MyBB Hacks

Full Version: Admin Security
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3 4 5 6
No, the edit just forces 'adminsec' into the active plugins list.
Note that I'm not sure if it will display correctly in the AdminCP -> Configuration -> Plugins section; it may appear to be disabled, but the effects of it being loaded will still exist.
The ideal solution would be to modify your installer to push this plugin into the active plugins cache, but I don't know your multi-forum script, so this should be suffice.
Hi Zenga,

Thats brilliant, many thanks for your help. One last questions!

Although it would be active despite showing as deactive in the plugin section, if an admin was to click "activate" - would that make any difference? It wouldnt have the reverse effect and deactivate it? Or because its coded in to be active, the activate/deactivate switch will have no effect.

Hope that makes sense!
If they go an activate it, it will just appear to be activated.  There's no difference otherwise.
This plugin cannot be deactivated unless they have permissions to edit the PHP file.
Superb.

Many thanks for your help Smile
(05-19-2010 09:29 PM)ZiNgA BuRgA Wrote: [ -> ]Note that this plugin does not work on multi-DB server setups
(if you don't know what this is, you probably don't have one).

Ok after fixxing the first issue with your second recomended update I have tested this with multi forums now on 1 server, and whats happening now is once you click to see "view new posts"  or "subscribe" Internet Explorer cannot display the webpage ...this must be why its not intended for multi-Db servers? Can this be the problem and affecting it? Or can this something else interfering?

Thanks
(07-22-2010 09:08 AM)Technoman Wrote: [ -> ]this must be why its not intended for multi-Db servers?
Multi-DB refers to if you are using MySQL replication or similar.
You probably aren't, so this shouldn't be your problem.

This plugin shouldn't be doing anything special for specific browsers, so if it's only IE in which it's happening, it's probably something else.
(07-22-2010 06:13 PM)ZiNgA BuRgA Wrote: [ -> ]
(07-22-2010 09:08 AM)Technoman Wrote: [ -> ]this must be why its not intended for multi-Db servers?
Multi-DB refers to if you are using MySQL replication or similar.
You probably aren't, so this shouldn't be your problem.

This plugin shouldn't be doing anything special for specific browsers, so if it's only IE in which it's happening, it's probably something else.

its happening in FF and IE these are the only 2 I use
I suspect it may have something to do with the redirect pages (note, disabling these isn't necessarily a solution), and maybe the multi-forum script doing something a bit different with them.
I don't have the time to check, but it probably modifies the underlying database configuration, which may be causing it to break down.

I don't know what modifications it makes to DB configuration, but if the script is good, inc/config.php should be a redirect to the proper configuration file.
hi sorry to dig up an old thread...

is there no way to allow template editing and yet still preserve your db details

even with this activated the db username and dbname can be easily accessed

i was making a multiforum script that basically uploads and installs the board for users so template editing is a must
This plugin should be making it difficult, if not impossible, to access the DB password.
If you could say how one can view the DB password with this plugin installed, I would be able to look into it.

Thanks.
Pages: 1 2 3 4 5 6
Reference URL's