How to generate an adminhtml page secret key

Question

I'd like to generate a link to an adminhtml page from within a script in my html directory.

I have read this question on Stackoverflow: Magento: generating url for a backend action (with key)

This works for me if I generate such a key from within an extension controller. The key generated from within my html directory script however does not work correctly and throws me to the dashboard when applied.

Edit: The redirect works 100% if the user is not logged in - i.e it directs the user to my module page 100% accurately.

However, if the user is already logged in, it redirects them to the dashboard due to the conflicting session.

I believe I need to somehow "switch" sessions, but I haven't managed to do so yet. I have taken a look at this post:

Check if Admin is Logged in Within Observer

Unfortunately it still redirects to the dashboard.

Any ideas?

Answer 1

The problem is, that the key is generated and then stored into a session, this means if you generate a new one, this doesn't work.

You can see the check here:

\Mage_Adminhtml_Controller_Action::_validateSecretKey
{
    if (is_array($this->_publicActions) && in_array($this->getRequest()->getActionName(), $this->_publicActions)) {
        return true;
    }

    if (!($secretKey = $this->getRequest()->getParam(Mage_Adminhtml_Model_Url::SECRET_KEY_PARAM_NAME, null))
        || $secretKey != Mage::getSingleton('adminhtml/url')->getSecretKey()) {
        return false;
    }
    return true;
}

So the key is saved here: Mage::getSingleton('adminhtml/url')->getSecretKey() just use this one :-)

If this doesn't work too, it might be not the problem. Hook into this method and check!