#33 I can still login!

1 Gold - SP 1.1
closed-works-for-me
nobody
7
2003-03-01
2003-02-23
Anonymous
No

I run an intranet, and I have one system with one user
name on the board(admin) and another computer with a
seperate administrator account...

I noticed that when I ban one of my administrators they
can still log in and out and post anything until they
delete their yabb cookie!

I believe this is a problem because most admins who
turn evil would most likely not delete their cookies if I
banned them!

I don't know how to fix this one but credit
www.cgrom.com for pointing it out.... I may try to send
you some source i wrote to autodelete yabb cookies
when you log out...
---------------------------------------

I also have had people try to sign up and it it make
duplicate names like MasterCG then it makes
MasterCG~ and the user can not log in.... I believe this
may be linked to me installing so many mods to my
forum...

check it out, if I don't fix it before you try... I also would
like you to post all those yabb sp1.1 mods i tried to
send you!

www.cgrom.com/forum

Discussion

  • R. Selig

    R. Selig - 2003-02-24

    Logged In: YES
    user_id=639426

    When banning an Admin, maybe all you would have to do is
    change the "Cookie Name - Password" setting, prevent the
    scenario you mentioned.

     
  • Torsten Mrotz

    Torsten Mrotz - 2003-03-01
    • priority: 5 --> 7
    • status: open --> open-remind
     
  • Torsten Mrotz

    Torsten Mrotz - 2003-03-01

    Logged In: YES
    user_id=289236

    this "scenario" shouldnt happen since YaBB reads in the
    cookie and extracts the username and passwords, YaBB
    validates them with the DB, if they're correct the
    user_settings will be loaded.
    but after that we have the check for banned ppl. if the person (
    doesn't matter if it's an admin or not) is in one of the banning-
    lists the username is changed back to Guest.

    so ... this problem shouldnt be there.
    how did you ban the admin? by IP, mail or username?
    did you try to recreate the problem in your intranet?

     
  • Torsten Mrotz

    Torsten Mrotz - 2003-03-01
    • status: open-remind --> closed-works-for-me
     

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks