hi,
i wrote a patch for 0.9.9.3, so that inactive user are not able to log in any
more. This feature was broken for me. The patch also makes sure, that inactive
user can't access any calendars. I tested it with lightning.
== HTTPAuthSession.php:
Assign session details only, if the user is authenticated and not inactive.
== Session.php:
I changed
- the structure of the code a bit, so the Code for "Invalid username or
password" only have to be there once.
- the position of the temporary_password check (but i didn't test it)
- the condition for checking if the user is active
== User.php:
Not sure if this is right - The code reads, if the user is really active
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: HTTPAuthSession.php.diff
URL: <http://lists.morphoss.com/pipermail/davical-dev/attachments/20101124/20a1c4ef/attachment.asc>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: User.php.diff
URL: <http://lists.morphoss.com/pipermail/davical-dev/attachments/20101124/20a1c4ef/attachment.txt>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Session.php.diff
URL: <http://lists.morphoss.com/pipermail/davical-dev/attachments/20101124/20a1c4ef/attachment-0001.asc>
i wrote a patch for 0.9.9.3, so that inactive user are not able to log in any
more. This feature was broken for me. The patch also makes sure, that inactive
user can't access any calendars. I tested it with lightning.
== HTTPAuthSession.php:
Assign session details only, if the user is authenticated and not inactive.
== Session.php:
I changed
- the structure of the code a bit, so the Code for "Invalid username or
password" only have to be there once.
- the position of the temporary_password check (but i didn't test it)
- the condition for checking if the user is active
== User.php:
Not sure if this is right - The code reads, if the user is really active
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: HTTPAuthSession.php.diff
URL: <http://lists.morphoss.com/pipermail/davical-dev/attachments/20101124/20a1c4ef/attachment.asc>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: User.php.diff
URL: <http://lists.morphoss.com/pipermail/davical-dev/attachments/20101124/20a1c4ef/attachment.txt>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Session.php.diff
URL: <http://lists.morphoss.com/pipermail/davical-dev/attachments/20101124/20a1c4ef/attachment-0001.asc>