Website Membership 1.06 Released!
17 posts by 7 authors in: Forums > CMS Builder: Plugins & Add-ons
Last Post: March 15, 2012 (RSS)
Re: [camjessie] Website Membership 1.06 Released!
By Jason - December 22, 2011
The best approach would be to create those fields in your new section, this way you won't need to customize any code.
Hope this helps.
Jason Sauchuk - Project Manager
interactivetools.com
Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/
By Djulia - February 22, 2012 - edited: February 22, 2012
Is there a change with the use of the sessions (1.07) ?
It is impossible to check a value of session if no user is connected.
I do not have any problem if I use the version 1.03 (or if I deactivate the plugin).
The sessions are removed or encoded?
It is more possible to use a captcha for example.
I attached an example if you wish to check.
Thanks! :)
Djulia
By Djulia - February 22, 2012 - edited: February 22, 2012
I found the origin of the problem.
In the file lib/login_functions.php, I commented on lines 88-89.
That functions again. The values of sessions are preserved.
But, it is more possible to close the session of a user.
It would be possible to destroy the specified variables:
unset($_SESSION['username']);
unset($_SESSION['passwordHash']);
Do you think that there is an official solution?
Thanks again! :)
Djulia
By Djulia - February 23, 2012
I think that it is simpler to modify the plugin.
Line 96 in websiteM(...).php.
//user_eraseLoginSession();
unset($_SESSION['username']);
unset($_SESSION['passwordHash']);
Thus, the lib file is not modified.
That seems to function correctly. My values of sessions are preserved and the user can disconnect himself without problem.
Your opinion?
Thanks! :)
Djulia
Re: [Djulia] Website Membership 1.06 Released!
By Dave - February 29, 2012
Sorry for the delay. That seems like a workable fix.
I think what I'd like to do longer term is move the current users keys to a unique key under $_SESSION such as $_SESSION['cmsb'] to make it unlikely they will get overwritten by another script.
I have to be careful with those, though, as they require a lot of testing and updates to the flash uploader and other code.
Let me know if your solution will work for now or if you need an update for the next release. Thanks!
interactivetools.com
By Djulia - March 15, 2012
>I think that it is simpler to modify the plugin.
>Line 96 in websiteM(...).php.
>//user_eraseLoginSession();
>unset($_SESSION['username']);
>unset($_SESSION['passwordHash']);
No problem after several days of use.
I think that it is a correct solution.
Thanks!
Djulia