News:

SMF 2.1.4 has been released! Take it for a spin! Read more.

Main Menu

Deleting main admin...

Started by Tristan Perry, September 09, 2004, 12:58:18 PM

Previous topic - Next topic

Tristan Perry

Hello,
  I am wondering the following, is it possible for an additional admin or a GMod with the correct permissions, to delete the main admin (E.g The person who installed the board)
Thanks,
TauOnline.Org

[Unknown]

Of course.  There is nothing special about the "main admin".  They are just another administrator.  There is no "main".

-[Unknown]

Tristan Perry

Quote from: [Unknown] on September 10, 2004, 04:17:35 AM
Of course.  There is nothing special about the "main admin".  They are just another administrator.  There is no "main".

-[Unknown]
Ok, thanks for replying. How would I prevent this from happening? I've tried adding the following to the function deleteMembers but it doesn't seem to work:

if($context['user']['has_all_permissions']) {
     echo 'Your not allowed to delete the administrator.'; exit(); }


I'm adding it after the line that reads:

global $db_prefix, $sourcedir, $modSettings, $ID_MEMBER;

Thanks,
Tau Online

roboter88

Did you tried deleting the 1st admin yet?

Tristan Perry

Quote from: roboter88 on September 10, 2004, 01:27:00 PM
Did you tried deleting the 1st admin yet?

Erm...I am the main admin, I'm not risking deleting myself   ;)

roboter88

QuoteOf course.  There is nothing special about the "main admin".  They are just another administrator.  There is no "main".

If i understand this rigtht you can do everything as defined in admin permissions with every member with status admin.

Tristan Perry

Quote from: roboter88 on September 10, 2004, 01:32:25 PM
QuoteOf course.  There is nothing special about the "main admin".  They are just another administrator.  There is no "main".

If i understand this rigtht you can do everything as defined in admin permissions with every member with status admin.
So you can delete the main admin.

roboter88


Tristan Perry

Quote from: roboter88 on September 10, 2004, 01:48:52 PM
There is no "main admin" :P *g*
Grrr  ;D Anyway can we get back to preventing this please? (Post 3) Thanks  :)

roboter88

Well why dont just use moderatos with lower access?


Peter Duggan

Quote from: Tau Online on September 10, 2004, 01:14:36 PM
Quote from: [Unknown] on September 10, 2004, 04:17:35 AM
Of course. There is nothing special about the "main admin". They are just another administrator. There is no "main".

-[Unknown]
Ok, thanks for replying. How would I prevent this from happening? I've tried adding the following to the function deleteMembers but it doesn't seem to work:

if($context['user']['has_all_permissions']) {
echo 'Your not allowed to delete the administrator.'; exit(); }


How about just protecting your own ID_Member instead of that permissions stuff?

[Unknown]

Quote from: Tau Online on September 10, 2004, 01:14:36 PM
if($context['user']['has_all_permissions']) {
     echo 'Your not allowed to delete the administrator.'; exit(); }


I'm adding it after the line that reads:

global $db_prefix, $sourcedir, $modSettings, $ID_MEMBER;

Try:

if (in_array(1, $users))
{
     echo 'You\'re not allowed to delete the administrator.';
     exit();
}


-[Unknown]

Tristan Perry

Quote from: [Unknown] on September 10, 2004, 03:18:16 PM
Try:

if (in_array(1, $users))
{
     echo 'You\'re not allowed to delete the administrator.';
     exit();
}


-[Unknown]
Thanks. Although I tried this with a test user (I changed the code accordingly) and I could still delete the member fine...

[Unknown]

That only disallows deleting the first registered member. (1)

-[Unknown]

Tristan Perry

#14
I've tried this myself (I've just started PHP, this should be a good start!) and I'm able to stop deleting the 'main' admin through the profile, although if you go into the view/delete members in the admin panel, I can't seem to stop it then....

This is what I'm using under the deleteMembers function:

if ($users == 1){
        fatal_error('You\'re not allowed to delete the administrator.');
        exit(); }
if( in_array(1, array_keys($_POST['delete']) ) ){
        fatal_error('You\'re not allowed to delete the administrator.');
        exit(); }


The "$users == 1" is to stop deletion through the profile (And it works), although the second one which tries to stop deletion through the v/d (view/delete) members page doesn't work...I'm not too great with arrays at all (I suck infact..) and so I think that's my problem  :P I know that when you try to delete through the v/d page it creates an array and then passes that array onto the deleteMembers function...but I can't seem to stop the deletion...
  Any help would be greatly appreciated.




Quote from: roboter88 on September 10, 2004, 01:56:39 PM
Well why dont just use moderatos with lower access?
Nah that's too simple  :P Just joking, I want my staff members to have deletion permission, but I don't want them to be able to delete me! (I'm a bit paranoid  :D)

Tristan Perry

Hi all,
I've done this by myself now and so I'll lock this topic.
Thanks to all who replied,
TauOnline.Org

Advertisement: