Authlevel Protection

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • Authlevel Protection

      When users change(hack) the authlevel after login ..
      Is it possible to protect with the following sources?


      common.php
      My 2moons is old.

      /* Authlevel Protection - out of service. */
      if($_SESSION['authlevel'] != $USER['authlevel']) {
      $db->query("UPDATE ".USERS." SET `authlevel` = '".$_SESSION['authlevel']."' WHERE `id` = ".$USER['id'].";");
      redirectTo('index.php');
      }
      --------------------------------------------------------------------------------------
      My version is 2moons 1.3v . :D But all fixed bug and more then mod added.
      diyworld.biz
      Test universe: 1
      ID:2moons pw:1234
    • how do they hack the autlevel after login first of all ? It should be better to protect that issue
      - Xterium Template
      - War of Alliance Template
      - Antaris-Legacy Template
      - Ogame Template

      I can and will only help with instalation with hostings including cpanel or plesk and an teamviewer access
    • New

      First of all, the session admin access, existing or not existing, does absolutely nothing. Even if you steal admin password, you know it is used to login/auth. I am curious how they change that values and if that really exists, solution is simple: force auth_level>0 column or recode the admin panel and problem solved.

      Also @noonn which version you're using? Have seen your games around 1.3 and 1.5 . Maybe any old security issue not affecting current game?

      PS. Now that i talked about admin panel, it needs to be recoded. Uses primitive coding and old db vars.
      Looking for good VPS to host your game? Use DigitalOcean and get 100$ bonus credit for 2 months!

      Check my mods here - stellaron.space/index.php?page=2Moons

      I can build any mod. Need my service? Contact me via PM

      The post was edited 1 time, last by Qwa ().