This modified contribution allow you to set access for each admin defined by you even group he belong doesn't have access to specified files. Very useful if you intend to setup an online mall, multi-store as I do.
Please test this contribution first on your local site, not on production.
Legend: 
Download
Report
Replace
catalog/admin/admin_members.php
catalog/admin/includes/languages/english/admin_members.php
with these files to be able to edit admin account passwords to something more friendly than the randomized version
Admin Time Out modification for Admin with Access Levels
Ideally you don't want to mess with your shoppers sessions, but you mght want longer sessions for yourself in the admin side of the store. This modification/add on for Admin With Access Levels can help you do that.
If you're server/host will let you alter php settings from htaccess or php, this might work for you.
The attached file is instructions only.
Problem:
Cannot integrate 'Multi Admin with Levels' with 'Register Globals' contribution.
Cause:
When combined with Register Globals contribution, admin_account.php does not show editable boxes, due to the 'confirm_account' session variable not being set at any level.
Solution:
To make this contribution valid with the Register Globals contribution, manual addition to global scope ($GLOBALS) is needed for 'confirm_account'. One line added:
$GLOBALS['confirm_account'] = 1;
Problem: event thought files access for groups and users has been defined, forbidden boxes or files are still accessible.
Solution: This is a modification of /admin/includes/functions/general.php. There is an error in logical operators precedence in three functions:
- tep_admin_check_login()
- tep_admin_check_boxes($filename, $boxes='')
- tep_admin_files_boxes($filename, $sub_box_name)
It should be (within functions):
$dbquery = tep_db_query("select admin_files_id from " . TABLE_ADMIN_FILES . " where (FIND_IN_SET( '" . $login_groups_id . "', admin_groups_id) or FIND_IN_SET( '" . $login_id . "', admin_id)) and admin_files_is_boxes = '" . $is_boxes . "' and admin_files_name = '" . $filename . "'");
instead of :
$dbquery = tep_db_query("select admin_files_id from " . TABLE_ADMIN_FILES . " where FIND_IN_SET( '" . $login_groups_id . "', admin_groups_id) or FIND_IN_SET( '" . $login_id . "', admin_id) and admin_files_is_boxes = '" . $is_boxes . "' and admin_files_name = '" . $filename . "'");
Note: simply put parentheses () to make OR operator in the query to be considered first.
This modified contribution allow you to set access for each admin defined by you even group he belong doesn't have access to specified files. Very useful if you intend to setup an online mall, multi-store as I do.
Please test this contribution first on your local site, not on production.
Add file to this package