Jump to content
MakeWebGames

Auto fed

MrAnthony

By MrAnthony
in Free Modifications

 Share

Recommended Posts

Joshua Newbie

Joshua

Posted
Posted

what I was referring to when you want to eye multiple ID's

 

you posted

 

$db->query("UPDATE users SET fedjail=0 WHERE userid=1");

$db->query("UPDATE users SET fedjail=0 WHERE userid=2");

$db->query("UPDATE users SET fedjail=0 WHERE userid=3");

$db->query("UPDATE users SET fedjail=0 WHERE userid=4");

$db->query("UPDATE users SET fedjail=0 WHERE userid=5");

that's 5 queries when the one I posted would do the trick :D just put your Admins ID's in the array ^_-

  • Replies 55
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

MrAnthony Newbie

MrAnthony

Posted
  • Author
Posted

Re-edited my first post again >.<

and

what I was referring to when you want to eye multiple ID's

 

you posted

 

 

Quoted

 

$db->query("UPDATE users SET fedjail=0 WHERE userid=1");

$db->query("UPDATE users SET fedjail=0 WHERE userid=2");

$db->query("UPDATE users SET fedjail=0 WHERE userid=3");

$db->query("UPDATE users SET fedjail=0 WHERE userid=4");

$db->query("UPDATE users SET fedjail=0 WHERE userid=5");

 

that's 5 queries when the one I posted would do the trick :D just put your Admins ID's in the array ^_-

but am only useing one of them >.<

BUt thanks i see what you was getting to ( am only a noob trying to help other noob's)

DougK Newbie

DougK

Posted
Posted

Here is what I would use.... (Note, this is set up for V1, but it should be simple enough to convert)

First, a global function:

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

 

Now, make a new page called adminauth

 

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

 

To use the function, simply add admincheck(); immediately after the line on the page that redirects to login.

 

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

 

For V2, this only has to be added to sglobals.php

Functionality: When a user tries to access an admin-only page, they are prompted for both the password associated with their userid, as well as a shared password (I call it a security token) that is known amongst staff. If they don't have the proper credentials, they are automatically punished (this example just throws them in county jail/in game jail for a long time and zeros all of their regenerative stats), and a message is sent to the admins to let them know someone tried to break in. The nice thing about this setup is that it doesn't require additional coding to add additional staff, unlike the header array method. This current version works for any staff, but I hope it is pretty straightforward should you want to implement it separately for different staff levels.

MaddDogg49 Newbie

MaddDogg49

Posted
Posted

$db->query("UPDATE users SET fedjail=30 WHERE user_level=2 AND userid!=1 AND userid!=4 ");

add AND userid!= for each admin you have...

It saves server load every min.... on fed jailing and un fed jail.... thats the best way(useing cron)... Other then making the Auth Page or Doing the Array in the Header.

You could also do like I did and make a Admin pass on users database... Default = 0

then you have to go thru and edit EVERY admin page and add the code... Thats ALOT to explain... but really works good..

then you could do

$db->query("UPDATE users SET fedjail=30 WHERE user_level=2 AND adminpass!=asdgfdsa ");

Joshua Newbie

Joshua

Posted
Posted

I dno about total fail jordan, I beleive Doug provided some information that can benefit others and broaden some horizons into..other ways of doing things :)

DougK Newbie

DougK

Posted
Posted
Which part off this thread is actually any use? ... Good try but in the words off CrazyT FAIL

I wouldn't consider any thread where someone comes away saying they learned something a failure.

What someone who is looking to start their own game would get from a thread like this is the knowledge that you can't rely on a single method to ensure a user has the proper permissions to perform privileged functions..

Multiple point authentication is one method. Cross-checking is another. Either way, ensuring that someone cannot get into an area of your game (or any web app) that they shouldn't is a good idea.

Joshua Newbie

Joshua

Posted
Posted

A valid point Doug.

Again, The only failure of this post would be if no one learned anything.

I'm sure a lot of the new guys grasped a concept or two and Doug actually made me look at his way, so win win i think ;)

Jordan Palmer Newbie

Jordan Palmer

Posted
Posted

Alright, What I meant was the idea was a fail, They're so much better ways to deal with this, I'm not gunna give you any clues as I had to find out for myself, but maybe I'll add something up soon :]

 

Fair enough it was a good try and I'm happy alot off you learnt something so well done Dough, But still lol

Jordan Palmer Newbie

Jordan Palmer

Posted
Posted
A simple thing to actually stop unwanted admins gaining access, add a password to your panels....

I do something to that extend, It's all about how you go about doing it really....It's easy enough to add a staff panel with a password but then they're pretty easy too crack :P

Jordan Palmer Newbie

Jordan Palmer

Posted
Posted
I have a much better system I use but it's mine :P

Haha, Exactly what I'm thinking :P

 

@Dom; Locking it with IPS isn't always a great idea, Hence if I needed to ban someone but was at a friends house then I wouldn't be able too, so the spammer would be able to keep going :P

Dominion Newbie

Dominion

Posted
Posted

for you that won't matter you would have cpanel for staff there should always be more the one online however mail ban for example would not be ip locked just the main staff stuff eg basic settings etc

AlabamaHit Newbie

AlabamaHit

Posted
Posted
I have a much better system I use but it's mine :P

Haha, Exactly what I'm thinking :P

 

@Dom; Locking it with IPS isn't always a great idea, Hence if I needed to ban someone but was at a friends house then I wouldn't be able too, so the spammer would be able to keep going :P

lol, jump into cPanel, allow the IP your at, and your good.. :)

 

Now on topic.

If your adding in the header, there is no need for 'placing in fed jail'...that is just pointless SQL that have to run. Your already in the header, just send a die() or exit()...that is all..The efffect is the exact same as if in fed jail right??

 

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

 

That shouold give the same result without having to run sqls.

Jordan Palmer Newbie

Jordan Palmer

Posted
Posted

No what I mean is, if a staff member is at a friends house and the staff panel is locked with IPS then they wont be able too ban the spammer, and pretty much wont have access to the cpanel.

 

I think you caught what I said wrong before.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...