Please do the following before attempting to install:

1.) Backup your Files before doing anything
2.) Be aware that although I have tested this myself, there may still be problems...If you do not backup your files, I cannot condone your install of this hack...
3.) If you want to Backup your Database, You can - There shouldn't be any need to...

The file(s) you should have is/are:

install_lesseradmincp_txt.php
install_lesseradmincp_usergroups_txt.php

Install Info:
Hack Version: 1.4
Files to edit: 4
Templates to add: 0
Templates to edit: 0
Queries to Run: 1
Time to install: Approx 5 Minutes

Credits
Requested by - Nobody

Support - I am offering support, but only in THIS THREAD...I unfortunately cannot be here during the coming weeks (Mon-Fri), so therefore you will have to rely on others for assitance, should it be urgent...If you do require assitance, please - Only reply in this thread

Hack info

What does it do? - This basically will allow you to make a Lesser Control Panel for your other Admins...I know I released the "Total Admin Security" hack (link in my profile), but this will allow you to ensure that they cant delete your templates, especially if you put them in a seperate usergroup...

I know you will want a screenshot, so here is a screenshot of my Co-Admin Control Panel...The second Screenshot is of the Co-Admin Permissions...The third is of the Usergroup gone from edit user and add user...The fourth is of the Usergroup gone from search options, and the fifth is from search display options...

Live Demo/Screenshots

Co-Admin Control Panel (http://www.darkblazes.com/vbhacks/lessercp/coadmincp.jpg)
Co-Admin Permissions (http://www.darkblazes.com/vbhacks/lessercp/coadmin.jpg)
The name "Co-Admin" is what I determine as "Lesser Admin" - The picture may differ slightly from the screenshot
Usergroup options gone from Edit user & add user (http://www.darkblazes.com/vbhacks/lessercp/nousergroup.jpg)
Usergroup no longer a Find option (http://www.darkblazes.com/vbhacks/lessercp/findscreen.jpg)
Usergroup no longer able to be display in searches (http://www.darkblazes.com/vbhacks/lessercp/displayscreen.jpg)

Latest Version

You can download Version 1.4 (normal) here (https://vborg.vbsupport.ru/attachment.php?s=&postid=389492)...
You can download Version 1.4 (usergroup version) here (https://vborg.vbsupport.ru/attachment.php?s=&postid=389493)...

Enjoy!:)

Satan

I'll proably install this. Thanks ;)

Looks good hellsatan ;)

I don't currently have any use for it as I'm the only admin but I'm sure many will benifit from it.

Uhuh...

I am the Only Admin at my boards also...I made it really, so that my Super Mods, who I call Co-Admins, can perform some of the Admin Functions, so I dont have to...

There are of course limitations to their power;) I made it so that I dont have anyone else who might be able to access the real Admin CP and do damage...

Satan

First off GREAT HACK!!

but before i install it i have a couple of questions.

could i make it were my mega mods(super mods) can access it? and can you also add a temp ban, and unban function?

edit: NM about letting them access it, i figured that out, but can you add the ban/unban function?

Yes...

You will need to make sure that you only give them the url, as any Mod can access it at this time...I am trying to sort that out...

Whatever hacks you can do to the Admin CP, you can do to this one too...

If you want to ensure that only your mega-mods can access it, enter this in the top of every php file, under :

require("./global.php");

You can enter :

if (($bbuserinfo[usergroupid]!=X) and ($bbuserinfo[usergroupid]!=Y)) {
echo "<p>You cannot perform this function.</p>";
cpfooter();
exit;
}

(Change X and Y to the Ids of your MegaMod group, and your Admin group)

So yes...In answer to your question, yes you can

Satan

Originally posted by hellsatan
Yes...

You will need to make sure that you only give them the url, as any Mod can access it at this time...I am trying to sort that out...

Whatever hacks you can do to the Admin CP, you can do to this one too...

If you want to ensure that only your mega-mods can access it, enter this in the top of every php file, under :

require("./global.php");

You can enter :

if (($bbuserinfo[usergroupid]!=X) and ($bbuserinfo[usergroupid]!=Y)) {
echo "<p>You cannot perform this function.</p>";
cpfooter();
exit;
}

(Change X and Y to the Ids of your MegaMod group, and your Admin group)

So yes...In answer to your question, yes you can

Satan

Thanks!

ione more question
how would i add a ban function that worked like this.

instead of having a set timer for a ban, the mega mod would ban the user, and if that user has been a pain leave him banned under that user name for good. BUT if he just wants it to be a temp ban, he can just un-ban him at a later date.

Originally posted by hellsatan
Yes...

You will need to make sure that you only give them the url, as any Mod can access it at this time...I am trying to sort that out...


Your hack is better than you mean ;)

you check for usergrouppermission: ismoderator which actually means the usergroup is a supermod group.

so just every supermod can acces to that panel ;)

if you think that are to much users, you have to add another field to usergroup table canaccesscoadmin...
then change all ismoderator to canaccesscoadmin

Erm...

@Thewnagchung - That is an issue for the creator of the Temp Ban hack...I cannot help you there im sorry...:(

@Xenon - It does? I thought it meant any moderator...

Silly me!

I might do what you suggested, so I can have Super Mods too;)

Satan

Ok...Ive updated the first post...

Satan

you get better and better :)
good work satan

im getting this error once im done installing it o.O

Parse error: parse error, unexpected T_LOGICAL_AND in /home/videogam/public_html/forum/Admin2/user.php on line 299

if ($userid==X) and ($bbuserinfo[userid]!=X) {
echo "<p>You cannot delete this Admin.</p>";
cpfooter();
exit;
}

what values do I put in for X ?

forgive me but im a n00b at this

X is your userid ;)
normally its 1

I got it to work for the most part, but I have a question.

if you give them the power to make users, cant they just make an admin account and thus forth wreak havoc anyway?

Yes...That is why It is not finished;)

I am working on the Usergroup issue now:)

Satan

I have updated the hack...It is in the first post...

This attached file is version 1.1 for those of you who never got it...

Satan

Great hack!

/me clicks install

Thanks:)

Satan

Nice hack Satan
*clicks install*

I followed the instructions and got a blank screen when I went to admin2/index.php. What could I have done wrong?

It could be one of 2 things...

