X-Cart forums

[bullfrog]

When we log in to the admin page at the beginning of a month, it takes about 10 seconds for the page to load. By the end of the month, it takes a couple of minutes, and it's rather annoying. I assume this is due to the load time of the month's statistics. We have advanced statistics turned off, but there are still statistics on the main admin page.

Does anyone know how to make the admin login go directly to the "admin/orders.php" page, instead of to the main admin/home.php page? That's the page we're wanting to view.

We really don't use the statistics on the main admin page, so another option would be to disable them. Does anyone know how to do that?

[Jon]

Try this.

Open include/login.php

FIND:

Code:

else {
    func_header_location($redirect_to."/home.php");
}

Replace with:

Code:

else {
    $sendto = $redirect_to;
    if ($sendto == "admin") { $sendto = $sendto . "/orders.php"; }
    else { $sendto = $sendto . "/home.php"; }
    func_header_location($sendto);
}

[bullfrog]

Thanks for the reply. I replaced the section of code in include/login.php as you suggested, but when I login to the admin area it still defaults to the home.php statistics page (not orders.php) after login.

Any ideas? We are running version 4.0.5. Would that make any difference?

[Jon]

It might be the version difference, I was referencing 4.0.13, or it may be redirecting somewhere else which would take some debugging to see where the redirect is occuring. If you post your login.php maybe I can help.

Alternatively, if you don't want to use your home.php any longer, you could open up your admin/home.php and at the top after <? put:

Code:

header("Location: orders.php"); exit;

This will just redirect to orders.php anytime home.php is loaded, and you can just remove the code to use home.php in the future.

[bullfrog]

Here's a copy of the current login.php file. I located the code segment you sent, just above the "login incorrect" section.

Code:

<?php
/*****************************************************************************\
+-----------------------------------------------------------------------------+
| X-Cart                                                                      |
| Copyright (c) 2001-2004 Ruslan R. Fazliev <rrf@rrf.ru>                      |
| All rights reserved.                                                        |
+-----------------------------------------------------------------------------+
| PLEASE READ  THE FULL TEXT OF SOFTWARE LICENSE AGREEMENT IN THE "COPYRIGHT" |
| FILE PROVIDED WITH THIS DISTRIBUTION. THE AGREEMENT TEXT IS ALSO AVAILABLE  |
| AT THE FOLLOWING URL: http://www.x-cart.com/license.php                     |
|                                                                             |
| THIS  AGREEMENT  EXPRESSES  THE  TERMS  AND CONDITIONS ON WHICH YOU MAY USE |
| THIS SOFTWARE   PROGRAM   AND  ASSOCIATED  DOCUMENTATION   THAT  RUSLAN  R. |
| FAZLIEV (hereinafter  referred to as "THE AUTHOR") IS FURNISHING  OR MAKING |
| AVAILABLE TO YOU WITH  THIS  AGREEMENT  (COLLECTIVELY,  THE  "SOFTWARE").   |
| PLEASE   REVIEW   THE  TERMS  AND   CONDITIONS  OF  THIS  LICENSE AGREEMENT |
| CAREFULLY   BEFORE   INSTALLING   OR  USING  THE  SOFTWARE.  BY INSTALLING, |
| COPYING   OR   OTHERWISE   USING   THE   SOFTWARE,  YOU  AND  YOUR  COMPANY |
| (COLLECTIVELY,  "YOU")  ARE  ACCEPTING  AND AGREEING  TO  THE TERMS OF THIS |
| LICENSE   AGREEMENT.   IF  YOU    ARE  NOT  WILLING   TO  BE  BOUND BY THIS |
| AGREEMENT, DO  NOT INSTALL OR USE THE SOFTWARE.  VARIOUS   COPYRIGHTS   AND |
| OTHER   INTELLECTUAL   PROPERTY   RIGHTS    PROTECT   THE   SOFTWARE.  THIS |
| AGREEMENT IS A LICENSE AGREEMENT THAT GIVES  YOU  LIMITED  RIGHTS   TO  USE |
| THE  SOFTWARE   AND  NOT  AN  AGREEMENT  FOR SALE OR FOR  TRANSFER OF TITLE.|
| THE AUTHOR RETAINS ALL RIGHTS NOT EXPRESSLY GRANTED BY THIS AGREEMENT.      |
|                                                                             |
| The Initial Developer of the Original Code is Ruslan R. Fazliev             |
| Portions created by Ruslan R. Fazliev are Copyright (C) 2001-2004           |
| Ruslan R. Fazliev. All Rights Reserved.                                     |
+-----------------------------------------------------------------------------+
\*****************************************************************************/

#
# $Id: login.php,v 1.86.2.5 2004/09/20 10:08:12 max Exp $
#

@include "../top.inc.php";

if (!defined('XCART_START')) die("ERROR: Can not initiate application! Please check configuration.");

require $xcart_dir."/config.php";

x_session_register("login");
x_session_register("login_type");
x_session_register("logged");
x_session_register("previous_login_date");

x_session_register("login_attempt");
x_session_register("cart");
x_session_register("intershipper_recalc");
x_session_register("extended_userinfo");

x_session_register("merchant_password");

