I had this idea for a hack that will allow the users listed in the undeletable users variable in config.php will be allowed to edit themselves.

I attempted this hack, but I got a Fatal error in PHP.

If you would like to help or make this hack then please, do so. :)

Okay I'm almost done give me 5 minutes for instructions :)

Then if someone ever does hack your account, they can really mess things up. I would be wary about any hack that does this. ;)

It's a 'use-at-your-own-risk' hack.

Also if someone managed to hack your account then I'd think you have worse things to worry about :)

<a href="https://vborg.vbsupport.ru/showthread.php?p=484488#post484488" target="_blank">https://vborg.vbsupport.ru/showt...488#post484488</a>

It's a 'use-at-your-own-risk' hack.

Also if someone managed to hack your account then I'd think you have worse things to worry about :)

Yeah, like how (with your hack for this) to get my access back when they change my password. And it doesn't have to be a hacker. It can be one of your "trusted" co-Admins that you shared things you shouldn't have with.

Yeah, like how (with your hack for this) to get my access back when they change my password. And it doesn't have to be a hacker. It can be one of your "trusted" co-Admins that you shared things you shouldn't have with.
phpMyAdmin, or telnet/SSH> mysql CLI ...

In addition, as Jasper Johannsen [Security Engineer with microsoft] says ...

"The best solution to an employee who is doing things they shouldn't - make them an ex-employee."

True, but how much damage can they do before you find out about it? That's the reason they made the $nodelete variable in the config.php. All it takes is once for things to be unrecoverable. Better safe than sorry.

True, but how much damage can they do before you find out about it? That's the reason they made the $nodelete variable in the config.php. All it takes is once for things to be unrecoverable. Better safe than sorry.
I'm betting that many admins who trust another admin will also give their FTP info. Once you have FTP info, you basically can do anything you want, even remove the admin from $nodelete variable.

I'm betting that many admins who trust another admin will also give their FTP info. Once you have FTP info, you basically can do anything you want, even remove the admin from $nodelete variable.

Then you'd lose that bet. Most Admins won't go that far, for just that reason. But a few of them were surprised to see they couldn't log on after one of their co-Admins turned on them and changed the password in their account. Didn't you read any of the pre-vB3 messages here?

Then you'd lose that bet. Most Admins won't go that far, for just that reason. But a few of them were surprised to see they couldn't log on after one of their co-Admins turned on them and changed the password in their account. Didn't you read any of the pre-vB3 messages here?
I never said most admins though now did I? ;)

I don't know of very many Admins that would be that careless or trusting with their FTP info. I think few or almost none would have been a better way to word it.