Majdi 2.1 Posted August 30, 2005 Posted August 30, 2005 please this is an important feature add search member based on second group because a hacker can hack admin account pass then change his own account second group to admin so even if the admin change his pass the hacker will still have access to admin panel unless admin check all members second group one by one :(
Smeg Posted August 31, 2005 Posted August 31, 2005 The follwing is in 2.1 at least. When you goto manage usergroups you can see how many users are using the different groups, this takes into account any secondary group choices, however when you click the group name to see the users in those groups, secondary group choices don't show up in the list. So it would be nice to see a similar feature as mentioned above. As for the admin password, unless you give out any information which may lead to a good guess for the password then the only way it can be hacked it by brute force methods. Eitherway, proper password choice will put up another barrier.
Why Two Kay Posted September 2, 2005 Posted September 2, 2005 If a person sets the second group to "admin" there seems to be a glitch (or "feature") that doesnt give them root permissions. I dont know if this is just 2.0.0, or my old webserver. If not, then this wouldnt really be a problem then. But searching based on 2nd member group would be helpful. :thumbsup:
Majdi 2.1 Posted September 2, 2005 Posted September 2, 2005 such a feature is not available in ipb v2.0.4
Antony Posted September 3, 2005 Posted September 3, 2005 You can just run this query... SELECT name FROM ibf_members WHERE mgroup_others LIKE '%4%'; this finds all users with a secondary group of 4.
Wolfie Posted September 3, 2005 Posted September 3, 2005 You can just run this query... SELECT name FROM ibf_members WHERE mgroup_others LIKE '%4%'; this finds all users with a secondary group of 4. And group 14, 24, 34, 40, 41, 42, etc. :lol: Would it be possible to do: WHERE mgroup_others LIKE '%,4,%' OR mgroup_others LIKE '4,%' OR mgroup_others LIKE '%,4' OR mgroup_others = '4' Would that work?If a person sets the second group to "admin" there seems to be a glitch (or "feature") that doesnt give them root permissions. I dont know if this is just 2.0.0, or my old webserver. If not, then this wouldnt really be a problem then.If you're referring to v2.0.x then it wasn't fully implemented. If you're referring to v2.1, then are you meaning that you're making them a root admin via the 2nd group? If so, I would definitely consider that to be a glitch/bug because you can always make a single group to grant ACP access and place that in the secondary group. However if it's like that, and on purpose, then that's cool, I'd just like to know the reason for it so I'll know.
tom-riddle Posted September 3, 2005 Posted September 3, 2005 Nice feature suggestion... +1 :thumbsup:.Wolfie: it would... ^_^
Recommended Posts
Archived
This topic is now archived and is closed to further replies.