Uutiset:

Bored?  Looking to kill some time?  Want to chat with other SMF users?  Join us in IRC chat or Discord

Main Menu
Advertisement:

How to Prevent the Site Owner From Being Banned

Aloittaja Elrond, tammikuu 12, 2006, 07:39:26 AP

« edellinen - seuraava »
Tulosta
Siirry alas Sivuja1
Käyttäjän toimet

Elrond

tammikuu 12, 2006, 07:39:26 AP
Hello folks.

I am new here. Been a very satisfied customer of Simple Machines for only just two and a half months, but have enjoyed every second of it. Just put up my own server about three months ago. I was going to go with phpBB, but I heard that this setup was even better, and you know what? It was. Love what you folks have done and the excellent work you have put forth.

Anyway, that's my two cents about SMF. Now I have a modification here I have been working on. I hope something similar hasn't already been posted yet, but I've searched all through the community forum and have found nothing on it as of yet.

Tested with Version: SMF 1.1 RC2 (December 31, 2005 release)
Requirements for Modification: Same as always - simple text editor.
File(s) to be modified: [your site's main folder]/Sources/ManageBans.php

Find:

Koodi [Valitse]

// Pretending is fun... the IP cannot be this, so use it for 'unknown'.
if ($ip == array(255, 255, 255, 255))
return 'unknown';


Replace Above With:

Koodi [Valitse]

// Pretending is fun... the IP cannot be this, so use it for 'unknown'.
if ($ip == array(255, 255, 255, 255))
return 'unknown';
if ($ip == array([color=red]IP ADDRESS[/color]))
fatal_error('ERROR: You have attempted to assassinate the Owner of the Site. This attempt will be noted in the log. Thank you for being owned today.', false);


Modifications of the Above Content:

Change the "IP ADDRESS" text in red to your IP address, if you are the owner of your site. This IP Address that you put in that area must be in this format:

255, 255, 255, 255

...taking the example from above. It's like a normal IP Address with dots in it, except this one's with commas!

Now we're not done yet!

Just several more lines down, right in the next function (function ip2range($fullip)), you have to find:

Koodi [Valitse]

// Pretend that 'unknown' is 255.255.255.255. (since that cannot be an IP anyway.)
if ($fullip == 'unknown')
$fullip = '255.255.255.255';


Replace the above with:

Koodi [Valitse]

// Pretend that 'unknown' is 255.255.255.255. (since that cannot be an IP anyway.)
if ($fullip == 'unknown')
$fullip = '255.255.255.255';
if ($fullip == '[color=red]*IP ADDRESS*[/color]')
fatal_error('ERROR: You have attempted to assassinate the Owner of the Site. This attempt will be noted in the log. Thank you for being owned today.', false);


Modify the code in red to your IP Address. THIS TIME, the IP address will be like it usually is, separated by dots AND NO SPACES!


Now you have your own anti-head-admin-ban. And now if someone tries to ban you, they'll get an error message that says,

"ERROR: You have attempted to assassinate the Owner of the Site. This attempt will be noted in the log. Thank you for being owned today."

I think that might add a little edge to it. Remember, the fatal_error is not always your enemy. In this case (if you're the site owner), it's your dear, dear friend. :)


As always, your best bet if you want to make someone else an administrator is to actually find someone you trust, as everyone knows (hopefully). But this helps too.

I recommend that you read all of the above before attempting this. As it says, it has ONLY been tested on the most recent update (to this point) which is SMF 1.1 RC2 (December 31, 2005 release).

Should you want to test this, which I would if I were someone else reading this topic (it's smart), I would use in the lines above an IP from someone else you know, like another member, and inform them that you will be testing the anti-ban filter. Then try to ban their IP (remember, it must match the user's IP and also the IP in your modified code MUST match that of the IP of the user and the IP of the ban you make). Then if you did the modification correctly and you did it on SMF 1.1 RC2, then you will get a nice error message saying that you tried to assassinate so-and-so, bla bla bla...

Good Coding,
Godspeed!

Kindred

#1
tammikuu 12, 2006, 07:57:12 AP
and what happens if, like me the admin uses at least 4 different computers, and hence, 4 different, DYNAMIC, IP addresses?

No...   this is a cute idea, but unrealistic...   realistically, you should check if (admin) and forbid the ban on that...   or if (userid == 1)
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Thantos

#2
tammikuu 12, 2006, 10:38:01 AP
From Security.php
Function is_not_banned()
Koodi [Valitse]

// You cannot be banned if you are an admin - doesn't help if you log out.
if ($user_info['is_admin'])
return;


So while you could ban an admin it won't do anything.

Elrond

#3
tammikuu 16, 2006, 12:38:02 AP
Well, just a different way of doing it I suppose.  ???
Tulosta
Siirry ylös Sivuja1
Käyttäjän toimet
Advertisement: