I searched the forums and couldn't find anything quite like this, so I figured I'd share this simple little modification.

This is a VERY simple hack I implemented on my forum so that we could prevent other administrators from modifying other admins user accounts.

It works by simply bypassing the Undeleteable Check in /admincp/user.php if the currently logged in user is in the superadministrator list in /includes/config.php.

By doing this, you can put all your admins or other users in the Undeleteable catagory for account protection while still allowing them to be altered by a master administrator.

They can still update and change their profile via the UserCP, they just wont be able to modify their account via AdminCP.

Please note, I'm not a coder.. more of modifier, so I cannot guarantee that this will not have any unforseen and less than desirable side effects. If any of you know of a reason that this is a bad idea, please post. Otherwise, hopefully someone else can find this useful.


Instructions:


in /admincp/user.php
Find this:

$noalter = explode(',', $undeletableusers);
if (!empty($noalter[0]) AND in_array($userid, $noalter))
{
print_stop_message('user_is_protected_from_alterat ion_by_undeletableusers_var');
}


Replace with this:

if (in_array($bbuserinfo['userid'], preg_split('#\s*,\s*#s', $superadministrators, -1, PREG_SPLIT_NO_EMPTY)))
{
//do nothing
}
else
{
$noalter = explode(',', $undeletableusers);
if (!empty($noalter[0]) AND in_array($userid, $noalter))
{
print_stop_message('user_is_protected_from_alterat ion_by_undeletableusers_var');
}
}



Now just open your /includes/config.php file and add the UID's of your undeletables and Superadministrators.


Thats it.

If I am not mistaken there is already a hack for this..not sure though..either way great hack man

~Curt

The one you're talking about is for 3.5, isn't it? ;)

I dont think so..I thought there was one for 3.0.X..not sure though..you know me boofo ( I ALMOST says boobfoo :P )

~Curt