In config.php just like it has for example

$canviewadminlog = '1';

is it possible to make a hack where members can only be an admin if there listed there? Like

$canbeadmin = '1,2,3';

for example? Then if some one get's in to the admin, they can not create other admin accounts.

I don't know how yet, but yesterday, twice some one got in my admincp and created a new administrator.

This is pretty easy:

At the end of admincp/global.php (before the comment) place:


if (!in_array($bbuserinfo['userid'], explode(',', $canbeadmin))
{
print_cp_no_permission();
}


Then nobody except these UserIDs can get into Admin CP.

In config.php just like it has for example

$canviewadminlog = '1';

is it possible to make a hack where members can only be an admin if there listed there? Like

$canbeadmin = '1,2,3';

for example? Then if some one get's in to the admin, they can not create other admin accounts.

I don't know how yet, but yesterday, twice some one got in my admincpand created a new administrator. If i recall, if they are not asuperadmin, they can not make someone an admin. Also you can controlwhat CP access other admins have, including usergroup.

And if they are doing it through your account (Which I'm sure they're not) you need a harder password.

This is pretty easy:

At the end of admincp/global.php (before the comment) place:


if (!in_array($bbuserinfo['userid'], explode(',', $canbeadmin))
{
print_cp_no_permission();
}


Then nobody except these UserIDs can get into Admin CP.

cool. although doesn't the user permissions take care of that, if Not I think I might add that. :)