[SOLVED] Access control - user has access without approval
- Gooru
- OFFLINE
-
Premium Member
- Posts: 95
- Thanks: 1
- Karma: 0
13 years 2 months ago - 13 years 2 months ago #154439
by Gooru
GooRu Source
Web Development and Management
[SOLVED] Access control - user has access without approval was created by Gooru
Hi...
Seems a user was able to access member areas without being approved. Any ideas how to rectify?
Joomla 1.5.22
CB 1.3.1
Seems a user was able to access member areas without being approved. Any ideas how to rectify?
Joomla 1.5.22
CB 1.3.1
GooRu Source
Web Development and Management
Last edit: 13 years 2 months ago by krileon.
Please Log in to join the conversation.
krileon
Team Member- OFFLINE
- Posts: 68521
- Thanks: 9091
- Karma: 1434
13 years 2 months ago #154441
by krileon
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Replied by krileon on topic Re: Access control - user has access without approval
Could you please provide more details. Are you saying the user is not approved and is capable of logging in? Please check that the user is Blocked, if not then they can login as Joomla API only checks for Blocked or not. Approval and Confirmation is internal to CB and would require CB Login module to check; please ensure you're not using Joomla login module or page. Please also upgrade to recently released CB 1.4.
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Please Log in to join the conversation.
- Gooru
- OFFLINE
-
Premium Member
- Posts: 95
- Thanks: 1
- Karma: 0
13 years 2 months ago #154445
by Gooru
GooRu Source
Web Development and Management
Replied by Gooru on topic Re: Access control - user has access without approval
krileon...
Thanks for jumping in.
CB Login is confirmed.
The user had trouble verifying their email address This is a comment form that user:
"It won't let me confirm my address. Says I haven't done it and that I'm not accepted, and yet I can go anywhere I want... hmm."
I have many CB installs operating on many sites, and have never had this happen. I was under the impression that the CB login and reg process would prevent anyone from accessing any part of the site without being approved, and confirmed?
Thanks for jumping in.
CB Login is confirmed.
The user had trouble verifying their email address This is a comment form that user:
"It won't let me confirm my address. Says I haven't done it and that I'm not accepted, and yet I can go anywhere I want... hmm."
I have many CB installs operating on many sites, and have never had this happen. I was under the impression that the CB login and reg process would prevent anyone from accessing any part of the site without being approved, and confirmed?
GooRu Source
Web Development and Management
Please Log in to join the conversation.
- krileon
- Team Member
- OFFLINE
- Posts: 68521
- Thanks: 9091
- Karma: 1434
13 years 2 months ago #154446
by krileon
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Replied by krileon on topic Re: Access control - user has access without approval
Don't believe the users statement is valid. They can navigate any PUBLIC part of your site, but if they are not confirmed they will not be capable of logging it; it's not possible. Please check within user management if the user is confirmed, approved, and enabled.
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Please Log in to join the conversation.
- Gooru
- OFFLINE
-
Premium Member
- Posts: 95
- Thanks: 1
- Karma: 0
13 years 2 months ago #154453
by Gooru
GooRu Source
Web Development and Management
Replied by Gooru on topic Re: Access control - user has access without approval
Exactly why I am scratching my head on this. She mentioned access to documents that are not public, and she would not have been able to see that otherwise.
I'm pretty diligent about my setup and very experience at it. I will do some more test about this but am very concerned as this is occurring on a school site with obvious sensitive and private info.
Cheers
I'm pretty diligent about my setup and very experience at it. I will do some more test about this but am very concerned as this is occurring on a school site with obvious sensitive and private info.
Cheers
GooRu Source
Web Development and Management
Please Log in to join the conversation.
- krileon
- Team Member
- OFFLINE
- Posts: 68521
- Thanks: 9091
- Karma: 1434
13 years 2 months ago #154576
by krileon
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Replied by krileon on topic Re: Access control - user has access without approval
Please perform further investigation as would be interested in your results. Please keep in mind access outside of CB we can not control. For instance if Joomla login and registration was not disabled a user can gain access to your site potentially by either/or of them as CB can not control them. Other logins such as through VirtueMart would also be another way for users to gain access. It's important to shut down any other login/registration means aside from CBs.
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Please Log in to join the conversation.
Moderators: beat, nant, krileon
Time to create page: 1.059 seconds
-
You are here:
- Home
- Forums
- Archive
- Advanced Members Support
- [SOLVED] Access control - user has access without approval