Community Forum

If you have questions about my software, chances are this forum has the answers.

You'll need to register before you can post on the forum to ask your question or to answer another one. A reply will be posted to each and every question that is asked so there is no need to double post or bump your post. I do my best to answer promptly but in some cases it may take a day or two. Bear with me and I`ll get your question answered quickly.

Here are a few tips to help you to get your questions answered more rapidly.

IMPORTANT: Posts in English only. I don't have a translator and I'll be unable to understand your message properly and will probably delete it.
SEARCH: Use the search option to see if your question has been answered on the forum before now or if there is an answer in the documentation of your software.
PRIORITY SUPPORT: If you have purchased a commercial version of any software, using the contact option at the licence centre ensures a faster response.
AUTO DELETION: Accounts older than 5 days, with no posts or topics, are automatically deleted. Only register if you are thinking of posting.
LINKS: Any links posted are not clickable and must be copied / pasted into your browser address bar.

You are not logged in.

#1 y3000 11-07-2018 09:19:01

I wondered why all of our supporters where suddenly admins. Then I noticed that when I edit staff logged in as Master-Admin (ID 1) everything is fine but when I'm logged in with my personal account (marked as admin) the supporters were set to admin when I edited them:

To solve this problem I edited the following files (@Maian: Maybe you can fix this for the next update);

/admin/templates/system/team/team.php
Replace the following line

<input type="hidden" name="admin" value="yes">

with

<input type="hidden" name="admin" value="<?php if (isset($EDIT->admin) && ($EDIT->admin=='yes' || $EDIT->id=='1')) {echo "yes";} else {echo "no";};?>">

/admin/control/classes/class.users.php // update()
Replace the following block

    if ($user != '1') {
      $isAdminUser = (isset($_POST['admin']) ? 'yes' : 'no');
    } else {
      switch($_POST['update']) {
        case 1:
          $isAdminUser = 'yes';
          break;
        default:
          if (isset($_POST['admin'])) {
            $isAdminUser = 'yes';
            $editperms = serialize(array('ticket','reply'));
          }
          break;
      }

with

    if ($_POST['update'] == '1') {
      $isAdminUser = 'yes';
    } else {
	  if (isset($_POST['admin'])) {
		$isAdminUser = $_POST['admin'];
	  }
    }

Last edited by y3000 (11-07-2018 09:19:35)

#2 msworld 11-07-2018 11:49:35

I thought I had fixed this. Must have broke it again. sad

Thanks for letting me know, added to bugs to be fixed.

#3 msworld 11-07-2018 11:58:21

Ok, I`ve checked, but it seems to be ok.

1. Log in as user 2, which is an admin
2. Edit user who isn`t an admin, they stay as none admin

Did I miss something?

#4 y3000 11-07-2018 12:36:08

No, that's exactly the way I did this ... and when I look at the code (e.g. in /admin/templates/system/team/team.php the admin value ist hard coded for all useres beside superadmin with ID1: <input type="hidden" name="admin" value="yes">) it can't work correctly.

I've dowloaded the script from here: https://www.maiansupport.com/zip.html. Is it possible that you tested with a newer codebase?

#5 msworld 11-07-2018 14:54:53

No, I don`t think so, should be the same. NO problem, I will run some more checks. Have tried it with 3 accounts at the moment, all work ok.

I`ll let you know if I find anything.

#6 y3000 12-07-2018 06:47:14

Strange ... But with the following code in the /admin/templates/system/team/team.php everytime when an admin-user who is not not the super-admin (ID1) edits a supporter the value for admin is "yes":

                if ($MSTEAM->id != '1' && $MSTEAM->admin == 'yes') {
                ?>
                <input type="hidden" name="admin" value="yes">
                <?php
                }

And in /admin/control/classes/class.users.php with this code, evertime when an admin-user who is not not the super-admin (ID1) edits a supporter the variable $isAdminUser is set to "yes" when $_POST['admin'] is set - but $_POST['admin'] is set in every case to "yes" as far as I can see:

    if ($user != '1') {
      $isAdminUser = (isset($_POST['admin']) ? 'yes' : 'no');
    }

I'll check with the next update if the problem still exists for us ... then I give you feedback wink

#7 msworld 12-07-2018 06:52:24

Thanks. I`ll take a look at it now. If there is a bug, I prefer to get it sorted. Will run some more tests and let you know.

#8 msworld 12-07-2018 07:52:31

Ok, what I should have done was enabled the admin option only for the ID:1 user. No other admins can change this. So, hopefully fixed now.

Download and replace:

admin/templates/system/team/team.php
admin/control/classes/class.users.php

And retest then let me know. smile

#9 y3000 13-07-2018 08:05:18

Seems ok now ... thank you smile

#10 msworld 14-07-2018 15:07:11

Excellent, thank you. smile

Board footer

Maian Script World - Free PHP Software for Personal or Business Use.
© 2003-2018 Maian Script World & David Ian Bennett.

2Checkout.com is an authorized reseller of goods and services provided by Maian Script World