• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 1.2 Queries

Amaury

Well-known member
#1
  1. A while ago I changed the default registration values. Is there a query I can run that would set it that way for all members already registered?
  2. Next, is there a query I can run that changes the users' style preference (e.g., to the default style).
  3. Lastly, where do I go to run queries?

Thanks!
 

Brogan

XenForo moderator
Staff member
#2
1. Which settings do you want to change? Be aware that existing member may get annoyed if you change their account settings.

2. Remove all other styles as user selectable and they will fall back to the default style.

3. phpMyAdmin.
 

Amaury

Well-known member
#3
1. Which settings do you want to change? Be aware that existing member may get annoyed if you change their account settings.

2. Remove all other styles as user selectable and they will fall back to the default style.

3. phpMyAdmin.
Hi, Paul. Thanks for responding.

  1. We don't have a very big member base, so it shouldn't be too big of a deal. It's just the watched threads and profile privacy ones. I don't remember the default values, but this is what I have now in Options > User Registration > Default Registration Values:
    - Watch threads: Yes, with e-mail
    - View profile page details: All
    - Post profile messages: Members
    - Receive news feed: All
    - Initiate conversations: Members
    - View identities: Members
  2. Does that automatically change their preference to that on /account/preferences? As in, if someone is using Test Style and I disable it and their style changes to Default Style, if I re-enable Test Style, will they still have Default Style the next time they're on or will they see Test Style?
  3. It doesn't sound like there's a built-in SQL query thing on XenForo like on vBulletin. Do you know if there are any plans or suggestions regarding adding that?
 

Null

Well-known member
#4
It'd be a stupid idea to even think of allowing any SQL execution from the admin control panel.

Imagine if a XSS vulnerability was discovered? Somebody could elevate their permissions and do some serious damage.

Here's a little clue...
Code:
DROP DATABASE x;
PHPMyAdmin itself should be locked down as much as possible (HTTP auth, IP-level whitelist, etc).
 

Liam W

Well-known member
#5
The SQL executor on vB was locked down for only super admins, but it was still trouble...

I know of a load of people that disabled it.

Best to just go with phpMyAdmin.