Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ v2.5.x
Author Message
wiz
Involved
Involved


Joined: Oct 09, 2006
Posts: 413
Location: UK

PostPosted: Sat Dec 22, 2007 2:05 am Reply with quote

I set a new superuser today. He gets banned after the 3rd icon click, wherever he is within the admin.
I removed his admin protection...still gets banned.

The reason - Admin=Abuse

so i gave him God admin access.. he doesnt get banned.

.However...

He doesnt see the things that i see using the same admin login.. namely..

"goto Administration panel" in bb2nuke.
and when he goes into the usergroups, all he can do is delete the moderator, he doesnt see the options to add a user, nor remove current users from that group.


2 Questions really, and 2 topics..yeh i know, but something tells me this is linked to him, and security is the most important, thats why it got posted here.

another weird one from me Wink

cheers
WIZ
 
View user's profile Send private message Visit poster's website AIM Address
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Sat Dec 22, 2007 5:02 am Reply with quote

After you added him as admin did you remember to run the Scan for New Admin option from the NukeSentinel(tm) ACP? This option can only be run by God Admins and the details are
NukeSentinel(tm) Help
GOD ADMINS ONLY: Will check for any new admins added to your authors table to the above lists. Will remove any admins that are no longer in your authors table from the above lists.
 
View user's profile Send private message
wiz
PostPosted: Sat Dec 22, 2007 9:23 pm Reply with quote

Yeh, i ran the scan. Then i checked the 'admin auth list'.. he is listed. I also checked the Db authors table..yep he is there.
For the record, he has never been banned on the site before this, and his IP2country isnt a blocked one.
Even using the god admin he cannot complete certain functions, that other god users can.

I told u it was a weird
 
Raven
PostPosted: Sun Dec 23, 2007 1:57 am Reply with quote

PM to me the
Site URL
Admin User name/pass
NukeSentinel(tm) User name/pass for that Admin

I can't promise when I can get to it because of the Holiday rushing up on us but I will get to it and let you know. Please reference this thread in your PM
 
Raven
PostPosted: Mon Dec 24, 2007 11:50 pm Reply with quote

I think you are a victim of a forever puzzling "why was nuke ever coded this way?" issue.

xxxxxx (name hidden for security reasons) is an admin but is not a regular user. In other words there is a record in the authors table but no matching record in the users table. There is, however, a user table record for SAS_xxxxxx. If these are indeed the same person, then try changing the username in the authors table to SAS_xxxxxx and see if that fixes it.

Assuming that is the issue/fix, I have stumbled across this before but forgotten about it until now. I'm not sure if nuke was ever meant to handle this situation (correctly) or not. Obviously it doesn't. I don't know how it is now, but way back when, when you were setting nuke up, the first time you tried to login to admin.php you were asked if you wanted to create a corresponding user record with the same name as the Admin. Now you see what happens if you don't. I can see why it might be advantageous to only add a person as an Admin and not a user but I don't think nuke was ever coded correctly in the first place (big revelation Laughing ).

Now that I have been reminded of yet another quirk, I will add this to the list of things that still need fixing Wink
 
wiz
PostPosted: Tue Dec 25, 2007 9:13 am Reply with quote

hehe

Excellent..so i inadvertantly contributed to the project Shocked Thanks for taking a look and i will edit the username and see.

Merry Christmas
 
wiz
PostPosted: Sat Dec 29, 2007 4:12 pm Reply with quote

Solution.

I edited the Authors row, to match a corresponding Users row. And that indeed stopped the banning of the affected admin.

Great spot there Raven
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ v2.5.x

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©