Hi guys,
I'm trying to add a css snippet (display none) to the site to hide a portion from non admin users. For example when I go from the backend to the front end it knows that i'm an admin. How can I do this? I really appreciate it.
I'm trying to add a css snippet (display none) to the site to hide a portion from non admin users. For example when I go from the backend to the front end it knows that i'm an admin. How can I do this? I really appreciate it.
Well that's a very insecure way to do it, as if they knew what they were doing they could easily show it again in their browser.shirazdrum wrote: ↑Thu Apr 22, 2021 8:09 amI'm trying to add a css snippet (display none) to the site to hide a portion from non admin users. For example when I go from the backend to the front end it knows that i'm an admin. How can I do this? I really appreciate it.
However the code would be something like this in a controller:
Code: Select all
if($isLogged) {
$additionalCSS = '';
} else {
$additionalCSS = '.yourelementclass {display: none} ';
}
Code: Select all
<style>
{additionalCSS}
</style>
If that isn't enough you could pay a developer such as ourselves or post a job in the Commercial Support Forum.
UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk
Guru Member
Hi Paul,
Security really isn't an issue here, it's just a little element that only makes sense to admins and it would be of no value to visitors.
As for if($isLogged) statement, is it checking for any logged in user or just admin?
I really appreciate it.
Security really isn't an issue here, it's just a little element that only makes sense to admins and it would be of no value to visitors.
As for if($isLogged) statement, is it checking for any logged in user or just admin?
I really appreciate it.
This tactic still won't prevent CSRF attackers to know in-between your forms since it makes no difference for those scripts. I would rather suggest you use an extension to prevent CSRF attacks.
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
straightlight wrote: ↑Thu Apr 22, 2021 8:32 pmThis tactic still won't prevent CSRF attackers to know in-between your forms since it makes no difference for those scripts. I would rather suggest you use an extension to prevent CSRF attacks.
UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk
Guru Member
Good point, you might need to check the group too.shirazdrum wrote: ↑Thu Apr 22, 2021 8:19 pmAs for if($isLogged) statement, is it checking for any logged in user or just admin?
You could always post a job in Commercial Support if you're not sure how to do it all yourself.
UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk
Guru Member
Who is online
Users browsing this forum: Google [Bot], niagato, Semrush [Bot] and 644 guests