| Author |
Message |
wiz
Involved
Joined: Oct 09, 2006
Posts: 413
Location: UK
|
 Posted:
Sat Dec 22, 2007 2:05 am |
|
I set a new superuser today. He gets banned after the 3rd icon click, wherever he is within the admin.
I removed his admin protection...still gets banned.
The reason - Admin=Abuse
so i gave him God admin access.. he doesnt get banned.
.However...
He doesnt see the things that i see using the same admin login.. namely..
"goto Administration panel" in bb2nuke.
and when he goes into the usergroups, all he can do is delete the moderator, he doesnt see the options to add a user, nor remove current users from that group.
2 Questions really, and 2 topics..yeh i know, but something tells me this is linked to him, and security is the most important, thats why it got posted here.
another weird one from me 
cheers
WIZ |
| |
|
  
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Sat Dec 22, 2007 5:02 am |
|
After you added him as admin did you remember to run the Scan for New Admin option from the NukeSentinel(tm) ACP? This option can only be run by God Admins and the details are
NukeSentinel(tm) Help
GOD ADMINS ONLY: Will check for any new admins added to your authors table to the above lists. Will remove any admins that are no longer in your authors table from the above lists. |
| |
|
|
|
|
wiz
|
| Posted:
Sat Dec 22, 2007 9:23 pm |
|
Yeh, i ran the scan. Then i checked the 'admin auth list'.. he is listed. I also checked the Db authors table..yep he is there.
For the record, he has never been banned on the site before this, and his IP2country isnt a blocked one.
Even using the god admin he cannot complete certain functions, that other god users can.
I told u it was a weird |
| |
|
|
|
|
Raven
|
| Posted:
Sun Dec 23, 2007 1:57 am |
|
PM to me the
Site URL
Admin User name/pass
NukeSentinel(tm) User name/pass for that Admin
I can't promise when I can get to it because of the Holiday rushing up on us but I will get to it and let you know. Please reference this thread in your PM |
| |
|
|
|
|
Raven
|
| Posted:
Mon Dec 24, 2007 11:50 pm |
|
I think you are a victim of a forever puzzling "why was nuke ever coded this way?" issue.
xxxxxx (name hidden for security reasons) is an admin but is not a regular user. In other words there is a record in the authors table but no matching record in the users table. There is, however, a user table record for SAS_xxxxxx. If these are indeed the same person, then try changing the username in the authors table to SAS_xxxxxx and see if that fixes it.
Assuming that is the issue/fix, I have stumbled across this before but forgotten about it until now. I'm not sure if nuke was ever meant to handle this situation (correctly) or not. Obviously it doesn't. I don't know how it is now, but way back when, when you were setting nuke up, the first time you tried to login to admin.php you were asked if you wanted to create a corresponding user record with the same name as the Admin. Now you see what happens if you don't. I can see why it might be advantageous to only add a person as an Admin and not a user but I don't think nuke was ever coded correctly in the first place (big revelation  ).
Now that I have been reminded of yet another quirk, I will add this to the list of things that still need fixing |
| |
|
|
|
|
wiz
|
| Posted:
Tue Dec 25, 2007 9:13 am |
|
hehe
Excellent..so i inadvertantly contributed to the project  Thanks for taking a look and i will edit the username and see.
Merry Christmas |
| |
|
|
|
|
wiz
|
| Posted:
Sat Dec 29, 2007 4:12 pm |
|
Solution.
I edited the Authors row, to match a corresponding Users row. And that indeed stopped the banning of the affected admin.
Great spot there Raven |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
