======== Admin Security Suite Module v1.07b ========
Created by Azumandias (azumandias _ at _ hotmail.com)
Original phorum coding by the Phorum Development Team (http://www.phorum.org)

========        Brief Description         ========
This security suite is designed to add additional security functions to a 
Phorum install.  Currently this module can monitor the forum title for hacks,
log admin logins, lockout IP addresses after a number of failed logins, 
restrict admin logins to a set list of IP addresses, allow the admin to
search for specific terms in all of the settings saved in the admin area,
centrally manage users with admin access, add a captcha to the admin
login, add monitoring of IP sessions to stop hackers from using a cookie
to access the admin section without logging in, and restrict admin login
to a schedule time period such as 9 AM to 5 AM.

========      Installation and Usage      ========
This module installs like any other module.  However, for Phorum versions 
5.1.23 and lower, some of the abilities offered by this module will require
a hack to add a hook to your Phorum install as listed below.

Add "admin_pre" hook to Phorum versions 5.1.23 and lower:
	Edit file \admin.php
	Add this line | phorum_hook( "admin_pre", "$module" ); | before lines 
	68-72 to get:
		phorum_hook( "admin_pre", "$module" );
		ob_start();
    	if($module!="help") include_once "./include/admin/header.php";
    	@include_once "./include/admin/$module.php";
    	if($module!="help") include_once "./include/admin/footer.php";
    	ob_end_flush();

========         Version History          ========
v1.00 
	- Started
v1.01 
	- Added the ability to log admin logins.  Requires added "admin_pre"
	  hook as described under installation above.
v1.02
	- Recoded the logging of admin logins.  Should work better now.
	- Added the ability to lockout an IP address if too many failed 
	  admin login attempts are made. Requires added "admin_pre" hook.
	- Added the ability to clear out the log of admin logins.
v1.03
	- Tweaked the admin lockout feature to display properly.
	- Added the ability to allow a lockout override code to be sent to the
	  system email address.  This should allow the system admin to login if
	  a password is mistyped on accident but should still styme hackers and
	  bots.
v1.04
	- Added the ability to restrict admin login to set IP addresses.  If this
	  is enabled there is also an option to allow the sending of an override
	  code to the system email address.  This allows the system admin to access
	  the admin section even from a restricted IP address after receiving the 
	  override code via mail.
v1.05
	- Fixed a bug in the title monitoring code which would not replace a
	  hacker's code with the proper title.
	- Added the ability to search through the settings saved from the admin
	  area.  This is useful if you are looking for all instances of a
	  hacker adding an iframe or the hacker's name to your site from the admin
	  area. The results require some knowledge of the Phorum framework.
	- Changed the module's settings interface to incorporate the new features.

v1.06
	- Added the ability to send the lockout override code to the email address
	  of the user who failed to login, but only if that user has admin access.
	- Added the ability to centrally manage all users who have been granted
	  Admin access.
	- Added the ability to add a captcha to the admin login.
	- More changes to the module's settings interface to add features and help.
v1.07
	- Added the ability to monitor admin IP usage and block hackers from using
	  a valid cookie to access the admin area without logging in.
	- Added the ability to restrict admin logins to a scheduled time block such
	  as 9 AM to 5 PM, as determined by your server's time offest by your time
	  zone selection in the "General Settings" section.  A warning will be
	  displayed at the top of the Admin section when you have less than 15
	  minutes before the scheduled time is up.  After that, you have the option
	  of allowing an override code to be sent which would allow for an hour of
	  access.
	- Updated the IP restriction function to allow the sending of an override
	  code to users with admin access.
	- Updated the code to be compatible with the coming "admin_pre" hook in
	  future Phorum releases.
v1.07a
	- Bug fix in the scheduling function.
v1.07b
	- Another bug fix in the scheduling function.
	  
========                Todo              ========
 - v1 of this mod is now closed.  Any changes will be bug fixes. Enhancements
   will only be made in v2.
 	
========               Files              ========
admin_update\
	admin_security_suite.php
	info.txt
	readme.txt
	settings.php
	tmp_captchas\ *empty folder for storing temporary captcha images