How can restrict ip search on members of a certain usergroup or no depth 2 search for them? Especially the administrators? Both on Admin Control Panel and Moderator Panel.

I know its something to do with user.php on both folders, but i do not know how?

Help please.

thanks

-m

anyone?

--------------- Added 1302809369 at 1302809369 ---------------

// ############################# start do ips #########################
if ($_REQUEST['do'] == 'doips')
{
if (function_exists('set_time_limit') AND !SAFEMODE)
{
@set_time_limit(0);
}

$vbulletin->input->clean_array_gpc('r', array(
'depth' => TYPE_INT,
'username' => TYPE_STR,
'ipaddress' => TYPE_NOHTML,
));

if (($vbulletin->GPC['username'] OR $vbulletin->GPC['userid'] OR $vbulletin->GPC['ipaddress']) AND $_POST['do'] != 'doips')
{
// we're doing a search of some type, that's not submitted via post,
// so we need to verify the CP sessionhash
verify_cp_sessionhash();
}

if (empty($vbulletin->GPC['depth']))
{
$vbulletin->GPC['depth'] = 1;
}

if ($vbulletin->GPC['username'])
{
$getuserid = $db->query_first("
SELECT userid
FROM " . TABLE_PREFIX . "user
WHERE username = '" . $db->escape_string(htmlspecialchars_uni($vbulletin->GPC['username'])) . "'
");
$userid = intval($getuserid['userid']);

$userinfo = fetch_userinfo($userid);
if (!$userinfo)
{
print_stop_message('invalid_user_specified');
}
}
else if ($vbulletin->GPC['userid'])
{
$userid = $vbulletin->GPC['userid'];
$userinfo = fetch_userinfo($userid);
if (!$userinfo)
{
print_stop_message('invalid_user_specified');
}
$vbulletin->GPC['username'] = unhtmlspecialchars($userinfo['username']);
}
else
{
$userid = 0;
}

if ($vbulletin->GPC['ipaddress'] OR $userid)
{
if ($vbulletin->GPC['ipaddress'])
{
print_form_header('', '');
print_table_header(construct_phrase($vbphrase['ip_address_search_for_ip_address_x'], $vbulletin->GPC['ipaddress']));
$hostname = @gethostbyaddr($vbulletin->GPC['ipaddress']);
if (!$hostname OR $hostname == $vbulletin->GPC['ipaddress'])
{
$hostname = $vbphrase['could_not_resolve_hostname'];
}
print_description_row("<div style=\"margin-" . vB_Template_Runtime::fetchStyleVar('left') . ":20px\"><a href=\"usertools.php?" . $vbulletin->session->vars['sessionurl'] . "do=gethost&amp;ip=" . $vbulletin->GPC['ipaddress'] . "\">" . $vbulletin->GPC['ipaddress'] . "</a> : <b>$hostname</b></div>");

$results = construct_ip_usage_table($vbulletin->GPC['ipaddress'], 0, $vbulletin->GPC['depth']);
print_description_row($vbphrase['post_ip_addresses'], false, 2, 'thead');
print_description_row($results ? $results : $vbphrase['no_matches_found']);

$results = construct_ip_register_table($vbulletin->GPC['ipaddress'], 0, $vbulletin->GPC['depth']);
print_description_row($vbphrase['registration_ip_addresses'], false, 2, 'thead');
print_description_row($results ? $results : $vbphrase['no_matches_found']);

print_table_footer();
}

if ($userid)
{
print_form_header('', '');
print_table_header(construct_phrase($vbphrase['ip_address_search_for_user_x'], htmlspecialchars_uni($vbulletin->GPC['username'])));
print_label_row($vbphrase['registration_ip_address'], ($userinfo['ipaddress'] ? $userinfo['ipaddress'] : $vbphrase['n_a']));

$results = construct_user_ip_table($userid, 0, $vbulletin->GPC['depth']);
print_description_row($vbphrase['post_ip_addresses'], false, 2, 'thead');
print_description_row($results ? $results : $vbphrase['no_matches_found']);

if ($userinfo['ipaddress'])
{
$results = construct_ip_register_table($userinfo['ipaddress'], $userid, $vbulletin->GPC['depth']);
}
else
{
$results = '';
}
print_description_row($vbphrase['registration_ip_addresses'], false, 2, 'thead');
print_description_row($results ? $results : $vbphrase['no_matches_found']);

print_table_footer();
}
}

print_form_header('usertools', 'doips');
print_table_header($vbphrase['search_ip_addresses']);
print_input_row($vbphrase['find_users_by_ip_address'], 'ipaddress', $vbulletin->GPC['ipaddress'], 0);
print_input_row($vbphrase['find_ip_addresses_for_user'], 'username', $vbulletin->GPC['username']);
print_select_row($vbphrase['depth_to_search'], 'depth', array(1 => 1, 2 => 2), $vbulletin->GPC['depth']);
print_submit_row($vbphrase['find']);
}

how can i add, if user is an admin, ip search is restricted?

--------------- Added 1302849027 at 1302849027 ---------------

add a code on this php code, to restrict supermods from searching ips of admin (usergroupid 6)

Place the following code before if ($vbulletin->GPC['ipaddress'] OR $userid)

if (is_member_of($userinfo, 6) AND is_member_of($vbulletin->userinfo, 5)) print_cp_no_permission();

Place the following code before if ($vbulletin->GPC['ipaddress'] OR $userid)

if (is_member_of($userinfo, 6) AND is_member_of($vbulletin->userinfo, 5)) print_cp_no_permission();



this would restrict supermods on searching ip of admins in admincp panel, right?

you could easily replace the numbers with the usergroup ids you want to lock out from the process.
multiple usergroups can be joined with the
... AND is_member_of($vbulletin->userinfo, 5)
part