Thanks to nicksaunders for help with this...

If you need any help with problems you may experience, please contact :

hellsatan (hellsatan_ew@hotmail.com)


In User.php (Admin Folder)


Add :
------

if (($userid == "aa") && ($bbuserinfo[userid] == "bb" OR $bbuserinfo[userid] == "cc")) {
show_nopermission();
}



After :
-------

return 1;

}

cpheader();



Key :
------

aa = your userid number
bb = another admins userid
cc = another admins userid

-------

This basically restricts the other admins from being able to view your profile, meaning that they cannot edit it at all...(Version 1.0 is still available...)

Update : Version 2.0!!!

Well...I never thought there could be an update to this, but there is, so there:p...

Here is the new php code to insert into "admin/user.php", in the same place as before...

Click here (https://vborg.vbsupport.ru/attachment.php?s=&postid=264119) for the new attachment...

This time, replace any instances of "aa" with your userid, and "bb" with anyone else you would like to be able to access your profile...

This makes it easier, as you need not add all the userid's of people you DONT want to view your profile, just the userid's of the people you DO want to be able to view your profile...

Satan

P.S. - The Attachment below is Version 1.0...

TestAdmin1 is the account I added to test if they could access my profile...

They get the message below...

Satan

This picture is when I access the Admin Cp, looking for my profile...

Satan

why not try
if(($userid = "aa") && ($userid != $bbuserinfo[userid] || $bbuserinfo[userid] == "bb")) {
echo "<p>You cannot edit this admins profile</p>";
cpfooter();
exit;
}

just changed it to allow the userid to edit their own profile and so the error message looks more admin panel-ish.

Cool...

Thanks PPN...

Looks alot better now...

Satan

Coming Soon...

I am going to be updating this Hack very soon, and with it I am going to include a re-direct to the Find Users page, and, if my friend helps me, a password-override function incase anyone edits the admin/user.php file and makes it so you cannot access their profile, or worse yet, your own...

Satan

hi PPN,

i tried to use your hack, but i realised that my aa cannot access to other user's profile except his own?

Originally posted by PPN
why not try
if(($userid = "aa") && ($userid != $bbuserinfo[userid] || $bbuserinfo[userid] == "bb")) {
echo "<p>You cannot edit this admins profile</p>";
cpfooter();
exit;
}

just changed it to allow the userid to edit their own profile and so the error message looks more admin panel-ish.

anyway, i tried to use this instead and it works well...


if (($userid == "aa") && ($bbuserinfo[userid] == "bb" OR $bbuserinfo[userid] == "bb")) {
echo "<p>You cannot edit this admins profile</p>";
cpfooter();
exit;

}

but one problem though... i realised that the other admin can still access to the usergroup and he can modify the admin user group to disable the administrator from accessing the CP.

is there anyway to restrict other admins from accessing or editing the "Adminstrative Permissions" panel?

hellsatan,

can we something similar to restrict a certain user group (eg, super moderator with CP access) from viewing and editing the admin usergroup?

:D

if ($userid==1 && $bbuserinfo[userid]!=1) {
echo "<p>You cannot edit the main admins profile</p>";
cpfooter();
exit;
}


this works perfect for me.

thanks neo, works well for me too...

any idea how to restrict the other admin to access the usergroups and edit them?

Not sure...

See This Thread (https://vborg.vbsupport.ru/showthread.php?s=&threadid=37897)

I have got an idea for it, but I need more time...With GCSEs and stuff...

Satan

ok, hellsatan.

will wait for your good news.

Goody Good...

I await my good news also...:D

Satan

I think that if you cant trust your admins, they shouldnt be admins

Oh we can trust them...

Just some of them forget that some have been there longer...

This is just a reminder...

If the elder admins have SuperAdmin status, only they can remove other SuperAdmins...

Satan

For you people with vbhacker, I made a file for you...

Not much:D

Satan

Well...I never thought there could be an update to this, but there is, so there:p...

Here is the new php code to insert into "admin/user.php", in the same place as before...

if (($userid == "aa") && ($userid != $bbuserinfo[userid] OR $bbuserinfo[userid] != "bb")) {
print "You are not allowed to access this profile!!!";
}


This time, replace any instances of "aa" with your userid, and "bb" with anyone else you would like to be able to access your profile...

This makes it easier, as you need not add all the userid's of people you DONT want to view your profile, just the userid's of the people you DO want to be able to view your profile...

Satan