Advertisement:

Author Topic: OpenID and Admin  (Read 5266 times)

Offline ibookdb

  • Jr. Member
  • **
  • Posts: 117
  • Internet Book Database
    • Internet Book Database
OpenID and Admin
« on: March 20, 2008, 07:50:41 PM »
To test out openID on existing accounts, I added my OpenID URL to my database entry and I can't get to the Admin section anymore:

Quote
Authentication Restriction
Your account at this forum currently uses OpenID for authentication.

For security purposes the action you are attempting to perform is restricted only to users who have password authentication on their accounts.
To proceed with this action you will need to switch authentication on your account to be by password.

You can change your account into a password based account from the Account Settings page of your profile.

So I tried logging out and logging in with my username and password and I still get the same message.
Manage Your Book Collection Online at The Internet Book Database

Random Books from My Bookshelf

iBookDB

Offline H

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 21,662
  • Gender: Male
Re: OpenID and Admin
« Reply #1 on: March 20, 2008, 07:57:33 PM »
Did you try completely removing the OpenID URL from the member?
-H
Former Support Team Lead
                              I recommend:
Namecheap (domains)
Fastmail (e-mail)
Linode (VPS)
                             

Offline ibookdb

  • Jr. Member
  • **
  • Posts: 117
  • Internet Book Database
    • Internet Book Database
Re: OpenID and Admin
« Reply #2 on: March 21, 2008, 08:41:04 AM »
No I want to be able to login with OpenID :) but I'll do that because I'm forced to or I can't admin.
Manage Your Book Collection Online at The Internet Book Database

Random Books from My Bookshelf

iBookDB

Offline H

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 21,662
  • Gender: Male
Re: OpenID and Admin
« Reply #3 on: March 21, 2008, 02:26:26 PM »
Ok I just looked through the code. In Subs-Auth.php try commenting out this code:

Code: [Select]
// If this person is an OpenID person I'm afraid at the moment we require them to unhook their account.
//!!! Do we think we should allow this in the future?
if (!empty($user_settings['openid_uri']))
{
$context['sub_template'] = 'admin_openid_disabled';
$context['page_title'] = $txt['openid_admin_action'];

obExit();

// No pass, just in case!
trigger_error('Hacking attempt...', E_USER_ERROR);
}
-H
Former Support Team Lead
                              I recommend:
Namecheap (domains)
Fastmail (e-mail)
Linode (VPS)