$merchant_password = "";

$login_error = false;

switch ($redirect) {
	case "admin":
		$redirect_to = DIR_ADMIN;
		break;
	case "provider":
		$redirect_to = DIR_PROVIDER;
		break;
	case "partner":
		$redirect_to = DIR_PARTNER;
		break;
	case "customer":
	default:
		$redirect_to = DIR_CUSTOMER;
}

$redirect_to = $current_location.$redirect_to;

if ($REQUEST_METHOD == "POST") {
	$intershipper_recalc = "Y";
	if ($mode == "login") {

		$username = $HTTP_POST_VARS["username"];
		$password = $HTTP_POST_VARS["password"];


		$user_data = func_query_first("SELECT * FROM $sql_tbl[customers] WHERE login='$username' AND usertype='$usertype' AND status='Y'");

		$allow_login = true;
		
		if ($usertype == 'A' || ($usertype == "P" && $active_modules["Simple_Mode"])) {
			$iplist = array_unique(split('[ ,]+', $admin_allowed_ip));
			$iplist = array_flip($iplist);
			unset($iplist[""]);
			$iplist = array_flip($iplist);
			if (count($iplist) > 0)
				$allow_login = in_array($REMOTE_ADDR, $iplist);
		}

		if (!empty($user_data) && $password == text_decrypt($user_data["password"]) && !empty($password) && $allow_login) {
#
# Success login
#
			x_session_register("login_change");
			if ($user_data["change_password"] == "Y") {
				$login_change["login"] = $user_data["login"];
				$login_change["login_type"] = $usertype;
				func_header_location($redirect_to."/change_password.php");
			}
			x_session_unregister("login_change");

			$login = $user_data["login"];  //$username;
			$login_type = $usertype;
			$logged = "";
			if ($usertype == "C") {
				x_session_register("login_redirect");
				$login_redirect = 1;
			}

#
# 1) generate $last_login by current timestamp and update database
# 2) insert entry into login history 
#
			$tm = time();
		
			$previous_login_date = func_query_first_cell("SELECT last_login FROM $sql_tbl[customers] WHERE login='$login'");
			if ($previous_login_date == 0)
				$previous_login_date = $tm;
		
			db_query("UPDATE $sql_tbl[customers] SET last_login='$tm' WHERE login='$login'");
			db_query("REPLACE INTO $sql_tbl[login_history] (login, date_time, usertype, action, status, ip) VALUES ('$username','$tm','$usertype','login','success','$REMOTE_ADDR')");

#
# Merchant password
#
			if (($usertype == 'A' || ($usertype == "P" && $active_modules["Simple_Mode"])) && $mpassword) {
				if ($config['mpassword'] == md5($mpassword)) {
					$merchant_password = $mpassword;
				}
				else {
					$merchant_password = "";
					$wrong_merchant_password = true;
				}
			}
			unset($mpassword);

#
# Set cookie with username if Greet visitor module enabled 
#

			if (!empty($active_modules["Greet_Visitor"]))
				include $xcart_dir."/modules/Greet_Visitor/set_cookie.php";


#
# If shopping cart is not empty then user is redirected to cart.php
# Default password alert
#
			if ($login_type == "A" || $login_type == "P") {
				$to_url = (!empty($active_modules["Simple_Mode"]) || $login_type == "A" ? $xcart_catalogs["admin"] : $xcart_catalogs["provider"])."/home.php";
				$current_area = $login_type;
				include $xcart_dir."/include/get_language.php";
			}
			
			$default_accounts = func_check_default_passwords($login);

			if (!empty($default_accounts)) {
				$current_area = $login_type;
				$txt_message = strip_tags(func_get_langvar_by_name("txt_your_password_warning_js"));
				$txt_continue = strip_tags(func_get_langvar_by_name("lbl_continue"));
				$javascript_message =<<<JS
<SCRIPT language='JavaScript'>
	alert('$txt_message');
	self.location='$to_url';
</SCRIPT>
$txt_message



$txt_continue
JS;
			}
			elseif ($usertype == "A" || !empty($active_modules["Simple_Mode"])) {
				$default_accounts = func_check_default_passwords();
				if (!empty($default_accounts)) {
					$txt_message = strip_tags(func_get_langvar_by_name("txt_default_passwords_warning_js", array("accounts"=>implode(", ", $default_accounts))));
					$txt_continue = strip_tags(func_get_langvar_by_name("lbl_continue"));
					$javascript_message =<<<JS
<SCRIPT language='JavaScript'>
	alert('$txt_message');
	self.location='$to_url';
</SCRIPT>
$txt_message



