[geeklog-devel] [geeklog-cvs] Geeklog-1.x/system lib-security.php, 1.72, 1.73 lib-sessions.php, 1.45, 1.46
Dirk Haun
dirk at haun-online.de
Tue Jul 8 15:51:17 EDT 2008
Dirk Haun wrote:
>Modified Files:
> lib-security.php lib-sessions.php
>Log Message:
>Terminate a user's session when they are being banned
Well - it's the session handling, so chances are that I broke something ...
Motivation for that change: The other day I caught a user spamming on
geeklog.net and banned his account. But his session stayed active which
I felt was wrong.
So banning a user will now terminate their session. But they still have
the long-term cookie and so when they go back to the site, it will
attempt to log them in again. That's already handled and the user will
get a message about being banned then. But it was still creating a new
session for them, which again felt wrong.
So that's what this change is all about. Code reviews and feedback welcome.
bye, Dirk
--
http://www.geeklog.net/
http://geeklog.info/
More information about the geeklog-devel
mailing list