Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Not Solved block php from view except for admins
#1
Not Solved
Im trying to make a php page to view all mybb variables for customizing. But after looking at these variables and showing the values, i am assuming you want to hide this from public view. So i tried to add no permissions to everyone except admins (which in my forum is usergroup 4) 

but when im logged in as admin, i get a no permissions page now when viewing this page

<?php

define("IN_MYBB", 1);
include "global.php";

if ($mybb->user['usergroup'] == 4){
    error_no_permission();
}


echo '<pre>';
print_r($mybb);
echo '</pre>';

?>
EDIT:
nevermind. Somtimes i really wish i could delete posts when i feel so dumb
Quote:if ($mybb->user['usergroup'] != 4){


Does print_r($mybb); show each admin logged in info. Like i see me password hash and all.
Reply
#2
Not Solved
You are able to view what the hashed password and salt looks like, but the code you posted won't do it. You can't view the true password that generated that.

$query = $db->simple_select("users", "*", "uid=x");
$user = $db->fetch_array($query);
print_r($user);

Replace x with the uid of the person you want to view. Btw, you may wish to define the constant NO_ONLINE and have its value be 1 before you load global.php. This way you won't show up in the online list as viewing that page.
Reply
#3
Not Solved
Nice. Thanks.

btw, i dont think i did this right.
<?php

define("IN_MYBB", 1);
define("NO_ONLINE",1);
include "global.php";

if ($mybb->user['usergroup'] != 4){
    error_no_permission();
}


echo '<pre>';
print_r($mybb);
echo '</pre>';

?>
as i am still showing up


Attached Files Thumbnail(s)
   
Reply
#4
Not Solved
Maybe the code changed. I know at one point it used to work.
Reply
#5
Not Solved
Unless I am missing something, metulburr is asking why he still shows up on WOL if he is on the hidden page.

If so, that is normal behavior. It just doesn't show your actual location. iirc
Reply
#6
Not Solved
Quote:If so, that is normal behavior. It just doesn't show your actual location
if another user clicks that it takes them to that php file, but just shows error_no_permission(). Is that normal?
Reply
#7
Not Solved
I believe so.
Reply
#8
Not Solved
Isnt that just the no permission error? It doesnt look like NO_ONLINE is doing anything as that is what it did before. I was thinking that it was going to not show the link to that file or not show the user in the list (at least when on that page)
Reply
#9
Not Solved
I haven't actually done any investigation. I'm just answering you from memory. I will create a test page later this evening and get you an answer.
Reply
#10
Not Solved
In the Blocks Admin page, you can use PHP to display/not display the block, so you could put something like this in there:
<?php

global $user;

if (in_array('ROLETHATSHOULDNOTSEETHISBLOCK',array_values($user->roles))) {
  return FALSE;
} else {
  return TRUE;
}

?>

Jobs in Mumbai
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)