie mogę znaleźć widok dla $contacts wygląda jakby pobierało kontakty ze wszystkich sklepów i nie uwzględniało biedzącego ustawionego.

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...

Important Information

Cookies ensure the smooth running of our services. Using these, you accept the use of cookies. Learn More