Hey Ragezone,
I don't know if this Tutorial has been released yet.
Today I want to show you how to secure your staff's account's
I - SQL
1) Create a Table that would keep the IP's.
We start creating a table that would keep the IP's, incase if someone else got acces on the staff account with a different IP he would not have acces on the housekeeping, This table Would have 2 collums: `ip`, `pseudo`. than you will see that each account have the login IP. This is the SQL to add in you're database :
CREATE TABLE IF NOT EXISTS `ip_staff` ( `ip` varchar(255) NOT NULL, `pseudo` varchar(255) NOT NULL DEFAULT 'AUCUN') ENGINE=MyISAM DEFAULT CHARSET=latin1;
To complete the table, Click on "Insert" Than in IP, enter the IP off the staff, In psuedo enter the staff username, than save it
II - Redirection (on PHP)
1) We create our mini security system.
We are now going to make the PHP code that would search the computer that try to login with the staff account, and will compare the IP with the IP given in the Database (You will have to make a page a redirection page, we will call it,
"staff_protect.php".
Put the following code in to the CMS main folder : (in my case its global.php)
<?php/** système anti intrusion par OvZ (peut être modifié/supprimé) **/if($user['rank'] >= 4) {$lancer[1] = mysql_query("SELECT ip,pseudo FROM ip_staff WHERE ip = '".$_SERVER['REMOTE_ADDR']."'");$donnees[1] = mysql_fetch_array($lancer[1]);if($donnees[1][pseudo] != $user['username']) {header("location:./staff_protect.php");die();}} ?>
Your staffs will be now secured ( you will never know if your mods give there password to someone to buy some furni's in the staff catalogue )
Credits:
Forum : Ibuild
User : OVZCMS
ME : for the translation & the share :w00t:
Crowey
I don't know if this Tutorial has been released yet.
Today I want to show you how to secure your staff's account's
I - SQL
1) Create a Table that would keep the IP's.
We start creating a table that would keep the IP's, incase if someone else got acces on the staff account with a different IP he would not have acces on the housekeeping, This table Would have 2 collums: `ip`, `pseudo`. than you will see that each account have the login IP. This is the SQL to add in you're database :
CREATE TABLE IF NOT EXISTS `ip_staff` ( `ip` varchar(255) NOT NULL, `pseudo` varchar(255) NOT NULL DEFAULT 'AUCUN') ENGINE=MyISAM DEFAULT CHARSET=latin1;
- - - - - - - - - - - - - - - - - - - - - - - - - - -
2) Complete the table.To complete the table, Click on "Insert" Than in IP, enter the IP off the staff, In psuedo enter the staff username, than save it
II - Redirection (on PHP)
1) We create our mini security system.
We are now going to make the PHP code that would search the computer that try to login with the staff account, and will compare the IP with the IP given in the Database (You will have to make a page a redirection page, we will call it,
"staff_protect.php".
Put the following code in to the CMS main folder : (in my case its global.php)
<?php/** système anti intrusion par OvZ (peut être modifié/supprimé) **/if($user['rank'] >= 4) {$lancer[1] = mysql_query("SELECT ip,pseudo FROM ip_staff WHERE ip = '".$_SERVER['REMOTE_ADDR']."'");$donnees[1] = mysql_fetch_array($lancer[1]);if($donnees[1][pseudo] != $user['username']) {header("location:./staff_protect.php");die();}} ?>
Your staffs will be now secured ( you will never know if your mods give there password to someone to buy some furni's in the staff catalogue )
Credits:
Forum : Ibuild
User : OVZCMS
ME : for the translation & the share :w00t:
Crowey
Last edited: