This hack will let you NOT allow certain users to edit your administrator usernames properties and also other options you want to restrict access to, for example editing the templates.
I recommend you to enable only the ones you really trust, that means only yourself.

ESTIMATED INSTALL TIME: 2 minutes
REQUESTED BY: (nobody)
TESTED IN VERSION: 2.2.6

UPDATE
The hack was updated. It was fixed the problem I had with editing yourself of all users.
NOTE: FireFly posted also another way of doing this, few posts below.

In my hack, I also explained how to stop other admins to edit other options, for example the templates.


You like this hack? Please click (https://vborg.vbsupport.ru/misc.php?s=&action=install&threadid=40787) on the Install button.
To download the latest version of this hack, click below:

good job Nakkid i guess it was the global issue ;)

either way good work :)

g-force2k2

actually i unset in the wrong file the $caneditadmin variable... :)
firefly, as usual, helped me to understand what was wrong.

Originally posted by Nakkid
I recommend you to enable only the ones you really trust, that means only yourself.

Lool, but you're right ;)

Really a good idea, i won't use it, because im the only admin of my board, but ist very usefull, perhaps when i work on other boards where are more admins.


Also i know hellsatan loves this hack isn't it so? :)

What does this have that hellsatan's hack doesn't? Does his have more?

it wont let you edit nothing, not even the passwords if you are not listed in config.php file. it works the same way as pruning the admin log (i got the idea from there). simple and secure.
if i understood correctly, in his hack you still can edit the passwords? not sure. let me know please.

also dont look as doing more, but rather as hacking in a different way. :)
my hacks are learning tools for myself, while experiencing with different aspects of vB.

I was just wondering, I already installed yours :D

Also, can this same idea be applied to a hack I want to see, I'd like it so only adminid 1 can edit the templates, and create new styles, etc. Is that possible?

Fantastic Thanks! But I've got one question. I've already installed hellsaten's admin hack... should I uninstall that one or can the 2 work together?

+-----------------------------------------------+
| FILE: FORUM/admin/user.php (1 change) |
+-----------------------------------------------+
|
+-----------------------------------------------+
| 1. Find this code:
+--------------------------------------------------------------------------+
if ($HTTP_POST_VARS['action']=="doupdate") {
+--------------------------------------------------------------------------+
|
+-----------------------------------------------+
| Replace it with:
+--------------------------------------------------------------------------+
if ($HTTP_POST_VARS['action']=="doupdate" && checklogperms($caneditadmin,1,"<p>You are not allowed to edit this user.</p>")) {
+--------------------------------------------------------------------------+
Call me crazy but according to this you will not be able to edit ANY user (regular included), if you are not listed in config.php.

yep. it is. for example, if you dont want your admins to modify the templates do this...

admin/template.php
find:if ($action=="modify") {
replace it with:if ($action=="modify" && checklogperms($caneditadmin,1,"<p>You are not allowed to modify the templates.</p>")) {
bingo. only the $caneditadmin listed users will be able to edit from now on the templates. replace anywhere you want to block access to other admins with a similary line.

Originally posted by FireFly
Call me crazy but according to this you will not be able to edit ANY user (regular included), if you are not listed in config.php. helpppppppppppp!!!! firefly is kicking my ass!!!!! :)
i will mod it rightaway chen. you are sooooooooo right. sorry.
testing it right now...

Call me crazy but I just tested it and he's right.

That template hack didn't work.

Working version attached...

Originally posted by g-force2k2


how would that cause a parse error ;) ?

Edit: Nakkid if that doesn't work try place the:

unset($editadmin);

above:

require("./global.php");

g-force2k2

I guess it was correct after all ;) just shows it helps to learn from reading different vb files :)

g-force2k2

ok i updated the file. i looked at firefly's mod. i never thought of it this way. :)
thanks chen.

chen, can you also look at my way of doing it, with same results? let me know what you think.
also i added other code options related to templates for example, on how to disable the access. is all included in the first post.