1.) You did not setup the global.php file correctly for the Admin2 directory, therefore not allowing the other files to work (as they require it)...Make sure you followed the instructions carefully:)
2.) Sometimes, and I know this is true, some files dont like being uploaded in Ascii Mode...On my server, I have to upload all vBulletin files in BINARY mode, so that they will work...Make sure you are uploading in the BINARY mode...If you are not sure which mode you are uploading in, try downloading SmartFTP (http://www.smartftp.com/), which has the option for Ascii and Binary modes when uploading...It will be on the top Quick Toolbar, and by default is Auto...Change it to Binary or Ascii, and upload...If that mode does not work, try the other...

Thats all I can suggest thats wrong...If it still does not work, email your new global.php file to me at : hellsatan@darkblazes.com

Satan

I am confused. I made the changes in step 6. This file goes into the admin2 folder, right?

Also step 10 says to "edit the /admin/global.php (to full Admin CP version)." What does that mean?

OK, I uploaded the edited global.php to the admin2 folder in binary mode. I can now get to the loggin screen. However, when I try to log in, either with my co-admin name or my admin name, I cannot get in. I tried uploading the other files in binary mode, but that didn't help.

Nevermind, I figured it out. LOL I didn't have the usergroup set to allow access to the lesser admin cp. LOLOL

However, I am having another problem.

Here is the error:

Database error in vBulletin Control Panel 2.2.6:

Invalid SQL: SELECT cancontrolpanel FROM usergroup WHERE usergroupid=
mysql error: You have an error in your SQL syntax near '' at line 1

mysql error number: 1064

I was attempting to change the title of an admin, to see if I could do it through the admin2 cp. This also happens when I try to edit any member.

Ah yes...

I found a bug...

If you using Version 1.2 of the hack, do the following :

Find in /admin2/user.php :

// check that not removing last admin
$countadmin=$DB_site->query_first("SELECT COUNT(*) AS users FROM user,usergroup WHERE user.usergroupid=usergroup.usergroupid AND usergroup.cancontrolpanel=1 AND user.userid<>$userid");
$getperms=$DB_site->query_first("SELECT cancontrolpanel FROM usergroup WHERE usergroupid=$usergroupid");
if ($countadmin[users]==0 and $getperms[cancontrolpanel]!=1) {
echo "<p>You are about to edit the last user with control panel access so that they do not have control panel access. This would lock you out of the control panel, so you cannot proceed.</p></body></html>";
exit;
}

and remove it completely!

Only do it if you are using Version 1.2 - The bug will not occur in Version 1.1, because you can still update usergroups - Anyone who does not want a Security leak, should upgrade to Version 1.2...

Why is there a bug? Im not totally sure, but I think it is because that php statement above, is looking for the updating of Usergroups, and in Version 1.2, the usergroup updating options have been deleted...Therefore it is looking for something it Cannot find...It seems logical enough...I tested it myself at my co-admin panel, and all seems fine...

Reasons why not to do it with Version 1.1? - Well...For starters, you can still update Usergroups...So...If you delete that, and accidentally change your OWN usergroup, then you may be in trouble...

That should solve your problem...I have updated the first post:)

Satan

It is working now. But it is allowing lesser admins to change the email and password of admins. Is it supposed to do that?

Well...

If you had implemented the Total Admin Security Hack, which was included in it, they wouldnt be able to Delete or update you...That way making Admin Passwords impossible to change;)

Satan

Well, I did implement that. Not only did I already have it, but I also included protection for each admin. It isn't working.

But let me make sure I put it all in the right place....

Well, I thought I'd put it all in there. Now, I've got to figure out where I did put it. :confused:

Well I can guarantee that it does work...

I know myself - If there was ever a time I was grateful for it, was when someone hacked into The Lyceum, and tried to delete my account 10 times...

Satan

Hmmm...

Search for :

if ($userid==X)
Replace X with the Id of a user you protected...

Satan

Here is my code:

// ###################### Start do update #######################
if ($HTTP_POST_VARS['action']=="doupdate") {
if (($userid==1) and ($bbuserinfo[userid]!=1)) {
echo "<p>You cannot update this Admin.</p>";
cpfooter();
exit;
}
if (($usergroupid==17) and ($bbuserinfo[usergroupid]!=6)) {
echo "<p>You cannot update this Admin.</p>";
cpfooter();
exit;
}

OK. The can't update is working on me, user 1. So, to make it work on the other admins, do I just take this part of the code:

if (($userid==1) and ($bbuserinfo[userid]!=1)) {
echo "<p>You cannot update this Admin.</p>";
cpfooter();
exit;
}

input the proper id numbers and add it below the existing piece of code?

Thank you for your time. Sorry I am being such a pain. I am feeling the pressure back at my board. :lol

In this hack Satan you state towards the beginning of the instructions (step 6) to modify global.php. Are you referring to admin2/global.php or the original admin/global.php?

The /admin2 global.php...

That is to set permissions for the co-admin, or lesser admin or whoever you want to call him/her/it/them...

@Night Owl - yes...

Satan

I dont unterstand what for files i must change. The original files or the admin2 files. What is right?:

Step5 = admin/usergroup.php
Step6 = ?/global.php (admin or admin2)
Step7 = admin2/user.php
Step8 = ?/user.php (admin or admin2)
Step9 = ?/index.php (admin or admin2)

thx you

P.S. Where i can see the usergroupid at the cp?

All the files you must change are in the new /admin2 directory, unless stated otherwise...

I guess I did not state that clearly enough...

For the usergroupid - Goto your Control Panel, and click "Modify" in the "User Groups" subsection...

Hover over the edit button of the usergroup you want, and look at the link in the bottom left of the screen...The last digit, i.e. 6 = Admins, will be your usergroupid...

So it will appear as something like:

/usergroup.php?action=edit&usergroupid=6

Satan

thx

by Step 8 :

// ###################### Start do update #######################
if ($HTTP_POST_VARS['action']=="doupdate") {

-------DO NOT COPY THIS LINE-------

And add below :

-------DO NOT COPY THIS LINE-------

if ($userid==X) and ($bbuserinfo[userid]!=X) {
echo "<p>You cannot delete this Admin.</p>";
cpfooter();
exit;
}

What id i must change for X ? My Admin id or the admin2 id?

Your id...

Hmmm...

I think you copied 2 lines, but from different areas...

Lol...

