>>The problem I see is that the new administrator can easily delete out the other administrator, which would allow the new admin to rave havic on the system.
<<
Well not many admins are going to allow someone access who they think are going to trash their site.
>>Okay...so you're using the htaccess/htpasswd system...Do you also have a mechanism built-in to delete and edit admin accounts in the .htpasswd file?
<<
Of course.
>>2) Why are you using a .htaccess/.htpasswd system?
It would be better to control access via built-in authentication of Links SQL for administrators to access the administrative script rather than using .htaccess/.htpasswd. <<
This isn't an addon to Links SQL using the Links SQL code - it is a _full_ seperate script that is being distributed to everyone not just Links SQL users. Therefore htaccess was a good option for admin security. Staff/Members login via the script and not basic auth...only admin.
<<
Well not many admins are going to allow someone access who they think are going to trash their site.
>>Okay...so you're using the htaccess/htpasswd system...Do you also have a mechanism built-in to delete and edit admin accounts in the .htpasswd file?
<<
Of course.
>>2) Why are you using a .htaccess/.htpasswd system?
It would be better to control access via built-in authentication of Links SQL for administrators to access the administrative script rather than using .htaccess/.htpasswd. <<
This isn't an addon to Links SQL using the Links SQL code - it is a _full_ seperate script that is being distributed to everyone not just Links SQL users. Therefore htaccess was a good option for admin security. Staff/Members login via the script and not basic auth...only admin.