Skip to Content Skip to Menu

🌲 Merry Christmas! Great savings on Professional and Developer Memberships! Get 25% off now with code XMAS-2024!

[#7400] CB Antispam problem

  • marcob
  • marcob
  • OFFLINE
  • Posts: 14
  • Thanks: 0
  • Karma: 0
5 years 11 months ago - 5 years 11 months ago #309497 by marcob
[#7400] CB Antispam problem was created by marcob
Hello,
I am trying to configure the CB antispam duplicate logins to work but it doesn't logout the previous user.
The settings are:
block: enable
active logins: 1
block method: logout current session

Joomla Version: 3.9.1
PHP: 7.2.9
MySql: 5.7.20

I have two browsers (Firefox / Chrome) that I am logging in at the same time and the system doesn't stop that.
Could you check if it's a bug or if there is something that I have to check?

Regards,
Manolis
Last edit: 5 years 11 months ago by krileon. Reason: Added [#7400] tag to subject

Please Log in or Create an account to join the conversation.

  • krileon
  • krileon
  • ONLINE
  • Posts: 48622
  • Thanks: 8303
  • Karma: 1446
5 years 11 months ago #309510 by krileon
Replied by krileon on topic CB Antispam problem
Are you testing with a regular registered user? CB Moderators are exempt from the blocking functionality so it will have no impact on your admin account.


Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.

Please Log in or Create an account to join the conversation.

  • marcob
  • marcob
  • OFFLINE
  • Posts: 14
  • Thanks: 0
  • Karma: 0
5 years 11 months ago #309535 by marcob
Replied by marcob on topic CB Antispam problem
Hello,
Yes it is a registered user without admin rights.

Please Log in or Create an account to join the conversation.

  • krileon
  • krileon
  • ONLINE
  • Posts: 48622
  • Thanks: 8303
  • Karma: 1446
5 years 11 months ago #309549 by krileon
Replied by krileon on topic CB Antispam problem
Navigate to the _sessions database table and confirm the user has more than 1 database session as that's all it's checking. It counts the number of database sessions for a given user id and if there are more than specified in "Active Logins" it should handle them as specified in "Block Method". The logout current sessions just deletes their sessions. Both the count and delete act directly on _sessions so it can't really fail.

My best guess is globally blocks maybe disabled within CB AntiSpam > Parameters > General, the user you're testing either has CB Moderator permissions as per Moderator View Access Level within CB > Configuration > Moderation, or you've whitelisted them in CB AntiSpam > Whitelists.


Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.

Please Log in or Create an account to join the conversation.

  • marcob
  • marcob
  • OFFLINE
  • Posts: 14
  • Thanks: 0
  • Karma: 0
5 years 11 months ago #309555 by marcob
Replied by marcob on topic CB Antispam problem
Hello again,
The parameters are right, user doesn't have any moderator rights and is not whitelisted.

These are the results for the sessions table:
1. First user with Firefox logs in the site
-> sessions table has one record for the user and the session id (id1)
2. Second user logs in with same user/pass with Chrome
-> sessions table has one record for the user and different session id (id2)
3. Refreshing the Firefox tab (user 1 that now had to be logged out)
-> sessions table has 2 records for the user and with session ids (id1, id2)

So I could confirm that it deletes the session but on refresh of the browser is back.
Could you think what may be wrong?

Please Log in or Create an account to join the conversation.

  • krileon
  • krileon
  • ONLINE
  • Posts: 48622
  • Thanks: 8303
  • Karma: 1446
5 years 11 months ago #309561 by krileon
Replied by krileon on topic CB Antispam problem
Joomla seams to be recreating the session on refresh from cookie. Nothing we can really do about that as it only checks for duplicate logins at time of login. It'd be too heavy to check over and over on every page so it doesn't account for the test case you're doing, which is unlikely to happen in normal usage. Have added a bug ticket to investigate further as there maybe a way to invalidate at least 1 of the users cookies to try and prevent this.

forge.joomlapolis.com/issues/7400


Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.

Please Log in or Create an account to join the conversation.

Moderators: beatnantkrileon
Powered by Kunena Forum