The first part is updating...The second part mentions deleting lol...

Always replace X with your Userid unless stated otherwise...

Satan

Originally posted by hellsatan
Your id...

Hmmm...

I think you copied 2 lines, but from different areas...

Lol...

The first part is updating...The second part mentions deleting lol...

Satan

i dont know what you want, i make only that what i read.

Never mind...Replace X with your userid...

Satan

News Update:

Thanks to Xenon (:)), I will update the Lesser Admin CP, to Version 1.3, where, if you choose, you can allow users to update other member's usergroups, just not to Admin or Co-Admin...:)

Satan

Is here!:)

See the First Post for Update information...

Satan

Step 5)

Edit admin2/usergroup.php

Sure admin2? This file is not in admin2.

Step 8) Step 8)

Open user.php : <--------- admin? or admin2?

I corrected the admin2/usergroup.php mistake - It should be admin/usergroup.php

Step 8) - It says to edit admin2/user.php...

Satan

By Step 7) you say:
Open admin2/user.php

but by Step 8)
you say:
Open user.php :

what is right? two times the same file?

Step 8 can be done in either or both...

Though I recommend doing it in admin2/user.php immediately...

Satan

i have installed the hack and his working fine but i have follow error at the user.php :

Parse error: parse error in /homepages/42/d4357757/htdocs/vb/admin2/user.php on line 309

Line 309 is correctly, i can not found a bug.
This is Line 309:

if ($userid==X) and ($bbuserinfo[userid]!=X) {

The X i have change to 2 (my userid)

Yes...

There should be an extra set of brackets around it :

if (($userid==2) and {$bbuserinfo[userid]!=2)) {

Satan

i have the same error when i changed the code.

Hmmm...

Send me your admin2/user.php file...

vbhelp@darkblazes.com

Satan

oki is ready

:)

Satan

Originally posted by hellsatan
if (($userid==2) and {$bbuserinfo[userid]!=2)) {


false type of brakets: you have a { where a ( would be right, or just use one pair of brackets:

if ($userid==2 and $bbuserinfo[userid]!=2) {


also Satan, please do not recommend Users to send you full files...
Thank you

Ok sorry...

Xenon - I must have slipped when typing (...

Satan

the admincp for a coAdmin is very small :) not the same of the demopicture from you. He can not posting Announcements etc. Why?

Well...

The Admin Cp is only small, because this is a basic install...

To increase their abilites, you will need to copy the announcements.php file to the admin2 directory, then add a link to it in the admin2 index.php file...

:)

Satan

i don't have a admin2 folder. i am a newbie at this.

You have to create one:)

Satan

oops. i didn't read the instructions. my bad.

Lol its ok:)

Satan

I feel like a goober. I can find the userid numbers quick enaouk but can't find the usergroupid #. Where do I find this?

I have started getting this error again:

Database error in vBulletin Control Panel 2.2.6:

Invalid SQL: SELECT usertitle FROM usergroup WHERE usergroupid=
mysql error: You have an error in your SQL syntax near '' at line 1

mysql error number: 1064

Date: Monday 12th of August 2002 05:34:26 PM
Script: http://www....admin2/user.php
Referer: http://www....admin2/user.php?s=&action=edit&userid=439

What does this mean? And what can I do to fix it? I am using version 1.2 of this hack.

Wugh. Still getting this error. It is weird. It only happens on a couple of users. When the co-admin goes into the cp to change an avatar or title, she will click on the change avatar button and get this message:

Database error in vBulletin Control Panel 2.2.6:

Invalid SQL: SELECT usertitle FROM usergroup WHERE usergroupid=
mysql error: You have an error in your SQL syntax near '' at line 1

mysql error number: 1064

Date: Wednesday 14th of August 2002 10:46:50 AM
Script: http://.../admin2/user.php
Referer: http://.../admin2/user.php?s=&action=edit&userid=930

It will also happen on a couple of users when she tries to give them a new title.

Hey I'm getting a error messages that I can't make go away, any ideas? Parse error: parse error, unexpected T_LOGICAL_AND in /home/max/public_html/forums/admin2/user.php on line 297

Here is what is in that line
?if ($HTTP_POST_VARS['action']=="doupdate") {


Thankx,
244

remove the char in front of your if

VALUES (NULL,'".addslashes($title)."','".addslashes($usertitle)."',$cancontrolpanel,$canmodifyprofile,$canviewmembe rs,$canview,$showgroup,$cansearch,$canemail,$canpo stnew,$canmove,$canopenclose,$candeletethread,$can replyown,$canreplyothers,$canviewothers,$caneditpo st,$candeletepost,$canusepm,$canpostpoll,$canvote, $canpostattachment,$ismoderator,$canaccesscoadmin, $canpublicevent,$canpublicedit,$canthreadrate,$can trackpm,$candenypmreceipts,$maxbuddypm,$maxforward pm,$canwhosonline,$canwhosonlineip,$cangetattachme nt)");

I can't find this anywhere in admin/usergroups.php

Dark Shogun

This hack looks nice man :D Good job

@Shogun: If i'm right this is the part you should have in your file AFTER installing the hack.
Recheck one line in install file before

Yes Shogun...

You are looking for the line you are supposed to replace;)

Satan

Hallo.

I'am New admin for vbulletin and my english is not very good ;)

I have a question, where I copy this line ??

-------DO NOT COPY THIS LINE-------

Copy this last step out as many times for as many admins as you need to protect from being deleted. To prevent them deleting other users in their usergroup, enter :

-------DO NOT COPY THIS LINE-------

if (($usergroupid==X) and ($bbuserinfo[usergroupid]!=6)) {
echo "<p>You cannot delete this Admin.</p>";
cpfooter();
exit;
}

---------------
Please to explain better this modify:
(NB : remember change X to the usergroupid of the Admin2 User)

----------------
Last question, for unistal this hack, this query, as I modify it:

ALTER TABLE `usergroup` ADD `canaccesscoadmin` SMALLINT(6) DEFAULT '0' NOT NULL

Thank's, Adalberto

@adalberto...

If I understand correctly, you want to know how to :


Copying the line
Understand what I meant with the instructions
Know how to Uninstall this hack


Right - Well I'll try;)

1.) Copying the line :

You can copy that line under this one :
// ###################### Start Kill #######################

if ($HTTP_POST_VARS['action']=="kill") {

You can copy it out as many times as you need...

