Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
valdarez
Worker
Worker


Joined: Jan 22, 2007
Posts: 104

PostPosted: Mon Jan 28, 2008 1:28 pm Reply with quote

I know that I can delete a User, and that I can ban an IP via the IPBan or via Nuke Sentinel. Is there a way I can lock out a User account such that they account can no longer be used, but they can still visit the website? I thought about just changing the password, but then they could simply retrieve the password via the 'forgot password' automatic retrieval mechanism.

There probably is a really easy way to do this, and I'm just missing it. So, how to I block a user from accessing their account without putting an IP ban in place?
 
View user's profile Send private message
Gremmie
Former Moderator in Good Standing


Joined: Apr 06, 2006
Posts: 2415
Location: Iowa, USA

PostPosted: Mon Jan 28, 2008 1:44 pm Reply with quote

You can't do this with the standard Your_Account module, unfortunately. CNBYA can do this though.

What I've done is just hack Your_Account to ignore registration attempts if they come from a list of bad email addresses. Of course the user can still just register with a different email address, but it is still somewhat effective.

Hopefully in the future we will upgrade Your_Account to have more admin friendly features like this.

_________________
Only registered users can see links on this board! Get registered or login! - An Event Calendar for PHP-Nuke
Only registered users can see links on this board! Get registered or login! - A Google Maps Nuke Module 
View user's profile Send private message
kguske
Site Admin


Joined: Jun 04, 2004
Posts: 6383

PostPosted: Mon Jan 28, 2008 8:23 pm Reply with quote

Why not just change the email address to something else and change the password? They can request the password all they want, but it will go to whatever email address (e.g. Only registered users can see links on this board! Get registered or login!) you set?

_________________
I google, therefore I exist...
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
valdarez
PostPosted: Mon Jan 28, 2008 10:15 pm Reply with quote

kguske wrote:
Why not just change the email address to something else and change the password? They can request the password all they want, but it will go to whatever email address (e.g. Only registered users can see links on this board! Get registered or login!) you set?
Ahhh... common sense. You know. I heard there was a forest around here, but all I see are these stupid trees. Smile
 
Gremmie
PostPosted: Tue Jan 29, 2008 8:10 am Reply with quote

Yeah good idea kguske. However, there is a chance they'll get mad and register again, and now they can use their original email address again.
 
Susann
Moderator


Joined: Dec 19, 2004
Posts: 3191
Location: Germany:Moderator German NukeSentinel Support

PostPosted: Tue Jan 29, 2008 10:57 am Reply with quote

Simple add the old email address into NukeSentinels string blocker. Smile
 
View user's profile Send private message
Gremmie
PostPosted: Tue Jan 29, 2008 12:11 pm Reply with quote

Touche!

Still it would be nice if Your_Account handled this. Smile
 
Susann
PostPosted: Tue Jan 29, 2008 1:13 pm Reply with quote

Gremmie, I agree fully because this solution is more like a quick fix. For example with this solution you can´t publish in your forums a list of unwanted email addresses because you ´ll get blocked asap.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©