Skip to:
Content
Pages
Categories
Search
Top
Bottom

Forum Replies Created

Viewing 4 replies - 1 through 4 (of 4 total)

  • synergywp
    Participant

    @synergywp

    Figured it out:

    Hopefully this doesn’t break anything, but i’ve tested it with profiles and it works.

    I looked in the database and changed my specific admin account’s “nicename”… the nicename is there i’m pretty sure for exactly that, a name that plays nice with URLs.
    I’ve made the nicename into ‘adminexample’ while my login remains the same. On the members listings, my url for my profile is ‘adminexample’.

    Success! I think. Does anyone have any ideas why a user’s login and nicename would need to be excactly the same?

    [Edit: just thought of one… If another user makes an account with “adminexample” we could have issues ]

    Finding from Edit:

    Success! I created a new account with the “adminexample” as the username (same as the admin’s account nicename) and it simply created a /members/adminexample-2/ for the profile page. Awesome.

    Now, having figured this out, it doesn’t seem unreasonable for this to be somehow integrated into BP core, but I do realize this could mess up a lot of other plugins. Guess that’s why I’m not a big time developer.

    Enjoy if this helps you. :)


    synergywp
    Participant

    @synergywp

    Hmmm.. I agree Dannyjimmy.. I was excited to see an “official” link on caching for BP, but it looks like I’ve found nothing.


    synergywp
    Participant

    @synergywp

    Well… I’m running a site that the members would like to know the admin is active on… responding to questions, posts, etc. It would be like coming here and finding the developers never talk on the forums. So, it’s simple… Someone knows 1/2 of the equation to enter my admin account. Just like on here, I know 1/2 the equation to get into your account. I’m not a hacker by any means, but there are others out there who like to do malicious things to sites just for the hell of it. I have customers involved, so if someone hacks my site, that makes me look very bad. That’s all. I just thought I would ask.

    I know in a response you mentioned googling methods to help secure WP. Well, I know from several years ago about making a database edit to the username for the original admin. This was before you could choose the first admin’s username. This made very good sense to me now because now its like you almost need 2 passwords. But now, with the way this is all implemented in BP, and without a work around, changing “admin” to something else is useless.

    The only other thing I can think of would be to just make another account that is an Editor or similar role and only do posts on that. This way they won’t be able to access things like user info, etc.

    Didn’t mean for this to blow up, just thought there might be a simple function to call. thats all :) Thanks for the interest.


    synergywp
    Participant

    @synergywp

    Problem with option 1: the admin will still be active roll on the site… So the new admin account would then be able to be seen. Problem with having the user have admin privileges is someone could still come in and delete any posts, etc.

    When you say edit database directly, do you mean just changing the username? I thought because of the tight integration between WP and BP, the username for BP is the exact field as $user->user_login. So, unless its two different fields, this wouldn’t work.

    I’m seeing that plugin, but its still the same issue I suppose… People will still see the username through hovering over or viewing the profile’s URL…. i.e. your login is modemlooper. Is it not? Mine is synergywp. Everyone knows this, so its just a matter of a malicious visitor getting a password somehow.

    Thanks for the help, but maybe I didn’t properly explain… I don’t want people to be able to see the username, in any way shape or form, of an active admin, but I want the admin to be able to be active in the forums/members list, etc.

Viewing 4 replies - 1 through 4 (of 4 total)
Skip to toolbar