nuapi.php - question about zzzsys_user_id != 'globeadmin'

nuapi.php - question about zzzsys_user_id != 'globeadmin'

Postby mark.reynolds » Tue Mar 01, 2016 2:22 pm

In the nuapi.php file, in the function nuLogin($u, $p)
there is this sql query immediately after the check for the globeadmin user being logged in.

$s = "SELECT * FROM zzzsys_user WHERE (sus_login_name = ?
AND sus_login_password = md5(CONCAT(?, ?)))
AND zzzsys_user_id != 'globeadmin' ";

I pretty much understand it all, except for AND zzzsys_user_id != 'globeadmin'
since zzzsys_user_id seems to be an md5 hash, looking at the data in my tables.

It doesn't seem to matter though, since zzzsys_user_id can never be 'globeadmin'
in that case.

Wondering if this is a leftover bit of sql from an earlier version?
Or am I missing something?

thanks
Mark
mark.reynolds
 
Posts: 6
Joined: Thu Jul 30, 2015 12:49 pm
Location: Canberra, Australia.

Re: nuapi.php - question about zzzsys_user_id != 'globeadmin

Postby admin » Thu Mar 17, 2016 11:43 am

Mark,

It is meant to stop general users using globeadmin as a user name.

Steven
admin
Site Admin
 
Posts: 3406
Joined: Mon Jun 15, 2009 9:53 am
nuBuilder Version: 4.5


Return to Custom Code