CedGauche Posted September 5, 2015 Report Posted September 5, 2015 Hey, we have some inactive / retired users, they are still online and writing airmails and downloading stuff etc. I guess they have cookies or autologin-sessions. How can we solve that? thx Quote
Members Vangelis Posted September 5, 2015 Members Report Posted September 5, 2015 Can you post your Auth.class.php ? at about line 286 you should see /*if($userinfo->retired == 1) { self::$error_message = 'Your account was deactivated, please contact an admin'; return false; }*/ //ok now check it Commented uncomment it and you should be fine if($userinfo->retired == 1) { self::$error_message = 'Your account was deactivated, please contact an admin'; return false; } //ok now check it Quote
CedGauche Posted September 6, 2015 Author Report Posted September 6, 2015 Hi, this is the code: if($userinfo->retired == 1){ self::$error_message = 'Der Account wurde aufgrund von Inaktivität deaktiviert, zum entsperren den Admin / Webmaster kontaktieren.'; return false; } I guess the code is uncomment. When I try to login with an retired test account, there is the message,the account is retired and no access. Perfect But when I never log out from the page and the session cookie is still active, I can acces the page with an retired account. Quote
Members Vangelis Posted September 6, 2015 Members Report Posted September 6, 2015 No idea about that but i gues at some point the cookie will expire or after you put a pilot on retired empty the sessions table in mysql Quote
mseiwald Posted September 6, 2015 Report Posted September 6, 2015 In your layout you could just use something like if(Auth::LoggedIn && Auth::$userinfo->retired == '1') and then redirect him to the logout url. Quote
CedGauche Posted September 7, 2015 Author Report Posted September 7, 2015 This is a solution, I will try this..thx Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.