Originally posted by Marshalus
That template hack didn't work. it works. check your code.

Originally posted by g-force2k2
I guess it was correct after all ;) just shows it helps to learn from reading different vb files :)actually, it must be unset in global.php and NOT in user.php, so we were wrong both. thanks to chen, who told me why is done this way, i understood finally the way it works to unset a variable.

Originally posted by Nakkid
actually, it must be unset in global.php and NOT in user.php, so we were wrong both. thanks to chen, who told me why is done this way, i understood finally the way it works to unset a variable.
Actually, you can unset the variable in user.php, before requiring global.php.

Nakkid, your hack is still not correct.

+-----------------------------------------------+
| 1. Find this code:
+--------------------------------------------------------------------------+
if ($HTTP_POST_VARS['action']=="doupdate") {
+--------------------------------------------------------------------------+
|
+-----------------------------------------------+
| Replace it with:
+--------------------------------------------------------------------------+
if ($HTTP_POST_VARS['action']=="doupdate") {

if (!in_array($bbuserinfo['userid'],array($caneditadmin)) and in_array($userid,array($caneditadmin))) {
echo "<p>You are not allowed to edit this user</p>";
exit;
}
+--------------------------------------------------------------------------+
That means you (a) won't be able to edit ANY user, and (b) will not work if you have more than one user listed in $caneditadmin.

chen, i did this:
i created 2 admins, userid 1 and 2.
i created 1 registered user, userid 3.
now, userid 1 can edit all users and userid 2 can edit all users except the ones listed in $caneditadmin.
i tested all and it works perfectly, in my test board, with the code above. you try it and let me know please. thanks.

update:
i also tried
$caneditadmin = '1,2';

now all admins can perform changes.

Originally posted by Nakkid
now, userid 1 can edit all users and userid 2 can edit all users except the ones listed in $caneditadmin
And that's not the point of this hack, is it?

i dont understand?
i used this code:if ($HTTP_POST_VARS['action']=="doupdate") {

if (!in_array($bbuserinfo['userid'],array($caneditadmin)) and in_array($userid,array($caneditadmin))) {
echo "<p>You are not allowed to edit this user</p>";
exit;
}
let suppose you have 4admins in your board. if you use only userid 1 and 2 the others will not be able to edit ONLY the admins.

*sigh*

Let's say you have 4 admins, users A, B, C and D.
You add users A and B to $caneditadmin (Which will not work, but let's assume it does).
Users A and B will be able to edit any users.
Users C and D will be able to edit all users except users A and B.
But user C will still be able to edit user D, and vice versa.

correct. that's what it does the code listed above. try it in your test board and let me know. it works for me.

You don't get it, do you...

That's how it works, right. But that's not how it's supposed to work, because users C and D can still edit other admins (i.e D and C, respectively).

Originally posted by Nakkid
This hack will let you allow ONLY certain users to edit your administrator usernames properties
This quote says the hack stops others from editing other admins... and that's not how it works.

If you have 10 admins and add one of them to $caneditadmin, the rest of the 9 won't be able to edit the first user, but will be able to edit one another.

i understand now chen. sorry, my 'romanian' english.
i dont care if thay can edit other admins. what i dont want is to be able to edit my options (userid 1 or others listed in $caneditadmin)...

iv tried both firefly and your version and im still geting this error:

Warning: Unable to access ./admin/db_.php in /home/virtual/site4/fst/var/www/html/forums/global.php on line 128

you are missing the mysql part on the line..
it should read it:
admin/db_mysql.php and NOT admin/db_.php
when you hacked your forum with another hack, you made a mistake somewhere.

Thx, TECK, I love you for this Hack :love: Exactly what I was looking for.

Hey Chen, anyway that your hack could be written that an admin not listed in the $caneditadmin can edit only himself but not other admins?