(2011-12-03, 04:02 PM)pavemen Wrote:Super-admin status is defined in the config file with a UID so, you could change the super admin's uid in the actual database as there is a uid column there and change your own with UPDATE.(2011-12-03, 03:54 PM)Azareal Wrote:(2011-12-03, 01:54 AM)Paul H. Wrote: Non-super admins will not be able to execute DROP, DELETE, TRUNCATE, etc. Noobs don't know how to add super-admins anyways. And noobs deserve it.Someone could simply perform a query to change the super-admin's UID and then, would be able to delete them normally as the super-admin protection would be removed.
super admin status is in the config file, not in the database. if anything, he could make the plugin file require editing first to list the UIDs that can use it, then it does not matter what person is in the ACP as long as that person logged in is listed in the plugin file itself.
That would be a good idea or could restrict it to super-admins only.