2.) Understand what I meant with the instructions :

I meant that you will have to change the letter "X" that is in the code to copy, to the usergroupid of the group you want to protect...

Here is a list of the ones you might want to know :
(The Numbers in Bold are the usergroupid)
2 - Registered User
5 - Super Moderator
6 - Administrator
7 - Moderator

3.) Know how to Uninstall this hack :

To Uninstall, simply reverse the changes made, and run this query :

ALTER TABLE `usergroup` DROP `canaccesscoadmin`

Satan

Originally posted by hellsatan

If I understand correctly, you want to know how to :


Yes is correctly.

But in admin pannel, I when find, modify or add user result this error:
Parse error: parse error in /httpdocs/admin/user.php on line 308


Thank's Adalberto

Have you made sure that you have changed the "X" in the code below?

if (($usergroupid==X) and ($bbuserinfo[usergroupid]!=6)) {
echo "<p>You cannot delete this Admin.</p>";
cpfooter();
exit;
}

Satan

Originally posted by hellsatan
Have you made sure that you have changed the "X" in the code below?

Yes...

mmm... sorry, but this X is 6 ?? :confused:

6 is usually the usergroupid of Administrators...

Therefore you will need to change this :

if (($usergroupid==X) and ($bbuserinfo[usergroupid]!=6)) {
echo "<p>You cannot delete this Admin.</p>";
cpfooter();
exit;
}
to
if (($usergroupid==6) and ($bbuserinfo[usergroupid]!=6)) {
echo "<p>You cannot delete this Admin.</p>";
cpfooter();
exit;
}

Satan

Originally posted by hellsatan
[B]6 is usually the usergroupid of Administrators...



Mmm... I had already change, but this error remains :bored:

Sorry, this number where I find??

Goto your Admin Control Panel...

Scroll down until you find under "Usergroups", the Modify link...

Click it...

Hover over the group you want to protect, and look in the bottom left corner...There should be a link...

The number on the end of the link is the usergroupid...

If that does not work, post the lines that the error is occuring on...

Satan

The usergroupid is exact 6

The error line is this:

if ($userid==42) and ($bbuserinfo[userid]!=42) {

42 is amministrator number.

Mmmm... I forgot, have a 2.2.7 vBulletin version :bored:

You need 2 sets of brackets;)

It should be :

if (($userid==42) and ($bbuserinfo[userid]!=42)) {

Satan

Ahhh... Now it's ok... but in your file (1.3) is:
if ($userid==42) and ($bbuserinfo[userid]!=42) {

;) ;)

Thank's very much for your help :D

First of all I want to say Thx a lot @ Satan for this great Hack! This was exactly what I was searching for.


While hacking the files I encountered some Problems due to some Errors you made. Here they are :) :


Wrong Link in the first Post of the Thread:

The File-Attachement points to a file named 'instructionsupdate2.txt' which unfortunately is the 1.2 Version and not the newest 1.3 Version.


Script Error in the 1.2 Version:

Search this Code in instructionsupdate2.txt

if ($userid==X) and ($bbuserinfo[userid]!=X) {
echo "<p>You cannot delete this Admin.</p>";
cpfooter();
exit;
}

This refers to users.php at about line 300. As you can see while reading this thread, the code causes problems to the Users. This is, because the hint that your user-ID is 1 is missing and two brackets () are missing. The right Code is:

if (($userid==1) and ($bbuserinfo[userid]!=1)) {
echo "<p>You cannot delete this Admin.</p>";
cpfooter();
exit;
}

This solves the problems discussed over the last 5 pages, perhaps a Mod could delete those posts as the Solution is here and the thread gets too complicated.


With friendly greetings, TheSaint-AeD

P. S.: Now I will hack the files to 1.3 Version, I'll keep you informed if I encounter any Problems, even if they are the same.

@File attachment - I decided to leave 1.2 as the Attached Version, as either 1.2 or 1.3 can be used;) Both take different avenues of hacking:)

@Errors - 1.2 & 1.3 versions updated:)

I used "X", because your userid might not be 1;)

Thanks for the positive feedback:)

Satan

I tried to update my 1.2 Version to 1.3 . As this Hack was the only installed Hack on my VB 2.2.7 I simply took user.php in an unchanged version and performed Step 7+8 aswell as the alternate options on the bottom. Now I get a blank screen if I try to log in the Lesser-Admin-CP on /admin2/index.php ?

Any suggestions?

Comment: I'm no Newbie and did exactly what was described in the hack.

Dear VB-Staff, I need help with the Problem stated above, I'm not able to find a solution to this, as I hacked everything like stated from Satan.

And I have some further Questions:

How is it possible, to give some Groups Access to the LA-CP (Lesser Admin CP) and not only the Group Co Admin? Can I simply add them as Lesser Admins over the ACP or do I have to hack every single Group?

ok.

I took a whole unmodified VBB 2.2.7 and applied the 1.3 Hack to be sure, I made no mistakes during the last tryout, and I encounter still the same problem: a blank screen on admin2/index.php

I didn't encounter this Problem in the previously applies 1.2 version, but I need the 1.3 Version as I want to ally my lesser Admins to create/change User Groups.

Hmmm...

I can suggest 2 things:

1 is that you did not hack global.php correctly...
2 is that you uploaded the files in ASCII mode, not Binary...;)

Satan

hmm...

1. I edited global.php exactly as told in your 1.3 file
2. I uploaded it in Binary...

Okay. I will edit global.php once again (for the third time) to make sure I did no mistakes. I'll keep you informed on the Progress.

Ok, I got it working now. There are no errors in Satan's Script. It was just, that I made some personal Changes to it because my Lesser Admins get more Options as in his Hack, and in theses changes made an error.

Sorry.

Thx again for this great Hack, Satan. In my Opinion, the most important Hack on hole vB.org

Lol...

Glad you found out what was wrong;) I know that there was that 2 bracket error in version 1.2 & 1.3, but that was pretty much all I could find as regards errors;)

If anyone has any suggestions for 1.4, or what have you, by all means make them:)

Satan

Do you know anything about vB3? Imo this should get a standart Feature to it as I never want a Board again without it!

Lol...

I doubt that will happen;)

I will update this for vB3 as soon as it is released, as I will still want the same kind of optionability...

