Gath Posted May 23, 2007 Share Posted May 23, 2007 Hello. So, on my site i wanted to 'block' the possibility for an user to create a 'username/nick' pretending to be part of the community 'administration'. On that list i already have: 'site name' (e: phpfreaks) 'the name of the creator/admin' (e: John Doe) Administrator Admin GM GameMaster and... i dont know anymore Any idea would be welcome. The particular community i wanted this for is made of a forums and a web-game (therfore the 'GameMaster'), altought i wanted some geral ideas also. Quote Link to comment https://forums.phpfreaks.com/topic/52594-preventing-admin-inpersonation/ Share on other sites More sharing options...
Nameless12 Posted May 23, 2007 Share Posted May 23, 2007 you should have a whole table of admins storing the users id and their administration level, the users have no way of changing their user_id so its pretty much impossible for them to pretend to be an admin. If you are just worred about people going around with a username of ADMIN, just filter out names you dont allow in registration page. Quote Link to comment https://forums.phpfreaks.com/topic/52594-preventing-admin-inpersonation/#findComment-259594 Share on other sites More sharing options...
steelmanronald06 Posted May 23, 2007 Share Posted May 23, 2007 I think he has got that much down, Nameless12. I think he is looking for other names that might be used. Some are: Mod Moderator Global Admin Global Administrator Owner Webmaster Leader Really, anything that shows leadership. BUT, it is going to be hard to block all of them. Quote Link to comment https://forums.phpfreaks.com/topic/52594-preventing-admin-inpersonation/#findComment-259783 Share on other sites More sharing options...
448191 Posted May 23, 2007 Share Posted May 23, 2007 There should be a clear distinction between FUNCTION (or position) and USERNAME. Making those two the same is asking for trouble. Better off simply offering unique identification of some kind to admins and mods. Like SMF uses red and blue fat stars. Without those it is useless for anyone to impersonate an admin or mod. In addition you can add a simple string check for 'admin' and 'moderator'. Not that anyone would fall for an impersonation when you use distinctive visual marks, but just because it looks a little silly. I personally would allow GameMaster, Webmaster and whatever. Imagine a user named Administrator with the position of n00bie right below it. That'd look silly. Quote Link to comment https://forums.phpfreaks.com/topic/52594-preventing-admin-inpersonation/#findComment-259790 Share on other sites More sharing options...
Nameless12 Posted May 23, 2007 Share Posted May 23, 2007 not allowing spaces in the names would help make it easier to filter with regex Quote Link to comment https://forums.phpfreaks.com/topic/52594-preventing-admin-inpersonation/#findComment-259794 Share on other sites More sharing options...
Liquid Fire Posted May 23, 2007 Share Posted May 23, 2007 I think he means he just wants to block name that would make it appear they are a admin. I don't think the if they create a account with a username could SuperAdmin that they would have admin rights but other poeple on the site might think he or she is an admin becuase of there name. Quote Link to comment https://forums.phpfreaks.com/topic/52594-preventing-admin-inpersonation/#findComment-259853 Share on other sites More sharing options...
Gath Posted May 23, 2007 Author Share Posted May 23, 2007 Yes, the actual admins will have a "visual" effect. What i want to prevent is if someone new to the community enters and some "scammer" tries to abuse that person, to make sure the person isnt fooled easily. And no, the "names" and "position" arent related I just want to clear all names to avoid problems. And yeah, in the end one cant ever prevent all abuse, but trying to narrow it sometimes works wonders Thanks for the input. Quote Link to comment https://forums.phpfreaks.com/topic/52594-preventing-admin-inpersonation/#findComment-260082 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.