Site details:
URL to your eFiction: http://www.silmarillionwritersguild.org/archive/home/
Version of eFiction: 3.3.1
Have you bridged eFiction, if so with what?: No and no mods installed.
Version of PHP: 5.2.5
Version of MySQL: 5.0.45-community-log
Have you searched for your problem: Yes
On the forum we the admins often read that admin level four was a level 4 admin is just a validated author without any admin rights... We used this level to help authors who had issues logging in or with posting a story (we contacted our host about this already). However yesterday one of those level 4 members told me she could edit a review left by a reader/fellow member. Upon futher inspection, I discovered that this was not limited to stories of the level 4 member, butlevel 4 admins can also edit every review left for all stories posted at the archive. Also level 4 admins can delete reviews and we have such function disabled for members (it's an admin task) This gave me pause because this seems so contradictive to what is shared here on this forum. I did test this at a complete different archive I am an admin off (currently using 3.4.3) and I did spot the same problem.
Is it possible that these admin rights (editing/deleting reviews) can be stripped off the admin level 4 membes? Can someone please tell me how and where I can make the changes or is this a bug? (if so, my apologies for posting it at the wrong forum)
Thanks in advance!
I'm not sure if those "rights" are supposed to be like that, but I assume they are ... Okay, validated authors are validated authors. Level 4 admins are validated authors and are able to edit/delete comments, news (I think) and reviews.
From memory, the files uses the constant isADMIN to differentiate between admin and member, and then uses uLEVEL for level 1, 2, 3, 4.
I'll take a look at my files to see...
Edit:
includes/get_session_vars.php:
define("uLEVEL", $userdata['level']);
define("isADMIN", uLEVEL > 0 ? true : false);
Will elaborate later, I have to go now. π‘
archive:
site:
Available for skin/mod commission! π
Well I can see that, however when in admin, the explanation for level four in the system is thusly: Level 4 is an authorized author for archives with submissions turned off.
This doesn't say a thing about having admin rights to delete reviews or edit them which is defined in the reviews settings in the admin panels (we have it selected that members cannot delete reviews). By giving someone admin level 4 above all other authors at our archives who can submit stories just as easily as a normal membern, this gives level 4 admins an unwanted advantage above normal members. At our archive, only admins can edit reviews or delete them (see:
/admin.php?action=settings§=reviews
.
By giving level 4 admins such rights, but still have him appear as normal members is just drama waiting to happen *if* a level 4 admin choses to edit away whenever there is a review they don't like. The way Tammy and other's always explained Level 4 admins is that they were normal members, but could bypass the submission authorisations and nothing else. So this took us completely by surprise given the way it has been constantly explained here. I hope I am making sense here.
I understand, but I still don't "properly" understand what a level 4 admin is actually supposed to have? I'm kind of in the same boat as you. I'm a level 4 admin at another archive for skin testing purposes (they can still skins).
However, level 4s AFAIK have always had those rights.
Unless it's been something that's overlooked whilst coding, the only way to change it for your own archive is to edit the file yourself. In the reviews.php you could add the uLEVEL <= 3 or something to differentiate.
archive:
site:
Available for skin/mod commission! π
Just curious as to why you are still running 3.3.1? It's been at 3.4.3 for awhile. While I don't remember what all the fixes were in the latest version, it did fix a lot of bugs. Maybe if you upgrade to this version it might resolve your problem?
******************************************
Mucking around in eFiction since circa 2001 (ver. 1.0)
Now running v.3
Just curious as to why you are still running 3.3.1? It's been at 3.4.3 for awhile. While I don't remember what all the fixes were in the latest version, it did fix a lot of bugs. Maybe if you upgrade to this version it might resolve your problem?
We had huge issues with co-author's when we upgraded from 3.4.2 to 3.4.3, see this thread. We had several errors popping up as well so we went back to 3.3.1 succesfully, because for us it was a stable release.
I understand, but I still don't "properly" understand what a level 4 admin is actually supposed to have? I'm kind of in the same boat as you. I'm a level 4 admin at another archive for skin testing purposes (they can still skins).
However, level 4s AFAIK have always had those rights.
Yes, thats what we found out too. It was just something that never was reported amongst the description of admin 4. I've read that some efiction users used it for trusted members, but it was also suggested to give members with archive accessing problems that status, but that doesn't necessarily mean that they are trusted members.
Unless it's been something that's overlooked whilst coding, the only way to change it for your own archive is to edit the file yourself. In the reviews.php you could add the uLEVEL <= 3 or something to differentiate.
Okay!! Thanks so much for suggesting it and where to look, I really appreciate it!
I am reviving this! Is there a way to do this? To disable the Level 4 Admins' ability to edit/delete reviews (AND NEWS POSTS)?
EDIT: Figured it out! π
EDIT 2: Ok, disaster struck and all the sudden ALL our members had admin privs and started deleting and editing stuff. : So I guess I am wondering what a solution to the original question is?
