Beefy Boxes and Bandwidth Generously Provided by pair Networks
The stupid question is the question not asked

Re: how do I force a specific session, not my own, to end? (delete)

by Anonymous Monk
on Mar 08, 2013 at 20:27 UTC ( #1022485=note: print w/replies, xml ) Need Help??

in reply to how do I force a specific session, not my own, to end?

delete the session

The real problem here, is you're confusing a session with authorization

autentication -- user proves he is a user -- could be he's got a valid session

authorization -- permissions -- if account is disabled, doesn't matter if user has a valid session (authenticated, logged it), he can no longer change password, make posts ...

If your code base doesn't distinguish from authentication and authorization, you've got a problem

  • Comment on Re: how do I force a specific session, not my own, to end? (delete)

Replies are listed 'Best First'.
Re^2: how do I force a specific session, not my own, to end? (delete)
by ted.byers (Monk) on Mar 08, 2013 at 21:15 UTC

    No, I don't have them confused. Rather, the two ideas are related in this specific use case, in that we're revoking all authorization for a specific user as well as making it impossible for him to authenticate himself in the future

    As it turned out, I had missed the fnd function provided by CGI__Session. That was what I needed



      In line with the previous post by anonymous, I think you're making this more complicated than it needs to be.

      An approach that allows you to skip purging sessions is to create an active_disabled flag for user accounts and at the authorization/permissions level don't allow disabled users to see anything they shouldn't see on the site. That way all that needs to be done to disable a user is to change this flag.

      No, I don't have them confused.

      Then your code is confusing them :)

      return if $user->isDisAllowed;

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1022485]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others pondering the Monastery: (10)
As of 2016-10-24 11:09 GMT
Find Nodes?
    Voting Booth?
    How many different varieties (color, size, etc) of socks do you have in your sock drawer?

    Results (305 votes). Check out past polls.