In the nuapi.php file, in the function nuLogin($u, $p)
there is this sql query immediately after the check for the globeadmin user being logged in.
$s = "SELECT * FROM zzzsys_user WHERE (sus_login_name = ?
AND sus_login_password = md5(CONCAT(?, ?)))
AND zzzsys_user_id != 'globeadmin' ";
I pretty much understand it all, except for AND zzzsys_user_id != 'globeadmin'
since zzzsys_user_id seems to be an md5 hash, looking at the data in my tables.
It doesn't seem to matter though, since zzzsys_user_id can never be 'globeadmin'
in that case.
Wondering if this is a leftover bit of sql from an earlier version?
Or am I missing something?
thanks
Mark
Welcome to the nuBuilder forums!
Please register and login to view forums and other content only available to registered users.
Please register and login to view forums and other content only available to registered users.
nuapi.php - question about zzzsys_user_id != 'globeadmin'
-
- Posts: 6
- Joined: Thu Jul 30, 2015 5:19 am
- Location: Canberra, Australia.
-
- Site Admin
- Posts: 2781
- Joined: Mon Jun 15, 2009 2:23 am
- nuBuilder Version: 4.5
- Been thanked: 1 time
Re: nuapi.php - question about zzzsys_user_id != 'globeadmin
Mark,
It is meant to stop general users using globeadmin as a user name.
Steven
It is meant to stop general users using globeadmin as a user name.
Steven