Version: 1.00, by TECK
Developer Last Online: Nov 2023
Version: 2.2.x
Rating:
Released: 07-06-2002
Last Update: Never
Installs: 36
No support by the author.
This hack will let you NOT allow certain users to edit your administrator usernames properties and also other options you want to restrict access to, for example editing the templates.
I recommend you to enable only the ones you really trust, that means only yourself.
[high]UPDATE[/high]
The hack was updated. It was fixed the problem I had with editing yourself of all users.
NOTE: FireFly posted also another way of doing this, few posts below.
In my hack, I also explained how to stop other admins to edit other options, for example the templates.
You like this hack? Please click on the [high]Install[/high] button.
To download the latest version of this hack, click below:
Show Your Support
This modification may not be copied, reproduced or published elsewhere without author's permission.
Originally posted by FireFly Call me crazy but according to this you will not be able to edit ANY user (regular included), if you are not listed in config.php.
helpppppppppppp!!!! firefly is kicking my ass!!!!!
i will mod it rightaway chen. you are sooooooooo right. sorry.
testing it right now...
ok i updated the file. i looked at firefly's mod. i never thought of it this way.
thanks chen.
chen, can you also look at my way of doing it, with same results? let me know what you think.
also i added other code options related to templates for example, on how to disable the access. is all included in the first post.
Originally posted by g-force2k2 I guess it was correct after all just shows it helps to learn from reading different vb files
actually, it must be unset in global.php and NOT in user.php, so we were wrong both. thanks to chen, who told me why is done this way, i understood finally the way it works to unset a variable.
Originally posted by Nakkid actually, it must be unset in global.php and NOT in user.php, so we were wrong both. thanks to chen, who told me why is done this way, i understood finally the way it works to unset a variable.
Actually, you can unset the variable in user.php, before requiring global.php.
+-----------------------------------------------+
| 1. Find this code:
+--------------------------------------------------------------------------+
if ($HTTP_POST_VARS['action']=="doupdate") {
+--------------------------------------------------------------------------+
|
+-----------------------------------------------+
| Replace it with:
+--------------------------------------------------------------------------+
if ($HTTP_POST_VARS['action']=="doupdate") {
if (!in_array($bbuserinfo['userid'],array($caneditadmin)) and in_array($userid,array($caneditadmin))) {
echo "<p>You are not allowed to edit this user</p>";
exit;
}
+--------------------------------------------------------------------------+
That means you (a) won't be able to edit ANY user, and (b) will not work if you have more than one user listed in $caneditadmin.