I would like to remove the 'database' access option from the main page to stop people meddling. What is the best way to do this?
Cheers,
Neil
Dear Neil,
Database access is only displayed to you the admininstrator and other administrators. Even editing teachers can't see it.
To you want to prevent other administrators from seeing it? That may be a bit more difficult.
Tim
Database access is only displayed to you the admininstrator and other administrators. Even editing teachers can't see it.
To you want to prevent other administrators from seeing it? That may be a bit more difficult.
Tim
Yes, infortunately I have inherited a polictical nightmare where several teachers have always had amin access and they do not want to give it up. Only last week I had to repair moodle as somebody tried to put info directly into the database and it corrupted it. only I have access to the server directly and I was hoping to remove the database links and maybe the folder and only access the database using mysql administrator or phpmyadmin.
any help would be most appreciated.
Neil
Neil
If you remove the mysql folder from the admin folder in moodle then this will effectively uninstall the database plugin. If you have access to the server you can access phpmyadmin via a different install point.
I have a second "site" running under my installation (using host headers on IIS) and have this associated with a url that is not published either in our internal or external dns. I have an entry for this url in the hosts file on the two machines I use to access phpmyadmin. I still have the database modele installed but use this back door to phpmyadmin so I can get to the database remotely should our moodle be down.
Hope that this all makes sense.
Regards
Steve
Niel, Steve
I do the same as Steve, for a backdoor in case of need (e.g. password loss). The setup of an external PHPMyAdmin is not instantaneous - the moodle internal database manager you just plonk in - but it is probably less of a drag than hacking and it has that backdoor advantage.
However, if it is important that you remove the database link while keeping the internal database, then I think if you add the code in red below, changing the "2" do your user id (when you look at your profile it is after the ?id= when you look at your profile, i.e. here at moodle it is 105355) to
moodle/blocks/admin/block_admin.php
around line 67
if ($USER->id == 2) {
if (file_exists($CFG->dirroot.'/'.$CFG->admin.'/'.$CFG->dbtype)) {
$this->content->items[] = '<a href="'.$CFG->wwwroot.'/'.$CFG->admin.'/'.$CFG->dbtype.'/frame.php">'.get_string('managedatabase').'</a>';
$this->content->icons[] = '<img src="'.$CFG->pixpath.'/i/db.gif" alt="" />';
}
}
Then it should have the desired effect. I just tested it in my 1.6.2 and it seemed to work okay, but no guarantees.
Hack carefully, backup first.
Timothy
Thanks very much guys - I will give it a go!
Cheers,
Neil
Hi again!
I got it to work thanks. One more thing....I have removed the database link from the main page but I want to remove the 'database' link from the administration page (it's at the bottom under 'site files') just to clear up.
Is there a trick to finding out which PHP file is being called so I could edit it in dreamweaver?
Cheers,
Neil
I don't think that dreamweaver is the way to go because I don't think it can edit dynamically created php pages.
The file to edit is moodle/admin/index.php and you can put the conditional around the following, at round line 428
if ($USER->id == 2) {
/// Optional stuff
if (file_exists("$CFG->dirroot/$CFG->admin/$CFG->dbtype")) {
$table->data[] = array("<strong><a href=\"$CFG->dbtype/frame.php\">".get_string('managedatabase').'</a></strong>',
'<div class="explanation">'.get_string('adminhelpmanagedatabase').'</div>');
}
}
The links are not there but if the administrators have bookmarked the database they will still get in. So if you want to go the whole hog, then in
moodle/admin/mysql/frame.php
change
if ($site = get_site()) {
if (!isadmin()) {
error("You need to be admin to use this page");
}
}
To
global $USER;
if ($site = get_site()) {
if ($USER != 2) {
error("You need to be the super admin to use this page");
}
}
Unchecked.
I wonder if roles in 1.7 are fine grained enough to do all this? These little hacks of mine may be rendered superfluous by the new function "has_capabilities".