UBB.threads PHP Forum Software Community Forums UBB.threads 6 Version 6 Support [6.5] security check for user rights

After upgradintg from 6.4.4 to 6.5 I encounter a security problem with one user. This user was a long time ago moderator and member of a cvlosed forum. He have the propper right in the access group. Under 6.4.4 Mod status was revoked and membership from this grop was killed.

Today I get a message told me that this user ist still able to get to this forum and post in it !

I check out the group and the user is NOT in the access group. He is normal user without any mod power. Ido check every setting from the controlpanel for this user, save all settings again, he can still enter (try on myself with overlogging).

I have to delete the group to solve this and create a new one.

Is there any way to find out other users with 'ghostrights' to groups to prevent this ? Some manual selects from database ?

This do today some trouble on my board. the user read something that he never should see <img src="https://www.ubbcentral.com/boards/images/graemlins/frown.gif" alt="" />

Do you know the groupid for that group? If so, then you could use:

SELECT U_Username FROM w3t_Users WHERE U_Groups LIKE '%-groupid-%

Replace groupid with the id of the group you are looking for.

thank you, I will do this with my remaining groups. Take a little time to compare the results. The problem group was deleted to fix this.