[geeklog-devel] [geeklog-cvs] Geeklog-1.x/system lib-security.php, 1.72, 1.73 lib-sessions.php, 1.45, 1.46

Dirk Haun dirk at haun-online.de
Tue Jul 8 15:51:17 EDT 2008


Dirk Haun wrote:

>Modified Files:
>	lib-security.php lib-sessions.php 
>Log Message:
>Terminate a user's session when they are being banned

Well - it's the session handling, so chances are that I broke something ...

Motivation for that change: The other day I caught a user spamming on
geeklog.net and banned his account. But his session stayed active which
I felt was wrong.

So banning a user will now terminate their session. But they still have
the long-term cookie and so when they go back to the site, it will
attempt to log them in again. That's already handled and the user will
get a message about being banned then. But it was still creating a new
session for them, which again felt wrong.

So that's what this change is all about. Code reviews and feedback welcome.

bye, Dirk


-- 
http://www.geeklog.net/
http://geeklog.info/




More information about the geeklog-devel mailing list