Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 2.x > vBulletin 2.x Full Releases
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Restrict Modification of Main Options to Head Administrator 1.01 Details »»
Restrict Modification of Main Options to Head Administrator 1.01
Version: 1.00, by N9ne N9ne is offline
Developer Last Online: Jul 2019 Show Printable Version Email this Page

Version: 2.3.x Rating:
Released: 02-16-2003 Last Update: Never Installs: 30
 
No support by the author.

-------------------------------------------------------------------------
Only head admin can modify main options in the adminCP hack
by N9ne, on Feb 17 2003, Copyright 2003.
-------------------------------------------------------------------------

-------------------------------------------------------------------------
For: 2.2.x and 2.3.x
-------------------------------------------------------------------------

I believe the hack's name is quite descriptive and self explanatory.

Just a simple hack, requested by TheMayhem.

Just thought i'd post it here incase anyone else is worried what other admins might do while editing the options page (can do a lot of damage there!).

Open attached file in a text editor for instructions.

Hack updated [March 17th 2003]
- Now with cleaner coding. Should work for all.

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #12  
Old 02-20-2003, 07:53 AM
Zelda-King's Avatar
Zelda-King Zelda-King is offline
 
Join Date: Nov 2002
Location: London, England
Posts: 674
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Yes, that works on vB 2.2.9 also. I'm reluctant to keep the hack activated because I want the other admins to be able to IP ban but if they go screwing with my settings, BAM!
Reply With Quote
  #13  
Old 03-17-2003, 04:47 PM
N9ne N9ne is offline
 
Join Date: Feb 2002
Posts: 1,495
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Ok I've updated this hack with cleaner code now, I'm using !$bbuserinfo['userid']=="1" instead of !$userinfo[userid]==1

This should work in 2.x.x
Reply With Quote
  #14  
Old 03-17-2003, 05:41 PM
Dean C's Avatar
Dean C Dean C is offline
 
Join Date: Jan 2002
Location: England
Posts: 9,071
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

n9ne this is not the best way of doing it. You should add a query to run which adds an option to the admin options where you can set who can edit the main options. Then after that it will create a global variable in which you can specify the userid instead of assuming that the userid of the main admin is always 1

- miSt
Reply With Quote
  #15  
Old 03-17-2003, 06:34 PM
N9ne N9ne is offline
 
Join Date: Feb 2002
Posts: 1,495
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Actually, while the hacker is hacking his board, he can just change the userid to his userid. It's easier that way Mist.

Since when am I assuming that the userid of the main admin is 1? It's there to be edited.

Adding an option is risky, as other admins may view that page, and change it, before the head admin has time to get to the page while hacking.

Also, admins who have phpMyAdmin access or access to the database can easily change this to reflect a different userid, so they gain access again, and they will then most likely use it maliciously.

The best way is to keep it in the file.
Reply With Quote
  #16  
Old 04-13-2003, 03:18 AM
jusunlee jusunlee is offline
 
Join Date: Dec 2002
Posts: 1
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

the restriction does not seem to work at all, all userids will still be able to access admin options. heres the edited one that works:

PHP Code:
if ($bbuserinfo['userid']!="1") {
    echo 
"You cannot access this page.";
    exit;

Reply With Quote
  #17  
Old 04-13-2003, 10:56 AM
N9ne N9ne is offline
 
Join Date: Feb 2002
Posts: 1,495
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

jusunlee, works fine for me...
Reply With Quote
  #18  
Old 04-27-2003, 12:15 AM
csidlernet csidlernet is offline
 
Join Date: Apr 2003
Location: sydney
Posts: 183
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

on jusunlee
last post.. doesn't that code mean it stops the person with user id 1, accessing it?
Reply With Quote
  #19  
Old 05-06-2003, 01:55 PM
SemperFidelis SemperFidelis is offline
 
Join Date: May 2002
Posts: 188
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Not a bad idea
Would it also be a good idea to add something to /admin/setting.php as well ?
Plenty of damage can be done there too.
Reply With Quote
  #20  
Old 06-04-2003, 09:22 PM
-Sidekick- -Sidekick- is offline
 
Join Date: May 2002
Location: Cudahy, Wi
Posts: 110
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I'm sure N9ne's phrasing works though Jun's is correct and is the way I've always phrased something to this effect.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 11:05 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04672 seconds
  • Memory Usage 2,291KB
  • Queries Executed 26 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_php
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (9)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete