Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Help Groups for Snitz Forums 2000 Users
 Help: MOD Implementation
 Mod to stop open session.		  New Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

Maxime
Average Member

France
521 Posts
Posted - 18 November 2015 :  07:15:49  Show Profile  Visit Maxime's Homepage  Reply with Quote
Hello,

I look for a mod for adminitrateur to stop all sessions opened by the Member. As my English is very bad, I do not know if this mod exists on SnitzBitz?
Cordially,
Maxime

Taxation consists in so plucking the goose to get the most out of feathers with the least possible cries.(Jean-Baptiste Colbert)

HuwR
Forum Admin

United Kingdom
20584 Posts
Posted - 18 November 2015 :  07:59:20  Show Profile  Visit HuwR's Homepage
I would very much doubt it, a users session is specific to a user instance so only they can clear their session, an administrator can't stop another users session.
Go to Top of Page

Maxime
Average Member

France
521 Posts
Posted - 18 November 2015 :  08:13:48  Show Profile  Visit Maxime's Homepage
HuwR Thanks for your answer. I had a php forum or I could close any open session by the members.
Cordially,
Maxime

Taxation consists in so plucking the goose to get the most out of feathers with the least possible cries.(Jean-Baptiste Colbert)
Go to Top of Page

HuwR
Forum Admin

United Kingdom
20584 Posts
Posted - 18 November 2015 :  08:21:16  Show Profile  Visit HuwR's Homepage
PHP does not work the same way, PHP is an application so manages it's own session data, with ASP the webserver itself manages the sessions and you can only interact with your own session. I would consider it a huge security issue if it was any other way.
Go to Top of Page

HuwR
Forum Admin

United Kingdom
20584 Posts
Posted - 18 November 2015 :  08:28:25  Show Profile  Visit HuwR's Homepage
it is possible for a particular user to clear their session by directing them to a page that kills their session, however if they then open another page they will get a new session.

What did you want to accomplish by killing someone's session?
Go to Top of Page

Maxime
Average Member

France
521 Posts
Posted - 18 November 2015 :  08:51:23  Show Profile  Visit Maxime's Homepage
I have had problems on my server last two days, the forum was broken and I asked the server administrator to verify that there was. But not create an account for them so that test. I gave an existing account of a member my brother and I wanted to kill security through session to give another password to this account. I do not know if the fact of change password simply if still connected.
Cordially,
Maxime

Taxation consists in so plucking the goose to get the most out of feathers with the least possible cries.(Jean-Baptiste Colbert)
Go to Top of Page

HuwR
Forum Admin

United Kingdom
20584 Posts
Posted - 18 November 2015 :  09:29:00  Show Profile  Visit HuwR's Homepage
Sessions will be killed off automatically when a user closes there browser. Passwords are not stored in a users session, they are stored in a cookie if you tell the forum to remember you when you log in. Changing a members password will require them to use the new password the next time they visit the forum or the forum tries to authenticate them.
Go to Top of Page

Maxime
Average Member

France
521 Posts
Posted - 18 November 2015 :  09:51:09  Show Profile  Visit Maxime's Homepage
Thank you very much Huwr
Cordially,
Maxime

Taxation consists in so plucking the goose to get the most out of feathers with the least possible cries.(Jean-Baptiste Colbert)
Go to Top of Page

Carefree
Advanced Member

Philippines
4207 Posts
Posted - 24 December 2015 :  18:40:06  Show Profile
Here's how you could do it. You won't need a dbs file, the program will create the table the first time you use it. After you tell it to kick a member, the next time that member loads a page, he/she will have cookies deleted and be logged out.

Save the following as "admin_kick_member.asp" - I edited this to allow using either user names or member ids.


<%
'#################################################################################
'## Snitz Forums 2000 v3.4.07
'#################################################################################
'## Copyright (C) 2000-15 Michael Anderson, Pierre Gorissen,
'##                       Huw Reddick and Richard Kinser
'##
'## This program is free software; you can redistribute and/or modify it under the 
'## terms of the GNU General Public License as published by the Free Software
'## Foundation; version 2 or later of the License.
'##
'## All copyright notices regarding Snitz Forums 2000 must remain intact in the 
'## scripts and in the HTML output.  The "powered by" text/logo with a link back 
'## to http://forum.snitz.com in the footer of the pages MUST remain visible when 
'## the pages are viewed on the internet or intranet.
'##
'## This program is distributed in the hope that it will be useful, but WITHOUT ANY 
'## WARRANTY; without even the implied warranty ofMERCHANTABILITY or FITNESS FOR A 
'## PARTICULAR PURPOSE.  See the GNU General Public License for more details.
'##
'## You should have received a copy of the GNU General Public License with this 
'## program; if not, write to:
'## Free Software Foundation, Inc.
'## 59 Temple Place - Suite 330
'## Boston, MA  02111-1307, USA
'##
'## Support can be obtained from our support forums at:  http://forum.snitz.com
'##
'## Correspondence and marketing questions can be sent to:  manderson@snitz.com
'##
'#################################################################################
Response.Buffer = True
%>
<!--#INCLUDE FILE="config.asp"-->
<!--#INCLUDE FILE="inc_sha256.asp"-->
<!--#INCLUDE FILE="inc_header.asp" -->
<%
If Session(strCookieURL & "Approval") <> "15916941253" Then 
	ScriptName = Split(Request.ServerVariables("SCRIPT_NAME"),"/")
	Response.Redirect "admin_login.asp?target=" & ScriptName(UBound(ScriptName)) & "?" & Request.ServerVariables("Query_String")
End If
Response.Write	"			<table border=""0"" width=""100%"">" & vbNewLine & _
	"				<tr>" & vbNewLine & _
	"					<td width=""33%"" align=""left"" nowrap><font face=""" & strDefaultFontFace & """ size=""" & strDefaultFontSize & """>" & vbNewLine & _
	"          " & getCurrentIcon(strIconFolderOpen,"","") & " <a href=""default.asp"">All Forums</a><br />" & vbNewLine & _
	"          " & getCurrentIcon(strIconBar,"","") & getCurrentIcon(strIconFolderOpen,"","") & " <a href=""admin_home.asp"">Admin Section</a><br />" & vbNewLine & _
	"          " & getCurrentIcon(strIconBlank,"","") & getCurrentIcon(strIconBar,"","") & getCurrentIcon(strIconFolderOpenTopic,"","") & " Kick Member<br /></font></td>" & vbNewLine & _
	"				</tr>" & vbNewLine & _
	"			</table>" & vbNewLine & _
	"			<br />" & vbNewLine & _
	"			<table border=""0"" width=""400"" cellspacing=""0"" cellpadding=""0"" align=""center"">" & vbNewline & _
	"				<tr>" & vbNewline & _
	"					<td bgcolor=""" & strForumCellColor & """>" & vbNewline & _
	"						<table border=""1"" bgcolor=""" & strPopupTableColor & """ width=""100%"" style=""border-collapse:collapse;"" cellspacing=""0"" cellpadding=""4"">" & vbNewline & _
	"							<tr valign=""middle"">" & vbNewline & _
	"								<td colspan=""2"" align=""center"" bgcolor=""" & strCategoryCellColor & """>" & vbNewline & _
	"									<font face=""" & strDefaultFontFace & """ color=""" & strHeadFontColor & """ size=""" & strHeadFontSize & """><b><u>Kick Member</u></b> " & vbNewline & _
	"									</font>" & vbNewLine & _
	"								</td>" & vbNewline & _
	"							</tr>" & vbNewLine
If Request("kickno") > "" Or Request("kickna") > "" Then
	If Not TableExists(strTablePrefix & "KICKER") Then my_Conn.Execute("CREATE TABLE " & strTablePrefix & "KICKER (KICKER_ID COUNTER NOT NULL, MEMBER_ID INT)")
	If Request("reset1") = "No" Then
		Response.Redirect	"admin_kick_member.asp"
		WriteFooter
		Response.End
	End If
	If Request("kickna") > "" Then
		strSql = "SELECT MEMBER_ID FROM " & strMemberTablePrefix & "MEMBERS WHERE M_STATUS = 1 AND M_NAME='" & Request("kickna") & "'"
		Set rs = my_Conn.Execute(strSql)
		If Not rs.EOF Then
			intKick = rs("MEMBER_ID")
			rs.Close
		Else
			Set rs = Nothing
			Go_Result "Member does not exist.",0
		End If
		Set rs = Nothing
	End if
	If Request("kickno") > "" And IsNumeric(Request("kickno")) Then
		strSql = "SELECT MEMBER_ID FROM " & strMemberTablePrefix & "MEMBERS WHERE M_STATUS = 1 AND MEMBER_ID=" & Request("kickno")
		Set rs = my_Conn.Execute(strSql)
		If Not rs.EOF Then
			intKick = rs("MEMBER_ID")