Satan

Hmm I like this idea.. I would like to allow the admin to change member's usergroups.. But restrict them from adding specific ones. Will this hack allow for this? Also would like to prevent them from changing forum permissions.

Hmmm...

I will investigate into the usergroups bit:D

And the forum permissions...I shall get back to you;)

Satan

Thanks :) Seems sometimes admins like to give people access they shouldn't have.. Plus, I don't want anyone changing all the work I've done on the forums permissions.. :)

Right...

If you download Version 1.3 of this hack, it contains the instructions for allowing them to change users...

I will also be uploading an addon .txt file soon, with the instructions for just that...

As for the forum permissions...I recommend not adding that to the /admin2/ folder directory;)

Satan

why dont the pictures work?

Originally posted by Sengir
Hmm I like this idea.. I would like to allow the admin to change member's usergroups.. But restrict them from adding specific ones. Will this hack allow for this? Also would like to prevent them from changing forum permissions.

Customizing the lesser Admin Hack to your Board ist simple :)

If you want LA's zu be able to Change the Usergroup, simply undo all Changes from Step 7.

If you don't want LA's to be able to edit User-Groups as such, be sure the file "usergroup.php" isn't in /admin2/ and check /admin2/index.php for the NAV-Options (Step9) and be sure, to kill the Usergroup-Nav-Options ^^

Hope that helps you.

why when i editing some group i dont see the lesser admin option?

Did you run the MySQL Querry properly?

yes i did and its all working fine only when i editing another groups and leeser admin group i dont see the option of lesser admin but when i creating a new group i see it

Hmmm...

Are you sure that you made the changes to the "forum.php" file correctly?

@!!!cyr0n_k0r - Hmmm...They should work:confused:

Satan

Thanks for this awesome hack, but I have one question:
when you say open global.php (in step 6) you mean admin/global.php right?

arghhh nvm found it

man I cant login....can someone help?

bump?

this is the error message i get from my admin2 forum after installing and trying to look up a user:

There seems to have been a slight problem with the *********.com Forums database.
Please try again by pressing the refresh button in your browser.

An E-Mail has been dispatched to our Technical Staff, who you can also contact if the problem persists.

We apologise for any inconvenience.

i'm not sure what the problem is, but i haven't installed any mods on the lesser admin area at all. it's only with admin2/user.php as well.

any clues?

@Koss - The changes refer to the admin2/global.php file - Not the admin/global.php file

@dmark101 - Have you made sure to run the Queries?

Satan

i'd like the Lesser admin to be able to upload/modify avatars too...how can I add this option to their cp?

Originally posted by hellsatan
[B@dmark101 - Have you made sure to run the Queries?[/B]

i'm not entirely sure what you mean by this.


when i first installed this mod, it worked great. now, my lesser admins can access all of the other functions, but they cannot look up a user.

thanks.

Sorry...I wasnt thinking straight;)

A database error suggests one of two things:

a.) You have removed a hack, which affects the database and admin/user.php...You may have forgotten to remove the part of code in the admin2/user.php, and therefore it is trying to search the database for a field that doesnt exist...
b.) You have installed a new hack that affects admin/user.php, and havent made the changes to admin2/user.php...

:)

Satan

Tested this and all I get is a blank screen after uploading the files.

The "admin2/index.php" pages doesn't show up at all!

PS: and I did upload this in binary ... toggled every file from binary/ascii ... no luck! :(

That suggests to me that you didnt edit global.php in the admin2 folder;)

Satan

I did ... I'll show you the file ... check your pm's! ;)

Already noticed one thing:

//load config
require("./config.php");

Should be:

//load config
require("./../admin/config.php");

Other than that it looks ok:)

Satan

vB2.2.9 Update

Ok...

For 2.2.9, there is one thing that isnt included in this file change...

Now, there is an extra change to make to the new global.php file:

Find:
//load config
require("./config.php");

Replace with:
//load config
require("./../admin/config.php");

:)

Satan

Thanks for the fix ... worked well! :D

Thats ok!:)

I forgot to check for the vB updates;)

Now I should really update my admin2/global.php to the 2.2.9 one;)

Satan

Did you update the hack version?

Nope;)

I must do:)

Satan

The instructions for this hack are impossible :(

Sometimes you refer to the files just as they are, e.g. "index.php", and sometimes with directories, e.g. "/admin2/filename.php" - you never stick with one system, so I don't know which files to edit :(

Sorry...Unless I state /admin/, assume it is /admin2/:)

Satan

Thanks for the quick reply :)

Also there's a mistake in the instructions - search the txt file for

ismoderator,canpublicevent,,canpublicedit,canthrea drate,cantrackpm

(Note the double comma)

Also, in vB 2.2.9:


Find:

//load config
require("./config.php");

// init db **********************
// load db class
$dbservertype = strtolower($dbservertype);
$dbclassname="./db_$dbservertype.php";
require($dbclassname);

$DB_site=new DB_Sql_vb;

$DB_site->appname="vBulletin Control Panel";
$DB_site->appshortname="vBulletin (cp)";
$DB_site->database=$dbname;
$DB_site->server=$servername;
$DB_site->user=$dbusername;
$DB_site->password=$dbpassword;


In vB 2.2.9 you won't be able to find that bit of code. The config.php part is higher up in the file.

And it doesn't work!! :'(

Trying to log in at forum/admin2 - and it just takes me back to admin2/index.php :S

Firstly - There is such a thing as an "edit" button;)

Secondly - I explained about this and vB 2.2.9 - This was not originally designed to work with 2.2.9, as this pre-dates the vBulletin XSS Fix era...I have tried to fix it;)

Thirdly - It does work - See on my site: http://www.darkblazes.com/forums/hackcp/ (i designed it for a hack i released, then had to close it due to people editing the hack stuff)

Fourthly - I will try and help you as best I can...

Satan

This version should be compatible with vB 2.2.9...I am not 100% sure, but in theory & on my board it works:)

Download it below!

Satan

Using vb2.2.9 and it works fine for me ...

Thanks Satan!

Originally posted by hellsatan
Firstly - There is such a thing as an "edit" button;)

Secondly - I explained about this and vB 2.2.9 - This was not originally designed to work with 2.2.9, as this pre-dates the vBulletin XSS Fix era...I have tried to fix it;)

Thirdly - It does work - See on my site: http://www.darkblazes.com/forums/hackcp/ (i designed it for a hack i released, then had to close it due to people editing the hack stuff)

Fourthly - I will try and help you as best I can...

