Session Cookie deletion for Banned Pilots

[mark1million]

Does anyone have the location where to put and the code as to when you change a pilots group to banned it also deletes their session cookie forcing them to go through the login control again?

Im being lazy so any pointers would be great

[Kyle]

Mark,

a cronjob would work, get all of the banned pilots and and delete all of the banned pilot sessions. or if your okay doing some minor core changes.

if you want, I can write something up for you.

[mark1million]

I was thinking more along the lines of adding some extra code to the pilot admin side of things, banned pilots is a manual setting we change their group to so adding something to the code there to delete all sessions created by xx pilot id would work.

[Kyle]

Mark,

If you have the beta version and you know those custom pilot status with groups.. Here's I got mine working.

Step 1: Add a new setting in the local.config.php (You'll see the 'remove_sessions' part, set it to true for any other groups you have.)

2 => array(
	'name' => 'Banned',
	'message' => 'Your account is banned, please contact an admin!',
	'default' => false,
	'canlogin' => false,
	'active' => false,
	'autoretire' => false,
	'group_add' => array(
		'Inactive Pilots',
	),
	'group_remove' => array(
		'Active Pilots',
	),
 'remove_sessions' => true,
),

Step 2: Add a new if group removes session in the PilotData.class.php

Find this code... line 352ish

if(is_array($info['group_remove']) && count($info['group_remove']) > 0) {
			foreach($info['group_remove'] as $group) {
				PilotGroups::removeUserFromGroup($pilotid, $group);
			}
		}

Add after the above code...

if($info['remove_sessions'])
  {
$sql = "DELETE FROM ".TABLE_PREFIX."sessions
  WHERE pilotid = {$pilotid}";

DB::Query($sql);
  }

And that should do the trick by clearing banned pilot sessions.

Cheers!

[mark1million]

Cheers Kyle just got in so will try that.

[mark1million]

Thanks mate working a treat!

[Kyle]

You're welcome!

Cheers!