vb.org Archive - Why am I not authorised?

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- vB4 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=251)

- - Why am I not authorised? (https://vborg.vbsupport.ru/showthread.php?t=314608)

gajinoz

09-30-2014 10:44 PM

Why am I not authorised?

In the AdminCP there is an item under Maintenance to execute an SQL query. However, if I try to do that I'm told I'm not authorised.

Why is this?

kh99	09-30-2014 10:53 PM

In your config.php file, there's a $config['SpecialUsers']['canrunqueries'] setting. You have to add your userid to that to be able to run queries.

ozzy47

09-30-2014 10:54 PM

You need to set your userid in the includes/config.php file.

Code:

    //    ****** USERS WITH QUERY RUNNING PERMISSIONS ******

    //    The users specified here will be allowed to run queries from the control panel.

    //    See the above entries for more information on the format.

    //    Please note that the ability to run queries is quite powerful. You may wish

    //    to remove all user IDs from this list for security reasons.

$config['SpecialUsers']['canrunqueries'] = '1';

Change 1 to your userid

gajinoz

09-30-2014 10:56 PM

Ahh.. now I understand, thank you.

ozzy47

09-30-2014 11:06 PM

Not a problem. :)

Max Taxable

10-01-2014 12:03 AM

When you're done with your query, de-permission yourself from making queries. I suggest that because it is a security feature - if some cracker gets in your account you don't want him/her having query powers.

tbworld

10-01-2014 12:41 AM

Quote:

Originally Posted by Max Taxable (Post 2517151)

@Max Taxable, I could not like your post, so I am doing that now. :)

It isn't difficult to get around, but it will keep the kiddies at bay. As an option, if you are on a fixed IP then you can use a PHP conditional/construct in the config.php file to check for your IP.

Max Taxable

10-01-2014 12:47 AM

Quote:

Originally Posted by tbworld (Post 2517152)

Yeah I mean, yes it might be a pain in the butt to change it every time. But it is there to inhibit the little cracker or script kiddie who might get into your admin account.

If it's a more skilled attacker, he doesn't need to crack passwords and your config settings won't matter a whole heckuva lot.

All times are GMT. The time now is 03:05 PM.

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01188 seconds Memory Usage 1,726KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)bbcode_code_printable (2)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_navbar_search (1)printthread (8)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: