| Author |
Message |
ring_c
Involved
Joined: Dec 28, 2003
Posts: 276
Location: Israel
|
 Posted:
Wed Jan 04, 2006 4:33 am |
|
I just had an issue with one of my co-admins. he logged into the site in a public place, and couldn't log out properly, as the control of the computer has been taken remotely.
Now his cookie is still in that copmuter, meaning, anyone can now log into the site, and have (almost) full control over it.
Is there a way to make phpnuke disregard this user till the next time he logs in with his name and pwd? maybe something in the nuke_users could be changed for this?
TIA! |
Last edited by ring_c on Wed Jan 18, 2006 8:00 am; edited 2 times in total |
|
 
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Wed Jan 04, 2006 4:36 am |
|
Use phpmyadmin and change the admin's name. |
| |
|
|
|
|
ring_c
|
| Posted:
Wed Jan 04, 2006 5:23 am |
|
| Raven wrote: | | Use phpmyadmin and change the admin's name. |
Hmmm... that's a bit brute, isn't it?
Just wanted to clarify, that he didn't log in using his admin user/pwd, but his username alone has full control in all forums (edit/delete/ip etc...).
Changing the name of the user, will create a fuss in the site. isn't there any other solution? changing the user's session time or something? |
| |
|
|
|
|
Guardian2003
Site Admin
Joined: Aug 28, 2003
Posts: 6799
Location: Ha Noi, Viet Nam
|
| Posted:
Wed Jan 04, 2006 5:46 am |
|
You might be able to remove the session from bb_session table - not tested but just a thought.
How about tracing the IP he used and placing a temp block on it till the session expires naturally - that would be my course of action. |
| |
|
|
|
ring_c
|
| Posted:
Wed Jan 04, 2006 7:51 am |
|
| Quote: |
How about tracing the IP he used and placing a temp block on it till the session expires naturally - that would be my course of action.
|
Now, THAT'S a great idea! and I was going to take it into effect. BUt! and that's weird... I couldn't find the user's IP.
Let me clear things up. I asked him for his pwd, and logged in and out in order to at least remove his name from the connected members. I thought maybe this will disable future logs in, till his name and pwd are put in again (you tell me if this is correct).
So, now I tried finding his IP using Nukesentinel, but the last IP logged today was actually MINE! His last IP recorded is from December 28th. how can THAT be? |
| |
|
|
|
|
ring_c
|
| Posted:
Wed Jan 04, 2006 7:57 am |
|
Oh, darn!!!
I just saw I missed his last IP logged today, since the list is not sorted by the date, but by... hmmm... by what actually???
Raven, could this be fixed in future versions? here's a screen capture helping you understand.
 |
| |
|
|
|
|
Raven
|
| Posted:
Wed Jan 04, 2006 8:46 am |
|
I have no idea what that screen capture is from. |
| |
|
|
|
|
Guardian2003
|
| Posted:
Wed Jan 04, 2006 8:49 am |
|
ring_c there is yet aother way to determine a user IP in your situation. Search for forum posts made by that user then you can grab the IP from his last post - usually. |
| |
|
|
|
|
ring_c
|
| Posted:
Wed Jan 04, 2006 9:35 am |
|
Raven, it's from NukeSentinel's tracked IP:
/admin.php?op=ABTrackedUsers |
| |
|
|
|
|
Raven
|
| Posted:
Wed Jan 04, 2006 9:43 am |
|
Tracked users are in username order which makes sense, right? It says that right in the drop down box. You can resort them as you need to. Tracked IP's are in IP order as one would expect. |
| |
|
|
|
|
ring_c
|
| Posted:
Thu Jan 05, 2006 5:31 am |
|
Raven, the screen I showed here is the user's screen itself. not the list of all users. all these IPs are from the same user.
Also, I've no idea where you see a drop down box. |
| |
|
|
|
|
Guardian2003
|
| Posted:
Thu Jan 05, 2006 6:01 am |
|
ring_c which version of Sentinel are you using? |
| |
|
|
|
|
ring_c
|
| Posted:
Thu Jan 05, 2006 7:48 am |
|
Guardian2003, 2.4.2. But your question made me look it up again, and I've found what Raven refered to in NukeSentinel General Settings screen. |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