Satan

lol, sorry - my vBulletin etiquette has been getting sloppy of late...

Great hack, I got it working in the end - my mistake was creating a "Lesser Admin" group before I had actually uploaded the code... :(

I didn't like the idea of my lesser admins being able to add smilies - knowing them they would add 500x400 sized pictures of historian's heads, so I got rid of a lot of things - instead I added IP & Email banning features from options.php. :D

Ok cool:)

Glad it works;)

Satan

Awesome idea for a hack hellsatan, I'm going to write something close to this on my own so it fits more with my forums. Thanks for the idea!

Lol your welcome Mystis:)

Satan

A very nice hack. Thank you.

Your welcome hamed:)

Satan

sweet hack, just what I have been looking for :D

good work! :cool:

Thanks:)

Satan

I just wanted to let you know again how much I appreciate you working in this for all of us. I Love it, its been a huge help :D

You are welcome Julie:)

Glad it's useful;):)

Satan

hellsatan, very nice hack, just wanted to ask something. Will you make a vbhacker version of it for vbulletin 2.2.9? Also, can you make this another modification, that the head admins can allow the lesser admins which options they should have? Like, say they can't edit users, but they can edit templates, or they can't edit usergroups but they can edit users, all that should be allowed to be changed from the Head Admins Control Panel? If possible, please consider it..

Heh, Nevermind my last post, I made some modifications and gave the Lesser Admin some more options which cannot affect the head admins :) and cannot harm the boards in anyway..

I want to thank you for taking some time out and helping out newsbies like myself to protect our boards, thank you very much hellsatan!! ;)

No problems AVio 07:)

Satan

I installed this Hack with the instruktions at the top of the Threat.
Version 1.4
Now I have

Parse error: parse error, unexpected $ in /www/htdocs/huppe/forum/admin2/global.php on line 271

Fatal error: Call to undefined function: adminlog() in /www/htdocs/huppe/forum/admin2/index.php on line 7


and i down now what i`m doing wrong!

Is here sombody woh can fix my great Problem?



oI use vb 2.2.9 vb

I have read all in this threat but nothing work!

grml

can sombody help me?

in the global.php:

there stand the following:

$url=ereg_replace("\\?s=[a-z0-9]{32}","",$url);

and in the index.php

adminlog();

I dunno, but whenever someone makes such types of hacks, why do they all leave out the ability for mods to change other peoples avatars?

I am looking for a hack which does this, and since you seem to have the one with the most features, can you please possibly implement this too? It would be so great

Thanks in advance.

Dose this hack file work fine in VBB 2.3.0 ?

@ego - Can you please post the code around line 271 in admin2/global.php here;)

@geniuscrew - Well...They can update avatars, as long as they are Co-Admins, and you copy the user.php file from the /admin/ folder, with the changes I suggested made to the copy (if you arent sure what they are, just read my "Total Admin Security (https://vborg.vbsupport.ru/showthread.php?s=&threadid=40738)" hack)...If you are looking for this ability for moderators, you might want to try Xenon's "Mods can edit Users (https://vborg.vbsupport.ru/showthread.php?s=&threadid=42096)" hack...

@emuchina - I haven't tested it on vB2.3.0, but I don't see any reason why it wouldn't - I will download a new version of vB2.3.0, and test it on my local board, and see if it does:)

Satan

Thanks for the tips satan :)

Your welcome:)

Satan

i am having problems with this .... it is a gr8 hack just what i wanted :)

i think i have hacked it correctly i go over hacks alot ... but there is always room for error

ok my problem is that when i try to log in the lesser admin2 index.php it says "You are either not a valid administrator or have not logged in"

i have set it so my super mods are lesser cp admins .... and i also added my admin group to it just incase

i cant log in with my admin pass or with my test super mod !!!

can you tell me what i am doing wrong ... i run vb 2.2.9

thanks for your help i have another question but i will wait untill i can log in first !!

i had a user group problem :)

fixed it :)

but why cant normal admins log in there ????

Awesome! Thanks alot.

how comes when i click the remove user i can remove an admin no matter even if i add his userid to the

if ($userid==X) {
echo "<p>You cannot delete this Admin.</p>";
cpfooter();
exit;
}

???? can anyone help if i try to change him in anyway then it wont allow me to but if i use the remove userlink in the useful links section PFFF GONE

please help i cant use this until i fix it :(

*BUMP

is this hack still being supported ???

??????

Hi, I found that Lesser Admin does not have all the options that Admin have in Control Panel. Should I copy all the files from admin to admin2 directory. And then, copy again all modified files to admin2? Can it work? Is there any other way so that I don't have to duplicate same files? Please help me. Thanks.

@MickieD - I don't have time to offer full-time support - It takes a few days for me to get here and read the posts and reply;)

Firstly, what file are you adding the remove protection code to?

Secondly, what part of the file are you adding it to?

Thirdly, you have to enable Admins to be able to access it in the usergroup file, otherwise they will be treated as an un-wanted user, and wont be able to login...

@soccerclue - If you mean modified user.php files, then you can copy the file to the admin2 directory, then apply the changes I suggested!:)

I only included instructions for a few of the admin files - If you want them to be able to do more, you can upload the files to the admin2 directory, and add them to the admin2/index.php file:)

Satan

not all the links in the co-admin work after i got it installed
some work and other dont

[edit]i figured it out[edit]

Ok cool:)

Satan

great hack
clicks install

hi satan,

what should I do actually if I want to make my Lesser Admin can have all the options that I want except that they cannot degrade my status and I don't want Lesser Admin to promote people to Admin or degrade Lesser Admin to lower status. Like I asked previously, should I copy all the files in admin folder to admin2 folders? Is there any other way so that I don't need to duplicate all the files? Hope you can help me. Thanks.

i now have a supermod cp :cool:

Your other alternative to that would be to make the user an admin, and just apply the hack I released called "Total Admin Security", which is incorporated into this hack:)

@sabret00the;) Cool - Me too:D (I have too many usergroups now though:s lol)

Satan

hours and hours I have been trying to install your lesser admin cp ... and when trying to change any aspect of a usergroup now I always get an sql error returned

