1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[TH] Login As User 1.2.2

Gives trusted admins permission to login as any member, without having to know their password.

  1. Jon W

    Jon W Well-Known Member

    Waindigo submitted a new resource:

    Login As User by Waindigo (version 1.0.0) - Give members permission to login the site as other members, without having to know their password.

    Read more about this resource...
    Sergio Bambaren likes this.
  2. Geoffrey

    Geoffrey Active Member

    This can cause problems, but I suppose it can be useful for a few boards.
  3. Jon W

    Jon W Well-Known Member

    The same could be said for giving someone the 'permanent delete' permission and that is a core feature. Provided that you only give the permission to members that you trust (which might just be yourself!) then it can be really useful.
    Phillip and yavuz like this.
  4. HWS

    HWS Well-Known Member

    If someone is logged in as another user, can he see that users personal conversations also?

    Because if he can, that would be a huge privacy problem!
  5. Phillip

    Phillip Active Member

    Thank you so much! This is an odd vBulletin add-on that we've been waiting to see available for XenForo. I'm sure many folks will be excited about this. It's great for admins and mods to use when a problem arises.
  6. yavuz

    yavuz Well-Known Member

    Well, not really. An admin can simply go to the forum DB and see the P.C if he wants to. It's wise though to limit the usage to trusted members, better admins.
  7. Jon W

    Jon W Well-Known Member

    Yavuz is exactly right. Anyone with access to the database can get at this information. This is definitely a feature you would only give to a handful of members, if that.

    Having said that, if anyone wants to have additional restrictions placed on this feature, please contact me to discuss contributing to this.
  8. Phillip

    Phillip Active Member

    We'd really like to see the ability for an admin to see private conversations added. This has been helpful when "he said", "she said" issues arise between members. The vBulletin mod "login as user" allowed for the ability to read private messages and logging in invisibly to a user's account. Obviously, this is not something to give to all members and even some moderators, that's why it's requested as an "admin" only feature.

    Thanks in advance for the consideration.
  9. HWS

    HWS Well-Known Member

    In fact you should upload this addon a second time as "Read PCs of your Members" as I remember some requests for such a feature. ;-)

    However I find that feature VERY problematic since it raises serious privacy issues. It is one thing to allow technicians direct database access but another to be able to allow >>all<< your users to read private conversations of other users just with a simple click in ACP.

    If people know it can be that easy to read their private conversations they will never trust any Xenforo software again for real private conversations. And not all XF boards are just 4 fun. Some have serious content where members need a way to trust that all PCs stay private and secret.

    In my opinion there has been a border crossed that should better not have been crossed.
  10. yavuz

    yavuz Well-Known Member

    I see what you mean but nothing really stays private. Forums get sold, not all admins respect privacy, the list goes on. Also, admins have also responsibility to prevent spam, user harrasing another user. It's better not to share sensitive information that you like to see remain private.
  11. DRE

    DRE Well-Known Member

    Jon W likes this.
  12. DRE

    DRE Well-Known Member

    and lol @ ya'll complaining bout reading pms. PMs can be read by the database. So if you have an addon creator or your host or admin that has access to the database then they can read pms too.

    I put in my TOS that your pms can be read at anytime. I even made a thread about it and told members I don't read them but can if I wanted to and will if I suspect spam. When I suspect spam I will investigate cause I hate spammers with a vengeance. No mercy. Catch em, ban em. End of story.

    This is also a good way to manage spammers as well.
  13. Jon W

    Jon W Well-Known Member

    Not quite sure what you are requesting. This add-on can already do everything you are asking for. It is a permission, so you can make it available for admins use only.

    This add-on was created for a school website where teachers may need to log in to a student's accounts to perform actions on their behalf. As an unintended consequence, this ability could potentially be used to stop suspected bullying by making it easier for teachers to read a student's private messages. So many times you hear cases of children committing suicide because they are being bullied. I can't even see that line you are talking about from where I'm standing.
    bubbl3 and yavuz like this.
  14. DRE

    DRE Well-Known Member

    I haven't downloaded it yet but does this make it so that when you login, it doesn't change the last login date?
  15. Morgain

    Morgain Well-Known Member

    I would expect it to change the login date.

    The addon was originally made for me on one of my sites which services a school.
    I need it to send in homework if a student has difficulty with the system, or check what` on earth a rather muddled support request means.

    The privacy issue has also come up in this school community. As admin I can already check private conversations in other software the community uses.
    I always explain that I never check private conversations "for fun" - I am too busy!
    But if I get a report of anything sensitive I can quickly check, and see EXACTLY what was said.

    Interestingly this younger generation enthusiastically welcomes this as a protection. They are so afflicted by the national epidemic of bullying what they desperately need is safety, before privacy. Most feel the same about surveillance cameras in their schools.

    This community has quickly discovered I use my authority carefully and caringly.
    If that were not so I would simply lose that community and the project would` fail.

    Granted this addon is wide open to abuse. As is so much else about all software which tends`to be autocratic in its power. It is up to us as admins to use that tremendous power of our software, thoughtfully.

    But on a forum for adults where only the admin has the facility, or at most one or two mods, an adult user can vote with their feet if the addon is abused.

    Jon/ Waindigo I think you described it from the wrong end as a user resource rather than primarily an admin resource. This has created an unfortunate impression. The addon needs to be defined as an admin resource. Something like this:

    This addon permits a permitted user, normally the admin, to login as another user.
    The admin can check what the user sees and what exact difficulty they are having.
    The admin can upload a file etc which the user has been unable to do.
    The admin can also grant permission to another user such as a mod to use this facility as well. Clearly this privilege should only be granted to a, known, trusted, responsible person.
    8thos and Jon W like this.
  16. Jon W

    Jon W Well-Known Member

    No. It will change the login date. It will also show you as being online as that user (unless you select not to show online), updates the page you are currently viewing and logs your actions as normal -- just as if you had logged in as that user with their password.
  17. DRE

    DRE Well-Known Member

    You know... like you said... it probably would've been better if he put the word Admin somewhere in the addon description like so: http://www.vbulletin.org/forum/showthread.php?t=228077

    So I would basically have to go into the database just to change the last login date. :/

    Waindigo, didn't you make a addon that lets us change user join date and does it still work? Would you be able to do so to change user last login date?

    I think I remember using that change user join date addon and it worked for awhile then stopped working. If not you, it might have been ragtek. Probably gotta ask him.
  18. Jon W

    Jon W Well-Known Member

    Already changed the description in response to Morgain's post.

    If you wanted to cover your tracks entirely then you would also need to remove all the other things I mentioned above as well.

    Yes, I did. I think better to build it into this add-on as it would probably be a lot easier just to not update the last login date in the first place. Would have to check though.

    Perhaps conflicting with another add-on? I've just tested it and it works fine on my install.
  19. DRE

    DRE Well-Known Member

    Yeah it was probably an addon conflict. I'm not concerned with 'covering tracks' cause members know I do what I want (lol) but I am concerned with causing false hopes. People will think 'omg so and so logged in yaaay and then they start sending me (the person i logged in under) pms' and if I'm in a bad mood and I get that alert I'mma reply 'gtfo go away' and they get mad at the person but it's really me. :ROFLMAO:

    I'm trying not to troll my members. I've worked so hard at not doing so as much as I used to. That's why I asked about it.
  20. Jon W

    Jon W Well-Known Member

    In that case, should be able to modify that other add-on really easily to do what you want to do. Can you check whether the other add-on works or not first though? No point me copying that add-on if it doesn't work!

Share This Page