Hi there,
I've found that if I change the password for any given user while they are connected, they still remain on the system until their session expires or they logout.
The problem is that I found that I needed to change a password while the user was on, so that I could kick them out, but that didn't work. Looking through the session files to delete there session file is a time consuming task that doesn't help solve a security breach that requires immediate action.
Similarly, changing their status to Not Validated doesn't help solve the problem either.
Does anyone have any suggestions on how to kick a user off quickly, without deleting the User entry from the database?
thanks for any thoughts on the matter
klangan
I've found that if I change the password for any given user while they are connected, they still remain on the system until their session expires or they logout.
The problem is that I found that I needed to change a password while the user was on, so that I could kick them out, but that didn't work. Looking through the session files to delete there session file is a time consuming task that doesn't help solve a security breach that requires immediate action.
Similarly, changing their status to Not Validated doesn't help solve the problem either.
Does anyone have any suggestions on how to kick a user off quickly, without deleting the User entry from the database?
thanks for any thoughts on the matter
klangan