I have installed 1.4 on a 2.2.9 - and went through the entire installation several times ... Always sql error 1064 in usergroups.php

edited:
no clue how I did it - but this time it works ;)

One more question though - is your security hack included in 1.4 - or do I still have to install it? Since I dont want anyone besides the admin edit anything in the admin accounts

1.4 does include the security:)

Satan

I have re-written the Version 1.4 files, and they are to be attached here:)

This file:
install_lesseradmincp_txt.php

Satan

I have re-written the Version 1.4 files, and they are to be attached here:)

This file:
install_lesseradmincp_usergroups_txt.php

Satan

Gonna give it a try later, this hack will be extremely useful for me ;)

Glad you like it:)

Satan

Your instructions say...


find:
-----

//load config
require("./config.php");

// init db **********************
// load db class
$dbservertype = strtolower($dbservertype);
$dbclassname="./db_$dbservertype.php";
require($dbclassname);

$DB_site=new DB_Sql_vb;

$DB_site->appname="vBulletin Control Panel";
$DB_site->appshortname="vBulletin (cp)";
$DB_site->database=$dbname;
$DB_site->server=$servername;
$DB_site->user=$dbusername;
$DB_site->password=$dbpassword;

replace with:
-------------

//load config
require("./../admin/config.php");

// init db **********************
// load db class
$dbclassname="./../admin/db_$dbservertype.php";
require($dbclassname);

$DB_site=new DB_Sql_vb;

$DB_site->appname="vBulletin Admin Control Panel";
$DB_site->appshortname="vBulletin (mcp)";
$DB_site->database=$dbname;
$DB_site->server=$servername;
$DB_site->user=$dbusername;
$DB_site->password=$dbpassword;
$DB_site->connect();

---------------------------


But that code doesn't exist. The code looks (in 2.2.9) like this...


//load config
require("./config.php");
if ($debug != 1) {
unset($showqueries);
unset($explain);
}

// init db **********************
// load db class
$dbservertype = strtolower($dbservertype);
$dbclassname="./db_$dbservertype.php";
require($dbclassname);

$DB_site=new DB_Sql_vb;

$DB_site->appname="vBulletin Control Panel";
$DB_site->appshortname="vBulletin (cp)";
$DB_site->database=$dbname;
$DB_site->server=$servername;
$DB_site->user=$dbusername;
$DB_site->password=$dbpassword;

$DB_site->connect();


Your instructions would mean you have 2 connect statements in the final code. Also, you have removed the debug lines and the "$dbservertype" line? What's going on?

@disfitness - That was probably by accident that I removed the
$dbservertype = strtolower($dbservertype);
line...

How do you get 2 connect statements?:confused:

Satan

Sounds great - but the screenshots kinda don't show nothingnew to me...

Hmmm...

There isn't really much they can show other than what they do;)

Satan

if i want them to be able to un-ban or ban some one how can i do this

Do you mean via vBulletin options?

Satan

Today at 08:25 AM hellsatan said this in Post #178 (https://vborg.vbsupport.ru/showthread.php?postid=399786#post399786)
Do you mean via vBulletin options?

Satan
yes i would like the co-admins to be able to ban and unban via the admin2 CP

I believe there already is a hack for vBulletin options which restricts it to certain functions...

You could copy the options.php file to the admin2, then install that on that file:)

Satan

you want me just to copy it?
i did that and nothing
i have no option to ban or unban any where

It is under the "banning options" header;)

Satan

i see no baning option at all

Really?:eek:

Do you not have:

[Edit Options]
[IP Logging Options]
[Floodcheck Options]
[Banning Options]

Satan

[edit]yes i do[edit]

but i want to have it where i can ban by user name or id
not by ip

is there a way you can make a addon for it like the hack
SuperMods can Unban from ModCP!

except make it for the co-admin
co-admins can Unban from admin2 CP!

If you install version 1.4 (usergroup) version, they can do just that:)

Satan

Sickass hack. better then the one i added...

05-29-03 at 06:31 AM hellsatan said this in Post #187 (https://vborg.vbsupport.ru/showthread.php?postid=401485#post401485)
If you install version 1.4 (usergroup) version, they can do just that:)

Satan
i did not see this option to ban and un-ban and user
(not ip) user or user id

i cant find the sreens :(

now since i install the 1.4
my co-admins cant change any thing in some one profile
need help

Who's profile are they trying to edit?

Satan

any bodies except the admin

If they are trying to edit another co-admin, they cannot...

Satan

ok i fixed that problem
and i really hate to bug you
but they cant edit any bodies post

Did you make them a Super Moderator?

Satan

i got it
thanx

No problems;):)

Satan

i re-installed it and moded it a little
i left some of it the same and only changed it like this
so co-admins could not add or move people to or from the Administrators usergroup

in admin2/user
find
// ###################### Start do update #######################
if ($HTTP_POST_VARS['action']=="doupdate") {
add under
if (($userid==1) and ($bbuserinfo[userid]!=1)) {
echo "<p>You cannot update this Admin.</p>";
cpfooter();
exit;
}
if (($usergroupid==6) and ($bbusergroupinfo[usergroupid]!=6)) {
echo "<p>You cannot make this person Admin.</p>";
cpfooter();
exit;
}


find
// ###################### Start Kill #######################

if ($HTTP_POST_VARS['action']=="kill") {
and add under
if ($userid==1) {
echo "<p>You cannot delete this Admin.</p>";
cpfooter();
exit;
}
if ($usergroupid==6) {
echo "<p>You cannot delete this Admin.</p>";
cpfooter();
exit;
}{
the rest i left the same

this is what it looks like well you click on a user
http://www.monstergamer.net/stuff/1.gif

dropdown box
http://www.monstergamer.net/stuff/2.gif

when they try to edit the admin
http://www.monstergamer.net/stuff/3.gif

when they try to move some one in to the Administrators usergroup
http://www.monstergamer.net/stuff/move.gif

Indeed:)

I actually forgot to re-add this part to version 1.4, but I will re-add it if I do a version 1.5:)

Satan

I am not really good at php yet but I am learning
I did not know that this was all ready add in the pre...versions
when well 1.5 be out?

I am not really sure;)

Hopefully soon:)

Satan

Coudl ypu update your screenshots?

