| Author |
Message |
JRSweets
Worker
Joined: Aug 06, 2004
Posts: 192
|
 Posted:
Sat Sep 04, 2004 1:18 am |
|
I get this message when trying to get to the forum ACP:
"You are not authorised to administer this board"
The forums are version 2.0.10 and common.php contains the updated code that fixed this problem before. Any thoughts? |
| |
|
|
|
JRSweets
|
| Posted:
Sat Sep 04, 2004 1:25 am |
|
I had to change this in pagestart.php
Code:
if ($radminsuper != 1 OR $radminforum != 1) {
message_die(GENERAL_MESSAGE, "You are not authorised to administer
this board");
}
|
to this:
Code:
if (!is_admin($admin) AND ($row[radminsuper] != 1 OR $row[radminforum] != 1)) {
message_die(GENERAL_MESSAGE, "You are not authorised to administer this board");
}
|
|
| |
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Sat Sep 04, 2004 1:54 am |
|
Uh, something's wrong. This is the Forums/admin/pagestart.php from the 7.5 release on my siteCode://
// Do a check to see if the nuke user is still valid.
//
global $admin;
$admin = base64_decode($admin);
$admin = explode(":", $admin);
$aid = "$admin[0]";
$sql = "SELECT radminforum, radminsuper FROM ".$prefix."_authors WHERE aid='$aid'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
if (!is_admin($admin) AND ($row[radminsuper] != 1 OR $row[radminforum] != 1)) {
message_die(GENERAL_MESSAGE, "You are not authorised to administer this board");
}
|
If your pagestart was reading something else, then you don't have all the 7.5 files. |
| |
|
|
|
|
JRSweets
|
| Posted:
Sat Sep 04, 2004 9:08 am |
|
I just downloaded the 7.5 from here again and it has the code that you posted. Hmm.... When I first downloaded I uploaded all the files, or so I thought. |
| |
|
|
|
|
fernando
Client
Joined: Oct 07, 2004
Posts: 7
|
| Posted:
Thu Oct 07, 2004 8:22 pm |
|
Hello,
I am having the exact same error when attempting to access the Forum ACP on a recent Raven install of Nuke7.5/phpBB 2.0.10. It happens with 2 admins accts (the SU and a limited admin acct). My pagestart.php is different from what both of you show. It has cookie references:
$row3 = $db->sql_fetchrow($result3);
if ($cookie[2] == $row3['user_password'] && ($row3['user_password'] != "") && ($row3['user_level'] != 2 or $row2[radminsuper] != 1 or $auth_user != 1)) {
$nukeuser = $user;
} else {
unset($user);
unset($cookie);
message_die(GENERAL_MESSAGE, "You are not authorised to administer this board");
}
Suggestions? |
| |
|
|
|
Raven
|
| Posted:
Thu Oct 07, 2004 8:28 pm |
|
The pagestart.php that you have is the up-2-date one with the 2.6 patches from Chatserv. Try clearing your cache and deleting your cookies. If that does not help, then use phpMyAdmin and verify that in the users table, the user's user_level is a 2. Sometimes that doesn't get changed. |
| |
|
|
|
|
chatserv
Member Emeritus
Joined: May 02, 2003
Posts: 1389
Location: Puerto Rico
|
| Posted:
Thu Oct 07, 2004 8:44 pm |
|
Actually i changed that file.
Code:if (!defined('IN_PHPBB'))
{
die("Hacking attempt");
}
define('IN_ADMIN', true);
$forum_admin = 1;
include("../../../mainfile.php");
include($phpbb_root_path.'common.'.$phpEx);
//
// Do a check to see if the nuke user is still valid.
//
global $admin, $prefix, $db, $cookie, $nukeuser, $user;
$admin = base64_decode($admin);
$admin = explode(":", $admin);
$aid = "$admin[0]";
$row = $db->sql_fetchrow($db->sql_query("SELECT title, admins FROM ".$prefix."_modules WHERE title='Forums'"));
$row2 = $db->sql_fetchrow($db->sql_query("SELECT name, pwd, radminsuper FROM ".$prefix."_authors WHERE aid='$aid'"));
$admins = explode(",", $row['admins']);
$auth_user = 0;
for ($i=0; $i < sizeof($admins); $i++) {
if ($row2['name'] == "$admins[$i]" AND $row['admins'] != "") {
$auth_user = 1;
}
}
$user = addslashes(base64_decode($user));
$cookie = explode(":", $user);
$sql3 = "SELECT user_id, user_password, user_level FROM " . USERS_TABLE . "
WHERE username='$cookie[1]'";
$result3 = $db->sql_query($sql3);
if(!$result3) {
message_die(GENERAL_ERROR, 'Could not query user account', '', __LINE__, __FILE__, $sql);
}
$row3 = $db->sql_fetchrow($result3);
if ((is_admin($admin)) AND ($admin[1] == $row2['pwd'] && $row2['pwd'] != "") AND ($row3['user_level'] == 2 or $row2[radminsuper] == 1 or $auth_user == 1)) {
} elseif ((is_user($user)) AND ($cookie[2] == $row3['user_password'] && $row3['user_password'] != "") AND ($row3['user_level'] == 2)) {
$nukeuser = $user;
} else {
unset($user);
unset($cookie);
message_die(GENERAL_MESSAGE, "You are not authorised to administer this board");
}
//
// Start session management
//
$userdata = session_pagestart($user_ip, PAGE_INDEX, $nukeuser);
init_userprefs($userdata);
//
// End session management
//
/*
if( !$userdata['session_logged_in'] )
{
$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', $_SERVER['SERVER_SOFTWARE']) ) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . '../../../' . append_sid("login.$phpEx?redirect=admin/"));
exit;
}
else if( $userdata['user_level'] != ADMIN )
{
message_die(GENERAL_MESSAGE, $lang['Not_admin']);
}
*/
if ( empty($no_page_header) )
{
// Not including the pageheader can be neccesarry if META tags are
// needed in the calling script.
include('./page_header_admin.'.$phpEx);
}
|
|
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
