XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. XOOPS Modules Support forums / 
  3. Module troubleshooting 
  4.  / Admin Rights in Extended Profiles module
Register
1
Codyko
Admin Rights in Extended Profiles module

  • 2005/11/10 9:49

  • Codyko

  • Just popping in

  • Posts: 22

  • Since: 2005/8/5 7


Hi!

I am developing a module which relies on the Extended Profiles module for user management. So, I created one group called "module A admin" which was granted with "admin rights" of both modules.

My problem is that, any user in the "module A admin" group can even delete users in "administrator group".


Is this normal? or did I miss anything ?

I suppose "webmasters" can only be deleted by webmasters only.

Thanks!


Regards
Cody
2
Codyko
Re: Admin Rights in Extended Profiles module

  • 2005/11/10 16:09

  • Codyko

  • Just popping in

  • Posts: 22

  • Since: 2005/8/5 7


Hi,

I 've just find the answers myself.

Ok, to prevent users with admin right of Extended Profiles module (but not "webmaster") from deleting webmasters , I added the following codes at line 187 of admin/user.php of the module.

case "delete":
    $obj =& $handler->getUser($_REQUEST['id']);
    
    /*modified for better protect of webmaster group*/
    $group_ids $member_handler->getGroupsByUser($obj->getVar('uid')) ;
    
// true if current user is in group ID #1, that is webmaster group
    if ($in_group in_array(1$group_ids)){
    redirect_header('user.php'3_PROFILE_AM__CANNOTDELETEADMIN);
    exit();
    }
    /*modified for better protect of webmaster group*/


By doing this, however, you have to remove the user from "webmaster" group before deleting it. Though it's a little bit inconvenient, it's more secure, in my own opions.


Regards
Cody

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

161 user(s) are online (106 user(s) are browsing Support Forums)

Members: 0

Guests: 161

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Apr 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits