In the nuapi.php file, in the function nuLogin($u, $p)
there is this sql query immediately after the check for the globeadmin user being logged in.
$s = "SELECT * FROM zzzsys_user WHERE (sus_login_name = ?
AND sus_login_password = md5(CONCAT(?, ?)))
AND zzzsys_user_id != 'globeadmin' ";
I pretty much understand it all, except for AND zzzsys_user_id != 'globeadmin'
since zzzsys_user_id seems to be an md5 hash, looking at the data in my tables.
It doesn't seem to matter though, since zzzsys_user_id can never be 'globeadmin'
in that case.
Wondering if this is a leftover bit of sql from an earlier version?
Or am I missing something?
thanks
Mark
Welcome to the nuBuilder Forums!
Join our community by registering and logging in.
As a member, you'll get access to exclusive forums, resources, and content available only to registered users.
Join our community by registering and logging in.
As a member, you'll get access to exclusive forums, resources, and content available only to registered users.
nuapi.php - question about zzzsys_user_id != 'globeadmin'
-
mark.reynolds
- Posts: 6
- Joined: Thu Jul 30, 2015 5:19 am
- Location: Canberra, Australia.
Re: nuapi.php - question about zzzsys_user_id != 'globeadmin
Mark,
It is meant to stop general users using globeadmin as a user name.
Steven
It is meant to stop general users using globeadmin as a user name.
Steven