Password Lookup mod not logging off?
Hi there,
Am in the process of installing the Password Lookup mod according to http://web.archive.org/web/20011227194852/www.jpdeni.com/dbman/Mods/secure_lookup.html and have gotten as far as the "Change Email in records modification".
Everything works fine, but I am wondering about a couple of oddities:
Georg
Am in the process of installing the Password Lookup mod according to http://web.archive.org/web/20011227194852/www.jpdeni.com/dbman/Mods/secure_lookup.html and have gotten as far as the "Change Email in records modification".
Everything works fine, but I am wondering about a couple of oddities:
- After the user changes his eMail address he's presented with a new login screen to put in the password he's been sent along with his old user id. It seems though that he is not logged out at that point, i.e. I can still see the "Change Email Address" link and indeed am able to enter a new eMail address again, which triggers a new eMail address being sent. Shouldn't the user be logged out at that point? Has this been overlooked in the mod or is it not working properly on my installation?
- Also, I think that having to log in with a new password that's been mailed to the new eMail address could entail the user locking himself out of the system if he accidentally entered his new eMail address incorrectly.
Georg