Admin panel: first user "admin" cannot change data

[GoogleCodeExporter]

kfm/admin/user.php

line:

$users=db_fetch_all('SELECT * FROM '.KFM_DB_PREFIX.'users WHERE id=1');

replace with this:

$users=db_fetch_all('SELECT * FROM '.KFM_DB_PREFIX.'users WHERE id>=1');

and add: user cannot delete there own accounts!.

kfm/admin/user_delete.php  between line 4 and 5

add this:
if($kfm->user_id == $_POST['uid']) die ('error("User cannot delete their 
own accounts")');

kfm(admin/user_change_status.php between line 4 and 5

add this:
if($kfm->user_id == $_POST['uid']) die ('error("User cannot change their 
own status")');

give me some days, and i found more things ;-)

Original issue reported on code.google.com by nilsfeld@gmail.com on 18 Nov 2009 at 2:33

[GoogleCodeExporter]

Thanks for the updates. I implemented the last two. But in my current system in 
users.php it is:
$users=db_fetch_all('SELECT * FROM '.KFM_DB_PREFIX.'users WHERE id>1');
which is correct. The user with id=1 is a special one that should not be messed 
with.

Original comment by bterku...@gmail.com on 1 Dec 2009 at 12:22

[GoogleCodeExporter]

ok, i see it. 

Original comment by nilsfeld@gmail.com on 1 Dec 2009 at 5:53

[GoogleCodeExporter]

can this be closed?

Original comment by kae.verens@gmail.com on 27 Dec 2009 at 12:16

• Removed labels: Milestone-2.0

[GoogleCodeExporter]

Original comment by nilsfeld@gmail.com on 28 Dec 2009 at 11:24

• Changed state: Fixed