[#7400] CB Antispam problem
- marcob
- OFFLINE
-
Junior Member
- Posts: 38
- Thanks: 0
- Karma: 0
5 years 3 months ago - 5 years 3 months ago #309497
by marcob
[#7400] CB Antispam problem was created by marcob
Hello,
I am trying to configure the CB antispam duplicate logins to work but it doesn't logout the previous user.
The settings are:
block: enable
active logins: 1
block method: logout current session
Joomla Version: 3.9.1
PHP: 7.2.9
MySql: 5.7.20
I have two browsers (Firefox / Chrome) that I am logging in at the same time and the system doesn't stop that.
Could you check if it's a bug or if there is something that I have to check?
Regards,
Manolis
I am trying to configure the CB antispam duplicate logins to work but it doesn't logout the previous user.
The settings are:
block: enable
active logins: 1
block method: logout current session
Joomla Version: 3.9.1
PHP: 7.2.9
MySql: 5.7.20
I have two browsers (Firefox / Chrome) that I am logging in at the same time and the system doesn't stop that.
Could you check if it's a bug or if there is something that I have to check?
Regards,
Manolis
Last edit: 5 years 3 months ago by krileon. Reason: Added [#7400] tag to subject
Please Log in to join the conversation.
krileon
Team Member- OFFLINE
- Posts: 68482
- Thanks: 9076
- Karma: 1434
5 years 3 months ago #309510
by krileon
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Replied by krileon on topic CB Antispam problem
Are you testing with a regular registered user? CB Moderators are exempt from the blocking functionality so it will have no impact on your admin account.
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Please Log in to join the conversation.
- marcob
- OFFLINE
-
Junior Member
- Posts: 38
- Thanks: 0
- Karma: 0
5 years 3 months ago #309535
by marcob
Replied by marcob on topic CB Antispam problem
Hello,
Yes it is a registered user without admin rights.
Yes it is a registered user without admin rights.
Please Log in to join the conversation.
- krileon
- Team Member
- OFFLINE
- Posts: 68482
- Thanks: 9076
- Karma: 1434
5 years 3 months ago #309549
by krileon
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Replied by krileon on topic CB Antispam problem
Navigate to the _sessions database table and confirm the user has more than 1 database session as that's all it's checking. It counts the number of database sessions for a given user id and if there are more than specified in "Active Logins" it should handle them as specified in "Block Method". The logout current sessions just deletes their sessions. Both the count and delete act directly on _sessions so it can't really fail.
My best guess is globally blocks maybe disabled within CB AntiSpam > Parameters > General, the user you're testing either has CB Moderator permissions as per Moderator View Access Level within CB > Configuration > Moderation, or you've whitelisted them in CB AntiSpam > Whitelists.
My best guess is globally blocks maybe disabled within CB AntiSpam > Parameters > General, the user you're testing either has CB Moderator permissions as per Moderator View Access Level within CB > Configuration > Moderation, or you've whitelisted them in CB AntiSpam > Whitelists.
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Please Log in to join the conversation.
- marcob
- OFFLINE
-
Junior Member
- Posts: 38
- Thanks: 0
- Karma: 0
5 years 3 months ago #309555
by marcob
Replied by marcob on topic CB Antispam problem
Hello again,
The parameters are right, user doesn't have any moderator rights and is not whitelisted.
These are the results for the sessions table:
1. First user with Firefox logs in the site
-> sessions table has one record for the user and the session id (id1)
2. Second user logs in with same user/pass with Chrome
-> sessions table has one record for the user and different session id (id2)
3. Refreshing the Firefox tab (user 1 that now had to be logged out)
-> sessions table has 2 records for the user and with session ids (id1, id2)
So I could confirm that it deletes the session but on refresh of the browser is back.
Could you think what may be wrong?
The parameters are right, user doesn't have any moderator rights and is not whitelisted.
These are the results for the sessions table:
1. First user with Firefox logs in the site
-> sessions table has one record for the user and the session id (id1)
2. Second user logs in with same user/pass with Chrome
-> sessions table has one record for the user and different session id (id2)
3. Refreshing the Firefox tab (user 1 that now had to be logged out)
-> sessions table has 2 records for the user and with session ids (id1, id2)
So I could confirm that it deletes the session but on refresh of the browser is back.
Could you think what may be wrong?
Please Log in to join the conversation.
- krileon
- Team Member
- OFFLINE
- Posts: 68482
- Thanks: 9076
- Karma: 1434
5 years 3 months ago #309561
by krileon
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Replied by krileon on topic CB Antispam problem
Joomla seams to be recreating the session on refresh from cookie. Nothing we can really do about that as it only checks for duplicate logins at time of login. It'd be too heavy to check over and over on every page so it doesn't account for the test case you're doing, which is unlikely to happen in normal usage. Have added a bug ticket to investigate further as there maybe a way to invalidate at least 1 of the users cookies to try and prevent this.
forge.joomlapolis.com/issues/7400
forge.joomlapolis.com/issues/7400
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Please Log in to join the conversation.
Moderators: beat, nant, krileon
Time to create page: 0.298 seconds
-
You are here:
- Home
- Forums
- Support and Presales
- Professional Members Support
- [#7400] CB Antispam problem