vb.org Archive - Restrict Modification of Main Options to Head Administrator 1.01

Page 2 of 2

Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- vBulletin 2.x Full Releases (https://vborg.vbsupport.ru/forumdisplay.php?f=4)

- - Restrict Modification of Main Options to Head Administrator 1.01 (https://vborg.vbsupport.ru/showthread.php?t=49006)

Zelda-King

02-20-2003 07:53 AM

Yes, that works on vB 2.2.9 also. I'm reluctant to keep the hack activated because I want the other admins to be able to IP ban but if they go screwing with my settings, BAM!

N9ne	03-17-2003 04:47 PM

Ok I've updated this hack with cleaner code now, I'm using !$bbuserinfo['userid']=="1" instead of !$userinfo[userid]==1

This should work in 2.x.x

Dean C

03-17-2003 05:41 PM

n9ne this is not the best way of doing it. You should add a query to run which adds an option to the admin options where you can set who can edit the main options. Then after that it will create a global variable in which you can specify the userid instead of assuming that the userid of the main admin is always 1 :)

- miSt

N9ne	03-17-2003 06:34 PM

Actually, while the hacker is hacking his board, he can just change the userid to his userid. It's easier that way Mist.

Since when am I assuming that the userid of the main admin is 1? It's there to be edited.

Adding an option is risky, as other admins may view that page, and change it, before the head admin has time to get to the page while hacking.

Also, admins who have phpMyAdmin access or access to the database can easily change this to reflect a different userid, so they gain access again, and they will then most likely use it maliciously.

The best way is to keep it in the file.

jusunlee

04-13-2003 03:18 AM

the restriction does not seem to work at all, all userids will still be able to access admin options. heres the edited one that works:

PHP Code:


		
			
if ($bbuserinfo['userid']!="1") {

    echo "You cannot access this page.";

    exit;

}

N9ne	04-13-2003 10:56 AM

jusunlee, works fine for me...

csidlernet

04-27-2003 12:15 AM

on jusunlee
last post.. doesn't that code mean it stops the person with user id 1, accessing it?

SemperFidelis

05-06-2003 01:55 PM

Not a bad idea
Would it also be a good idea to add something to /admin/setting.php as well ?
Plenty of damage can be done there too.

-Sidekick-

06-04-2003 09:22 PM

I'm sure N9ne's phrasing works though Jun's is correct and is the way I've always phrased something to this effect.

All times are GMT. The time now is 06:14 AM.

Page 2 of 2

Show 40 post(s) from this thread on one page

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01522 seconds Memory Usage 1,726KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)bbcode_php_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)pagenav (1)pagenav_curpage (1)pagenav_pagelink (1)post_thanks_navbar_search (1)printthread (9)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start pagenav_page pagenav_complete bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: