[Phpwebsite-developers] Banning of users

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Good day to you all,

We have the need for user "ban" functionality within phpWebSite.  To
clarify, we want to deny registered users the ability to login.  This
usually is needed when vulgar or profane language is used, etc., or when
an account must be "disabled" for some reason.

We have the following goals:

- We need to prevent users with certain accounts from being able to
login to the site.

- We need to leave their E-mail address in place; otherwise they could
register a new user account with their same address.  We just want to
"disable" their existing account (and E-mail).

At present we are changing their passwords when such things happen.
However, if they are smart enough to use the "Lost Password"
functionality they can get right back in.  THIS IS BECOMING A BIG
PROBLEM FOR US.

Are there any plans for such an enhancement?  Our team was going to
write this functionality ourselves, but we don't want to duplicate/break
something you are already planning.

We're not yet familiar with all parts of the architecture yet to know
how to best accomplish this.  Our initial design thoughts were to tweak
the security module.  On every security check we could examine the user
account for a "disabled" status, and if the user was disabled the
security check would always return false.  This would probably be simple
to add and would probably disable most/all functionality within the
site.

However, do you have any reasons for/against?  Any better ways?  Is this
already done so that I don't have to worry about it? ;-)

Thanks in advance!

Greg T.