DWZ
Thu 10th Oct '02, 10:39am
I was playing around with my Admin CP and found what I think is a bug... It's nothing big, but a bug all the same...
In the Admin CP, if you go down to the "Admin Log" then click "Want to restrict access to this script?", you get an example config.php. In that example, it has:// allow password viewing / editing in control panel
// 0 = not visible or editable
// 1 = not visible, but can be edited
// 2 = visible and can be edited
$pwdincp=0;Now as you know, since all passwords have been encrypted, it's not possible to view the password, thus this code is no longer in use. I'm guessing it's just been left over from an old version of vBulletin when an admin could see the password.
As I said, nothing major, but it may confuse a few people when they look at it.
The fix (if you would even call it that... lol) would obviously to remove lines 303-308 (from an un-hacked version of vBulletin 2.2.8) in /admin/adminlog.php.
In the Admin CP, if you go down to the "Admin Log" then click "Want to restrict access to this script?", you get an example config.php. In that example, it has:// allow password viewing / editing in control panel
// 0 = not visible or editable
// 1 = not visible, but can be edited
// 2 = visible and can be edited
$pwdincp=0;Now as you know, since all passwords have been encrypted, it's not possible to view the password, thus this code is no longer in use. I'm guessing it's just been left over from an old version of vBulletin when an admin could see the password.
As I said, nothing major, but it may confuse a few people when they look at it.
The fix (if you would even call it that... lol) would obviously to remove lines 303-308 (from an un-hacked version of vBulletin 2.2.8) in /admin/adminlog.php.