Your screenshot links aren't working. Giving errors :(

Ah sorry - I installed hotlinking protection, and forgot to add vBulletin.com/.org to the allowed list;):)

Satan

Could you add an auto prine function for "adminlog" table?

I'm sorry?:eek:

Satan

This is a good hack.. Before I saw this hack, I just added this to the top of all files that I wanted to restrict:

if ($bbuserinfo[userid] !=1){
echo "Restricted area.";
exit;
}

But with this hack my co-admins won't even see functions which they cannot use, so it doesn't appear as if I don't trust them.

Nice work!

As requested, a .zip file containing both install files:)

Satan

I hate to post this here... I installed the hack and my forums still work, admin panel still works... but for some reason whenever someone tries to login to the lesser admin cp, it just refreshes the login page... :-/

Oh yes i have the same problem

What version of vB are you running?

Satan

I'm running 2.2.9 until I get around to downloading 2.3.0...

08-05-03 at 09:52 PM hellsatan said this in Post #213 (https://vborg.vbsupport.ru/showthread.php?postid=423522#post423522)
What version of vB are you running?

Satan


Version 2.3.0

I am gonna try this...wish me luck.

I get this error when I try to access the admin2 page:

Warning: main(./config.php) [function.main]: failed to create stream: No such file or directory in /home/cartfan/public_html/forums/admin2/global.php on line 96

Got it to work! Thank you so much for this hack, my mods love it, and I feel safe.

You are the man!

HellSatan.

I am looking to modify this hack so only MODS or CERTAIN usergroups can access CERTAIN templates or styles. Can this be done with your hack? For example, i am looking for my Usergroup " MUSIC MANIACS " to be able to edit the templates and styles of the " MUSIC FORUM" ONLY and NO ONE else's.

Is there anyway to make this possible?

Running version 2.3.2. This is the error I keep getting. Please Help.

Invalid SQL: INSERT INTO usergroup (usergroupid,title,usertitle,cancontrolpanel,canmo difyprofile,canviewmembers,can view,showgroup,cansearch,canemail,canpostnew, canmove,canopenclose,candeletethread,canreplyown,c anreplyothers,canviewothers,ca neditpost,candeletepost,canusepm,canpostpoll, canvote,canpostattachment,ismoderator,canaccesscoa dmin,canpublicevent,canpublice dit,canthreadrate,cantrackpm,candenypmreceipt s,maxbuddypm,maxforwardpm,canwhosonline,canwhosonl ineip,cangetattachment)
VALUES (NULL,'Archangels','',0,1,1,1,1,1,1,1,1,1,1,1,1,1, editpost,1,1,1,1,1,0,1,1,1,1,1,1,0,0,1,1, attachment)
mysql error: You have an error in your SQL syntax near 's,maxbuddypm,maxforwardpm,canwhosonline,canwhoson lineip,cangetattachment)
VALUE' at line 1

mysql error number: 1064

HellSatan... Is there a way to make this hack so Certain Usergroups can ONLY edit certain Styles? Im trying to only allow Usergroup (A) to modify style set #2 and allow UserGroup (B) to modify style set #5. Since those usergroups are admins of those certainstyle IDs.

I really need assistance with this HellSatan. Thanks alot.

Running version 2.3.2. This is the error I keep getting. Please Help.

Invalid SQL: INSERT INTO usergroup (usergroupid,title,usertitle,cancontrolpanel,canmo difyprofile,canviewmembers,canview,showgroup,canse arch,canemail,canpostnew, canmove,canopenclose,candeletethread,canreplyown,c anreplyothers,canviewothers,caneditpost,candeletep ost,canusepm,canpostpoll, canvote,canpostattachment,ismoderator,canaccesscoa dmin,canpublicevent,canpublicedit,canthreadrate,ca ntrackpm,candenypmreceipt s,maxbuddypm,maxforwardpm,canwhosonline,canwhosonl ineip,cangetattachment)
VALUES (NULL,'Archangels','',0,1,1,1,1,1,1,1,1,1,1,1,1,1, editpost,1,1,1,1,1,0,1,1,1,1,1,1,0,0,1,1, attachment)
mysql error: You have an error in your SQL syntax near 's,maxbuddypm,maxforwardpm,canwhosonline,canwhoson lineip,cangetattachment)
VALUE' at line 1

mysql error number: 1064



I goth the same problem. i am yousing vb 2.3.4. is there some one that can help us. thanks.

Error found, There was som wrong with the line in user.php. Just re hack user.php. an and find the spaces inn on of the line, remove it, ant it works. :)

Thanks for this nice hack.

Any idea what part of the code those spaces are in????????? Thanks for the help!

installed it and go this error... any help please!

Database error in vBulletin Control Panel 2.3.3:

Invalid SQL: UPDATE usergroup SET title='Co-Admins',usertitle='Co-Admin',cancontrolpanel=0,canmodifyprofile= odifyprofile,canviewmembers=1,canview=1,showgroup= 1,cansearch=1,canemail=$ canemail,canpostnew=1,canmove=1,canopenclose=1,can deletethread=1,canreplyown= replyown,canreplyothers=1,canviewothers=1,caneditp ost=1,candeletepost=1,ca nusepm=1,canpostpoll=1,canvote=1,canpostattachment =1,ismoderator=0,cana ccesscoadmin=1,canpublicedit=0,canpublicevent=0,ca nthreadrate=1,cantr ackpm=1,candenypmreceipts=1,maxbuddypm=0,maxforwar dpm=0,canwhosonline= osonline,canwhosonlineip=1,cangetattachment=1 WHERE usergroupid=8
mysql error: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'canemail,canpostnew=1,canmove=1,canopenclose=1,ca ndeletethread=

mysql error number: 1064

Date: Sunday 18th of April 2004 03:37:00 AM
Script: http://www.punchlinekings.com/forums/forums/admin/usergroup.php
Referer: http://www.punchlinekings.com/forums/admin/usergroup.php?action=edit&usergroupid=8

Is there a current mod like this? Im assuming that its NOT compatable with 3.5.4. lol

In 3.5.x the admin permissions allow you to deny access from parts of your ACP such as the users, styles, phrases, plugin manager, etc. It also hides the options from those who do not have permission to view them. Therefore there is no need to use a mod such as this with the permissions set in place.

Thank You!! vb just keeps getting better and better! I need to do some poking anround lol but didnt want to change anything before I Impek :) Thanks for fast responce!