This is brilliant! Great name too, i will try this immediately.
I would highly suggest that you create a list of disallowed query actions, or at least add major confirmation of those actions.
DELETE, DROP, ALTER, GRANT, etc should not be allowed or not allowed without confirmation.
I second what pavement posted, I need to run an ALTER query nearly every day. I'll use this when security is enhanced.
(2011-12-02, 09:28 PM)pavemen Wrote: [ -> ]I would highly suggest that you create a list of disallowed query actions, or at least add major confirmation of those actions.
DELETE, DROP, ALTER, GRANT, etc should not be allowed or not allowed without confirmation.
That's actaully in planning for the next version. Which will come out in a day or so. Non-super admins will not be able to run those queries.
I would still throw a verification in there, perhaps an AJAX validation like with usernames during registration. Have it as an option if you think that would be better, something like "prompt on dangerous queries".
This isn't a good plugin,
Try this:
DROP DATABASE();
You'd be surprised... Well there's no need to report bugs that are in Admin CP anymore since with this plugin you can do whatever you want... delete / insert / update / drop...
No I mean the whole idea is bad... Some newbies add some other people as co-admins that have same privileges besides managing settings etc...
With this plugin anyone who accesses the Admin CP can do it all
(2011-12-03, 01:13 AM)TheGarfield Wrote: [ -> ]No I mean the whole idea is bad... Some newbies add some other people as co-admins that have same privileges besides managing settings etc...
With this plugin anyone who accesses the Admin CP can do it all
He already mentioned that in future versions the plugin will allow only super admins to use the tool, and it will include better security.
Otherwise, it is a non-recommended plugin imo.