User Access to Tiny File Manager

ricklincs · Unread post by **ricklincs** » Wed Jun 21, 2023 10:09 pm

I have changed the config.php for Tiny File Manager so it opens to the /Temp directory with:

$root_path = $_SERVER['DOCUMENT_ROOT'].'/NU/temp';

That works great. I have 2 users that are members of an Access Level called Global and the rest of users under Access Level Group called Others. Is it possible to give access to Access Level Global to the file Tiny File Manager and not the rest of the users without making them Admins?

Thanks

Unread post by **kev1n** » Sat Jun 24, 2023 9:32 am

Untested, modify line 31 in config.php:

tfm.png

Replace 49... with the id of the Access Level that should have access to TFM.

ricklincs · Unread post by **ricklincs** » Mon Jun 26, 2023 8:27 am

Thanks Kev1n will give that a try.

ricklincs · Unread post by **ricklincs** » Mon Jun 26, 2023 12:01 pm

Hi Kevin, have amended config.php line 31 to:

if ($json['session']['global_access'] != 1 || $json['session']['zzzzsys_access_id'] !== '624c33c72b6047b') {
nuAuthFailed();

and it comes up with:

Sorry. Invalid session id

Thanks for your time.

Unread post by **kev1n** » Tue Jun 27, 2023 8:30 am

You probably also need to modify nuvendorlogin.php

ricklincs · Unread post by **ricklincs** » Tue Jun 27, 2023 12:04 pm

Thanks Kev1n, I take it it is line 28 of nuvendorlogin.php;

if ( $_user == $_SESSION['nubuilder_session_data']['GLOBEADMIN_NAME'] && $_extra_check == '1' ) {

Is GLOBEADMIN_NAME pulled from zzzzsys_session??

Unread post by **kev1n** » Thu Jun 29, 2023 1:20 pm

ricklincs wrote: ↑Tue Jun 27, 2023 12:04 pm
Is GLOBEADMIN_NAME pulled from zzzzsys_session??

You can run this query to check that

Code: Select all

SELECT * FROM `zzzzsys_session` WHERE `sss_access` like '%GLOBEADMIN_NAME%';

ricklincs · Unread post by **ricklincs** » Wed Jul 05, 2023 12:54 pm

Hi Kev1n, still struggling with nuvendorlogin.php I have altered :

if ( $_user == $_SESSION['nubuilder_session_data']['GLOBEADMIN_NAME'] && $_extra_check == '1' ) {

to

if ( $_user == $_SESSION['nubuilder_session_data']['GLOBEADMIN_NAME'] || $_SESSION[''zzzzsys_access_id'] ['624c33c72b6047b'] && $_extra_check == '1' ) {

Unread post by **kev1n** » Thu Jul 06, 2023 8:34 am

Untested:

Code: Select all

if ( $result == 1 ) {

	$recordObj		= db_fetch_object($obj);
	$logon_info		= json_decode($recordObj->sss_access);
	$_user			= $logon_info->session->zzzzsys_user_id;
	$_access_id 	= $logon_info->session->zzzzsys_access_id;
	$_extra_check	= $logon_info->session->global_access;

	if (( $_user == $_SESSION['nubuilder_session_data']['GLOBEADMIN_NAME'] && $_extra_check == '1') || $_access_id == '624c33c72b6047b') {
		$page	= nuVendorGood($appId, $table);
	} else {
		$page	= nuVendorBad($appId);
	}

} else {
		$page   = nuVendorBad($appId);
}

ricklincs · Unread post by **ricklincs** » Fri Jul 07, 2023 12:08 pm

Kev1n, Thanks for your time on this.

I have amended the nuvendorlogin.php to:

nuvendorlogin.jpg

and the tinyfilemanager config.php to:

config.php.png

I now get "Sorry. Invalid session id" for both the Admin and users with Access.

If I alter the nuvenodlogin.php back Admin can run and see TinyFileManager ok. Presume I have messed up the nuvendorlogin.php line 29 somewhere, but I can't see where.
Thanks

nuBuilder Forum

User Access to Tiny File Manager

User Access to Tiny File Manager

Re: User Access to Tiny File Manager

Re: User Access to Tiny File Manager

Re: User Access to Tiny File Manager

Re: User Access to Tiny File Manager

Re: User Access to Tiny File Manager

Re: User Access to Tiny File Manager

Re: User Access to Tiny File Manager

Re: User Access to Tiny File Manager

Re: User Access to Tiny File Manager