2014-07-11, 08:30 PM
2014-07-11, 09:20 PM
The super admin(s) is not displayed anywhere. The only time you can get a message is if you are trying to manage their profile or managing their admin permissions which wont' affect them anyway.
2014-07-11, 09:20 PM
Hide it how?
2014-07-11, 10:45 PM
(2014-07-11, 09:20 PM)dragonexpert Wrote: [ -> ]The super admin(s) is not displayed anywhere. The only time you can get a message is if you are trying to manage their profile or managing their admin permissions which wont' affect them anyway.
has this changed for 1.8? in 1.6, the super admin is in the showteam.php page, is it not?
(2014-07-11, 09:20 PM)Starpaul20 Wrote: [ -> ]Hide it how?
make it appear like a regular user, maybe spoof it's uid...something along those lines.
I believe paveman has a script he uses to accomplish this, but I've never been able to get it to work right.
2014-07-11, 11:14 PM
Super Admins aren't a usergroup so the only way the username would show up is if that person's display group is one that has the Show Group on forumteam page selected.
If you are using a usergroup for Super Admins, then you should consider not doing so.
If you are using a usergroup for Super Admins, then you should consider not doing so.
2014-07-11, 11:39 PM
(2014-07-11, 11:14 PM)dragonexpert Wrote: [ -> ]Super Admins aren't a usergroup so the only way the username would show up is if that person's display group is one that has the Show Group on forumteam page selected.
If you are using a usergroup for Super Admins, then you should consider not doing so.
ok, but even so, the super admin has a uid of 1.
I imagine this can be changed in the DB without causing any problems, but for people who don't have a lot of experience with DB commands, a nice option in the ACP would be nice to change this.
2014-07-12, 12:21 AM
Honnestly I don't see any purpose, most hackers target the admin panel and any admin they can get. Honnestly if they manage to hack into it they will shell it and or deface it. Hell even some shell have ftps now.
2014-07-12, 01:35 AM
Just register a random account with a random group displayed same way as Registered and a very strong complex password (stored in KeePass or whatever) and make it a super admin instead of your main account... Then use only it to login to ACP.
Hiding it is quite pointless and not really a layer of security since anyone with common sense will deduce that you're a super admin anyways.
Hiding it is quite pointless and not really a layer of security since anyone with common sense will deduce that you're a super admin anyways.
2014-07-12, 12:56 PM
Super Admins are not managed in the database for good reason. You have to have FTP access in order to change it. Make sure also that you chmod that file to 644 if you haven't already. This will make sure no one can write to it unless they are the root FTP user.
Admin permissions are saved in the database, but have no effect on super admins. They aren't stored in plain text so to speak. Everything is serialized. If you know exactly how the formula works, you can technically edit that, but if you edit it wrong, you can screw things up in a hurry.
Also what you could do is have your main account have a display group of Admin, but be a regular user. Use that account to post whatever you need to post. Create an additional account where the display group is a regular user, but have their usergroup be admin. Then edit your inc/config.php file to reflect this. Make sure you never post with this account.
Admin permissions are saved in the database, but have no effect on super admins. They aren't stored in plain text so to speak. Everything is serialized. If you know exactly how the formula works, you can technically edit that, but if you edit it wrong, you can screw things up in a hurry.
Also what you could do is have your main account have a display group of Admin, but be a regular user. Use that account to post whatever you need to post. Create an additional account where the display group is a regular user, but have their usergroup be admin. Then edit your inc/config.php file to reflect this. Make sure you never post with this account.