Jump to content

Recommended Posts

Posted

Is it possible to disable in wild card search in admin CP? It seems, through moderator logs, topic titles can be exposed to the members, who don't have access to categories. 

Could contain: File, Webpage, Text, Page

Posted

There is no way in which to do this at present, no. I'm a little consused as to what you mean by members having access to items they shouldnt have, as this is an admin function

  • 6 months later...
Posted
On 12/11/2023 at 3:27 AM, Marc Stridgen said:

There is no way in which to do this at present, no. I'm a little consused as to what you mean by members having access to items they shouldnt have, as this is an admin function

Any suggestion on how to block through htaccess or some faster way? 

  • =ip&ip=*.*
  • =ip&ip=*.*.*
  • =ip&ip=*.*.*.*  

Ok so the problem is - you can use wild card search in admin CP and staff members who do not have access to certain categories on forum, can now view topic titles, using this method.

Posted (edited)
50 minutes ago, Randy Calvert said:

You can block single IPs or blocks of IPs through .htaccess but that’s completely not associated with IPB.  Thats a server level function. 

https://htaccessbook.com/block-ip-address/

I don't think you are understanding the question. I am looking for an option to block certain URL's based on ending I mentioned above. Admin search produces below URL. So looking for option to block that URL.

https://invisioncommunity.com/admin/?app=core&module=members&controller=ip&ip=*.*

 

Edited by AlexJ
Posted

What you’re looking to do is not possible in the base software.  htaccess is not aware of a logged in user credential or permission so it would not work. You would need some sort of third party resource to do what you want. 

Posted
11 hours ago, AlexJ said:

Any suggestion on how to block through htaccess or some faster way? 

  • =ip&ip=*.*
  • =ip&ip=*.*.*
  • =ip&ip=*.*.*.*  

Ok so the problem is - you can use wild card search in admin CP and staff members who do not have access to certain categories on forum, can now view topic titles, using this method.

Im still extremely confused as to what you think people can see here. You cannot search for topic titles in the admin CP.

Posted (edited)
10 hours ago, AlexJ said:

I don't think you are understanding the question.

Maybe you're not explaining things very clearly? Ultimiately, I think what you want to do is stop staff members who have access to the ACP from being able to use the live search to search for IP addresses because...

12 hours ago, AlexJ said:

...and staff members who do not have access to certain categories on forum, can now view topic titles, using this method.

...the resulting details of the IP address search will have a 'Posts' section that, when clicked, displays the title of the topic where the posts exist. And some of those topics exist in forums to which the staff member doesn't actually have access on the front-end.

If that is correct, then maybe your request should be targeted at asking for front-end permissions to be accounted for when displaying that listing of topic titles?

If that isn't correct then you're not explaining things very clearly.

 

Edited by Nathan Explosion
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...