I'm using elgg on a very small network which I've made everyone an admin, but I want to remove the 'administration' option from the nav list next to settings and logout so no one can tamper with the site settings. How do I do this? or is there a way for the admin options to only be availble to me?
Thanks.
Jake.
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
The admin link and admin dashboard is only available for the admin or admins.
Rodolfo Hernandez
Arvixe/Elgg Community Liaison
Making everyone an admin is a wrong idea. Even if they cant access your admin panel, they can do someother potential hazards to your site like deleting or banning other users, deleting contents etc.. And it sometimes they may be able to reach the admin panel, with out even clicking on the link.
If you still want to open admin access to all, the best way for you to is check for a master_admin function in the elgg admin contexts.
I know the risks.
Where do I find php file to remove 'Administration' from the menu list? and the list of admin tools on someone's profile? I have hunted through the files but can't seem to find them.
I've made it so whenever someone signs up they're admin straight away. but can't find out to hide the control panel.
Thanks,
Jake.
I've found out how to remove the Administration now so that is sorted. I've also removed the admin options on profiles, now all I need to find is the explore log.
Do you plan to publish your code solutions here or only post your questions seeking help ? The typical style here @Elgg Comm really is to *share our solutions so that others who may face similar situations benefit from everyone else's experiences... Cheers ;-)
Use the Firebug plugin in Firefox to identify the relevant files.
If you remove the links, they will be gone for everyone - including your account. You know that? I still don't see any sense in your approach. You want everyone to be an admin but at the same time you don't want them to have access to any admin tools. So why make them admins in the first place? If you keep everyone who shouldn't have access to admin tools a regular user - like it's the default Elgg behaviour - you wouldn't need to change anything at all.
Hi Dhrup I wasn't sure if that was the best idea, also I'm fairly inexperienced at PHP. But I'll post it anyway.
For creating admin;
In users.php
Under function create_user_entity
I added admin. and 'yes'.
$query = "INSERT into {$CONFIG->dbprefix}users_entity (guid, name, username, password, salt, admin, email, language, code) values ($guid, '$name', '$username', '$password', '$salt', 'yes', '$email', '$language', '$code')";
Removing the admin list and admin options it was simply a case of removing the php for those locations in users.php
iionly -
I'm only removing some of the admin tools.
I didn't say it did, that is for adding admin when a user signs up. I have tested the site and it's still working fine.
This code by itself :=
$query = "INSERT into {$CONFIG->dbprefix}users_entity (guid, name, username, password, salt, admin, email, language, code) values ($guid, '$name', '$username', '$password', '$salt', 'yes', '$email', '$language', '$code')";
Believe it ! with 100% certainty --
creates a DB refential anomaly
and therefore makes the database lose integrity
even if 'it's still working fine'.. ;-)
- Previous
- 1
- 2
- 3
- Next
You must log in to post replies.