1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.2 Queries

Discussion in 'XenForo Questions and Support' started by Amaury, Feb 18, 2014.

  1. Amaury

    Amaury Well-Known Member

    1. A while ago I changed the default registration values. Is there a query I can run that would set it that way for all members already registered?
    2. Next, is there a query I can run that changes the users' style preference (e.g., to the default style).
    3. Lastly, where do I go to run queries?

    Thanks!
     
  2. Brogan

    Brogan XenForo Moderator Staff Member

    1. Which settings do you want to change? Be aware that existing member may get annoyed if you change their account settings.

    2. Remove all other styles as user selectable and they will fall back to the default style.

    3. phpMyAdmin.
     
  3. Amaury

    Amaury Well-Known Member

    Hi, Paul. Thanks for responding.

    1. We don't have a very big member base, so it shouldn't be too big of a deal. It's just the watched threads and profile privacy ones. I don't remember the default values, but this is what I have now in Options > User Registration > Default Registration Values:
      - Watch threads: Yes, with e-mail
      - View profile page details: All
      - Post profile messages: Members
      - Receive news feed: All
      - Initiate conversations: Members
      - View identities: Members
    2. Does that automatically change their preference to that on /account/preferences? As in, if someone is using Test Style and I disable it and their style changes to Default Style, if I re-enable Test Style, will they still have Default Style the next time they're on or will they see Test Style?
    3. It doesn't sound like there's a built-in SQL query thing on XenForo like on vBulletin. Do you know if there are any plans or suggestions regarding adding that?
     
  4. Null

    Null Well-Known Member

    It'd be a stupid idea to even think of allowing any SQL execution from the admin control panel.

    Imagine if a XSS vulnerability was discovered? Somebody could elevate their permissions and do some serious damage.

    Here's a little clue...
    Code:
    DROP DATABASE x;
    PHPMyAdmin itself should be locked down as much as possible (HTTP auth, IP-level whitelist, etc).
     
    mistypants, Liam W and MattW like this.
  5. Liam W

    Liam W Well-Known Member

    The SQL executor on vB was locked down for only super admins, but it was still trouble...

    I know of a load of people that disabled it.

    Best to just go with phpMyAdmin.
     

Share This Page