News:

Bored?  Looking to kill some time?  Want to chat with other SMF users?  Join us in IRC chat or Discord

Main Menu

Deleting main admin...

Started by Tristan Perry, September 09, 2004, 12:58:18 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Tristan Perry

September 09, 2004, 12:58:18 PM
Hello,
  I am wondering the following, is it possible for an additional admin or a GMod with the correct permissions, to delete the main admin (E.g The person who installed the board)
Thanks,
TauOnline.Org

[Unknown]

#1
September 10, 2004, 04:17:35 AM
Of course.  There is nothing special about the "main admin".  They are just another administrator.  There is no "main".

-[Unknown]

Tristan Perry

#2
September 10, 2004, 01:14:36 PM
Quote from: [Unknown] on September 10, 2004, 04:17:35 AM
Of course.  There is nothing special about the "main admin".  They are just another administrator.  There is no "main".

-[Unknown]
Ok, thanks for replying. How would I prevent this from happening? I've tried adding the following to the function deleteMembers but it doesn't seem to work:

Code Select
if($context['user']['has_all_permissions']) {
     echo 'Your not allowed to delete the administrator.'; exit(); }

I'm adding it after the line that reads:

Code Select
global $db_prefix, $sourcedir, $modSettings, $ID_MEMBER;

Thanks,
Tau Online

roboter88

#3
September 10, 2004, 01:27:00 PM
Did you tried deleting the 1st admin yet?

Tristan Perry

#4
September 10, 2004, 01:30:02 PM
Quote from: roboter88 on September 10, 2004, 01:27:00 PM
Did you tried deleting the 1st admin yet?

Erm...I am the main admin, I'm not risking deleting myself   ;)

roboter88

#5
September 10, 2004, 01:32:25 PM
QuoteOf course.  There is nothing special about the "main admin".  They are just another administrator.  There is no "main".

If i understand this rigtht you can do everything as defined in admin permissions with every member with status admin.

Tristan Perry

#6
September 10, 2004, 01:45:20 PM
Quote from: roboter88 on September 10, 2004, 01:32:25 PM
QuoteOf course.  There is nothing special about the "main admin".  They are just another administrator.  There is no "main".

If i understand this rigtht you can do everything as defined in admin permissions with every member with status admin.
So you can delete the main admin.

roboter88

#7
September 10, 2004, 01:48:52 PM
There is no "main admin" :P *g*

Tristan Perry

#8
September 10, 2004, 01:54:49 PM
Quote from: roboter88 on September 10, 2004, 01:48:52 PM
There is no "main admin" :P *g*
Grrr  ;D Anyway can we get back to preventing this please? (Post 3) Thanks  :)

roboter88

#9
September 10, 2004, 01:56:39 PM
Well why dont just use moderatos with lower access?

Peter Duggan

#10
September 10, 2004, 02:47:53 PM
Quote from: Tau Online on September 10, 2004, 01:14:36 PM
Quote from: [Unknown] on September 10, 2004, 04:17:35 AM
Of course. There is nothing special about the "main admin". They are just another administrator. There is no "main".

-[Unknown]
Ok, thanks for replying. How would I prevent this from happening? I've tried adding the following to the function deleteMembers but it doesn't seem to work:

Code Select
if($context['user']['has_all_permissions']) {
echo 'Your not allowed to delete the administrator.'; exit(); }

How about just protecting your own ID_Member instead of that permissions stuff?

[Unknown]

#11
September 10, 2004, 03:18:16 PM
Quote from: Tau Online on September 10, 2004, 01:14:36 PM
Code Select
if($context['user']['has_all_permissions']) {
     echo 'Your not allowed to delete the administrator.'; exit(); }

I'm adding it after the line that reads:

Code Select
global $db_prefix, $sourcedir, $modSettings, $ID_MEMBER;

Try:

Code Select
if (in_array(1, $users))
{
     echo 'You\'re not allowed to delete the administrator.';
     exit();
}

-[Unknown]

Tristan Perry

#12
September 10, 2004, 04:03:25 PM
Quote from: [Unknown] on September 10, 2004, 03:18:16 PM
Try:

Code Select
if (in_array(1, $users))
{
     echo 'You\'re not allowed to delete the administrator.';
     exit();
}

-[Unknown]
Thanks. Although I tried this with a test user (I changed the code accordingly) and I could still delete the member fine...

[Unknown]

#13
September 10, 2004, 04:06:44 PM
That only disallows deleting the first registered member. (1)

-[Unknown]

Tristan Perry

#14
September 11, 2004, 06:10:14 AM Last Edit: September 11, 2004, 09:33:00 AM by Tau Online
I've tried this myself (I've just started PHP, this should be a good start!) and I'm able to stop deleting the 'main' admin through the profile, although if you go into the view/delete members in the admin panel, I can't seem to stop it then....

This is what I'm using under the deleteMembers function:

Code Select
if ($users == 1){
        fatal_error('You\'re not allowed to delete the administrator.');
        exit(); }
if( in_array(1, array_keys($_POST['delete']) ) ){
        fatal_error('You\'re not allowed to delete the administrator.');
        exit(); }

The "$users == 1" is to stop deletion through the profile (And it works), although the second one which tries to stop deletion through the v/d (view/delete) members page doesn't work...I'm not too great with arrays at all (I suck infact..) and so I think that's my problem  :P I know that when you try to delete through the v/d page it creates an array and then passes that array onto the deleteMembers function...but I can't seem to stop the deletion...
  Any help would be greatly appreciated.



Quote from: roboter88 on September 10, 2004, 01:56:39 PM
Well why dont just use moderatos with lower access?
Nah that's too simple  :P Just joking, I want my staff members to have deletion permission, but I don't want them to be able to delete me! (I'm a bit paranoid  :D)

Tristan Perry

#15
September 11, 2004, 09:48:37 AM
Hi all,
I've done this by myself now and so I'll lock this topic.
Thanks to all who replied,
TauOnline.Org
Print
Go Up Pages1
User actions
Advertisement: