CHAPTER 10 SECURING AND MAINTAINING PHPBB 297 Figure 10-1. The SQL query box in phpMyAdmin 2.6.1 You ll input a raw SQL query here. In the query box, type the following line to check who has administrator rights, substituting with the database prefix you selected while setting up your phpBB (typically phpbb): SELECT user_id, username FROM _users WHERE user_level = 1 To check to see which users have moderator permissions, run this query: SELECT user_id, username FROM _users WHERE user_level = 2 The queries return the user ID number assigned by phpBB at registration and the user- name of the empowered users, in a table structured like the one shown in Figure 10-2. Figure 10-2. The results of running the administrator query Tip If you find SQL queries cumbersome and inconvenient, as most people do, a far more graceful alternative to running these queries exists as a modification to the board. Visit http://www.phpbbhacks.com/ download/2977 to download the feature, and flip ahead to Chapter 11 for pointers on installing it. Auditing on a regular basis is a good method for detecting people who may have surreptitiously gained administrative or moderator access without your knowledge. If you find people who are administrators that you don t want as administrators, you can edit their permissions (see the Setting Per-User Permissions section later in this chapter) and remove their rights. Then be sure to read the Installing Updates section, coming up soon, as you may have a security flaw.
Searching for affordable and proven webhost to host and run your servlet applications? Go to Linux Web Hosting services and you will find it.
This entry was posted
on Tuesday, September 18th, 2007 at 1:04 pm and is filed under MySQL5.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.