$txt_continue
JS;
				}
			}

			if ($login_type == "C" && $user_data["cart"] && func_is_cart_empty($cart))
				$cart = unserialize($user_data["cart"]);
			
			if ($login_type == "C" || $login_type == "B") {
				if (!func_is_cart_empty($cart)) {
					if(strpos($HTTP_REFERER, "mode=auth") === false) {
						func_header_location($redirect_to."/cart.php");
					} else {
						func_header_location($redirect_to."/cart.php?mode=checkout");
					}
				} elseif (!empty($HTTP_REFERER)) {
					if((strncasecmp($HTTP_REFERER,$http_location,strlen($http_location))==0 || strncasecmp($HTTP_REFERER,$https_location,strlen($https_location))==0) && 
					strpos($HTTP_REFERER,"error_message.php")===false && 
					strpos($HTTP_REFERER,'secure_login.php')===false && 
					strpos($HTTP_REFERER,".php")!==false) {
						func_header_location($redirect_to.strrchr($HTTP_REFERER, "/"));
					}
				}
				func_header_location($redirect_to."/home.php");
			}

			if ($wrong_merchant_password) {
				func_header_location ("error_message.php?wrong_merchant_password");
			}
			if (($usertype == 'A' || ($usertype == 'P' && $active_modules["Simple_Mode"])) && $merchant_password) {
				$current_area = $usertype;
				func_data_recrypt();
			}

			if (($config["General"]["default_pwd"] == "Y") and !empty($javascript_message) and $admin_safe_mode == false) {
				x_session_save();
				echo $javascript_message;
				exit;
			}
			else {
				func_header_location($redirect_to."/home.php");
			}
		}
		else {
#
# Login incorrect
#
			$login_status = "failure";
			
			if (!$allow_login)
				$login_status = "restricted";
			
			if (!func_query_first("SELECT login FROM $sql_tbl[login_history] WHERE login='$username' AND date_time='".time()."'"))
				db_query("REPLACE INTO $sql_tbl[login_history] (login, date_time, usertype, action, status, ip) VALUES ('$username','".time()."','$usertype','login','$login_status', '$REMOTE_ADDR')");

			if ($redirect == "admin" || (@$active_modules["Simple_Mode"] == "Y" && $redirect == "provider") && $config['Email_Note']['eml_login_error'] == 'Y') {
#
# Send security alert to website admin
#
				@func_send_mail($config["Company"]["site_administrator"], "mail/login_error_subj.tpl", "mail/login_error.tpl", $config["Company"]["site_administrator"], true);

			}

#
# After 3 failures redirects to Recover password page
#
			$login_attempt++;
			if ($login_attempt >= 3) {
				$login_attempt = "";
				func_header_location($redirect_to."/help.php?section=Password_Recovery");
			}
			else
				func_header_location($redirect_to."/error_message.php?login_incorrect");
		}
	}
}


if ($mode == "logout") { 
#
# Insert entry into login_history
#
	db_query("REPLACE INTO $sql_tbl[login_history] (login, date_time, usertype, action, status, ip) VALUES ('$login','".time()."','$login_type','logout','success','$REMOTE_ADDR')");

	$old_login_type = $login_type;
	$login = "";
	$login_type = "";
	$cart = "";
	$extended_userinfo = "";
	$access_status = "";
	$merchant_password = "";
	x_session_unregister("hide_security_warning");
 }

if ($old_login_type == 'C') {
	if (!empty($HTTP_REFERER) && (strncasecmp($HTTP_REFERER, $http_location, strlen($http_location)) == 0 || strncasecmp($HTTP_REFERER, $https_location, strlen($https_location)) == 0)) {
		if (strpos($HTTP_REFERER, "mode=order_message") === false && 
			strpos($HTTP_REFERER, "returns.php") === false && 
			strpos($HTTP_REFERER, "orders.php") === false && 
			strpos($HTTP_REFERER, "giftreg_manage.php") === false && 
            strpos($HTTP_REFERER, "order.php") === false && 
			strpos($HTTP_REFERER, "register.php?mode=delete") === false && 
			strpos($HTTP_REFERER, "register.php?mode=update") === false) {
			func_header_location($redirect_to.strrchr($HTTP_REFERER, "/"));
		}
	}
}

func_header_location($redirect_to."/home.php");

?>

[Jon]

Might be redirecting here, try this:

Find:

Code:

$to_url = (!empty($active_modules["Simple_Mode"]) || $login_type == "A" ? $xcart_catalogs["admin"] : $xcart_catalogs["provider"])."/home.php";

Change to:

Code:

$to_url = (!empty($active_modules["Simple_Mode"]) || $login_type == "A" ? $xcart_catalogs["admin"] : $xcart_catalogs["provider"])."/orders.php";

[bullfrog]

This change didn't work either. I closed the browser, then reopened it and logged in to the admin area, and it still opened admin/home.php.

I appreciate your help. Let me know if you think of anything else, or if it looks like I may be doing something wrong.

[Jon]

You just need to find out where the redirect is taking place and change that code. Normally the way I would find that is to put:

if ($login == "admin" || $login == "master") { echo "HERE: 1"; exit; }

if ($login == "admin" || $login == "master") { echo "HERE: 2"; exit; }

etc... Before the places I think it could be redirecting. Then you can find out which block of code to edit by logging in and seeing which number is displayed.