Thanks for sharing this FatalBreeze.
Just a few remarks:
- Could you rename the install.php to install.txt, so people know it is just a text file.
- I would add support for a list of id's in '$useridofsuper', or just use the config.php variable '$superadministrators'.
- Are you Dr. PHP?
- Prefix all the tablenames in queries with ' " . TABLE_PREFIX . " '
PHP Code:
$id = $DB_site->query_first("SELECT userid FROM user WHERE username = '$user'");
To avoid SQL-Injections change to:
PHP Code:
$id = $DB_site->query_first("SELECT userid FROM user WHERE username = '" . addslashes($user) . "'");
Same goes for the second query on username.