|
إنضمامك إلي منتديات استراحات زايد يحقق لك معرفة كل ماهو جديد في عالم الانترنت ...
انضم الينا
#1
| ||
| ||
So I set my Admin account as undeletable in the Config.php. later, I logged into the AdminCP and via the Users panel I tried to change the password and email address of the Admin. I was informed that this was restricted and I couldn't do it. So far so good. I then ran up a second tab on the browser logged into the main forum with the same Admin account, I then, using the UserCP (Settings, my profile, Email and password etc.) I successfully changed both the password and email address for the admin account without a problem. On the first tab I ddi a refresh on the user panel and right away I could see that the email address was quite clearly changed. I also logged out and back in again with the new password. Surely this is a security flaw, the admin password and email shouldn't be changeable via the UserCP at best of times and certainly not if Admin is set to undeletable in the config.php and it's already preventing the AdminCp from modding that accounts details! Any thoughts? Rgds Pete __DEFINE_LIKE_SHARE__ |
مواقع النشر (المفضلة) |
| |
المواضيع المتشابهه | ||||
الموضوع | كاتب الموضوع | المنتدى | مشاركات | آخر مشاركة |
Forum User getting weird admin emails | محروم.كوم | منتدى أخبار المواقع والمنتديات العربية والأجنبية | 0 | 06-08-2010 03:00 PM |
Forum user cant change password | محروم.كوم | منتدى أخبار المواقع والمنتديات العربية والأجنبية | 0 | 06-05-2010 08:30 PM |
User Interface Member Action dropdown menu is inconsistent | محروم.كوم | منتدى أخبار المواقع والمنتديات العربية والأجنبية | 0 | 04-21-2010 08:50 PM |
forum for user to admin - no one else can see | محروم.كوم | منتدى أخبار المواقع والمنتديات العربية والأجنبية | 0 | 09-07-2009 12:40 AM |
Admin CP User password length | محروم.كوم | منتدى أخبار المواقع والمنتديات العربية والأجنبية | 0 | 05-15-2009 11:30 AM |