			rs.Close
		Else
			Set rs = Nothing
			Go_Result "Member does not exist.",0
		End If
		Set rs = Nothing
	ElseIf Request("kickno") > "" And Not IsNumeric(Request("kickno")) Then
		Go_Result "Member number must be numeric.",0
	End if
	If Request("submit") = "Yes" Then
		strSql = "INSERT INTO " & strTablePrefix & "KICKER (MEMBER_ID) VALUES (" & intKick & ")"
		my_Conn.Execute(strSql)
		Response.Redirect	"admin_kick_member.asp"
		WriteFooter
		Response.End
	End If
	strSql = "SELECT MEMBER_ID FROM " & strTablePrefix & "KICKER WHERE MEMBER_ID = " & intKick
	Set rs = my_Conn.Execute(strSql)
	If Not (rs.BOF Or rs.EOF) Then
		rs.Close
		Set rs = Nothing
		Go_Result "Member already scheduled for kick.",0
	ElseIf Request("submit") = "Submit" Then
		strSql = "SELECT M_STATUS, M_NAME, MEMBER_ID FROM " & strMemberTablePrefix & "MEMBERS WHERE M_STATUS = 1 AND MEMBER_ID = " & intKick
		Set rs = my_Conn.Execute(strSql)
		If Not rs.EOF Then
			Response.Write	"									<form action=""admin_kick_member.asp"" method=""post"">" & vbNewLine & _
				"										<input type=""hidden"" name=""kickno"" value=""" & intKick & """ />" & vbNewLine & _
				"										<tr valign=""top"">" & vbNewLine & _
				"											<td colspan=""2"" bgcolor=""" & strForumCellColor & """ width=""100%"" align=""center"" style=""line-height:50%;"">" & vbNewLine & _
				"												<b><font color=""" & strHiLiteFontColor & """>" & rs("M_NAME") & "</font></b>" & vbNewLine & _
				"											</td>" & vbNewLine & _
				"										</tr>" & vbNewLine & _
				"									</table>" & vbNewLine & _
				"								</td>" & vbNewLine & _
				"							</tr>" & vbNewLine & _
				"							<tr valign=""top"">" & vbNewLine & _
				"								<td colspan=""2"" bgcolor=""" & strPageBGColor & """ width=""100%"" align=""center"" style=""line-height:50%;""><br />" & vbNewLine & _
				"							<input style=""color:" & strHeadFontColor & "; font-weight:bold; font-family:" & strDefaultFontFace & "; padding:3px 6px 3px 6px; border:1px solid " & strTableBorderColor & "; text-shadow:0px 1px 1px #000; font-weight:bold; text-decoration:none; border-radius:25px; -webkit-border-radius:25px; background:"&strHColor&";"" type=""Submit"" class=""button2"" name=""submit"" value=""Yes"" />" & vbNewLine &  _
				" <input style=""color:" & strHeadFontColor & "; font-weight:bold; font-family:" & strDefaultFontFace & "; padding:3px 6px 3px 6px; border:1px solid " & strTableBorderColor & "; text-shadow:0px 1px 1px #000; font-weight:bold; text-decoration:none; border-radius:25px; -webkit-border-radius:25px; background:"&strHColor&";"" type=""Submit"" class=""button2"" name=""reset1"" value=""No"" />" & vbNewLine & _
				"						</td>" & vbNewLine & _
				"					</tr>" & vbNewLine
		Else
			Go_Result "Member does not exist or status is disabled.",0
		End If
	End If
Else
	Response.Write	"										<form action=""admin_kick_member.asp"" method=""post"">" & vbNewLine & _
		"										<tr valign=""top"">" & vbNewLine & _
		"											<td bgcolor=""" & strForumCellColor & """ width=""50%"" align=""center"">" & vbNewLine & _
		"												<font face=""" & strDefaultFontFace & """ size=""" & strDefaultFontSize & """ color=""" & strForumFontColor & """>ID Number: <input type=""text"" style=""text-align:center; width:98%; font-weight:bold; maroon;"" name=""kickno"" maxlength=""6"" /></font>" & vbNewLine & _
		"											</td>" & vbNewLine & _
		"											<td bgcolor=""" & strForumCellColor & """ width=""50%"" align=""center"">" & vbNewLine & _
		"												<font face=""" & strDefaultFontFace & """ size=""" & strDefaultFontSize & """ color=""" & strForumFontColor & """>User Name: <input type=""text"" style=""text-align:center; width:98%; font-weight:bold; maroon;"" name=""kickna"" maxlength=""35"" /></font>" & vbNewLine & _
		"											</td>" & vbNewLine & _
		"										</tr>" & vbNewLine & _
		"									</table>" & vbNewLine & _
		"								</td>" & vbNewLine & _
		"							</tr>" & vbNewLine & _
		"							<tr valign=""top"">" & vbNewLine & _
		"								<td colspan=""2"" bgcolor=""" & strPageBGColor & """ width=""100%"" align=""center"" style=""line-height:50%;""><br />" & vbNewLine & _
		"             <input style=""color:" & strHeadFontColor & "; font-weight:bold; font-family:" & strDefaultFontFace & "; padding:3px 6px 3px 6px; border:1px solid " & strTableBorderColor & "; text-shadow:0px 1px 1px #000; font-weight:bold; text-decoration:none; border-radius:25px; -webkit-border-radius:25px; background:"&strHColor&";"" type=""Submit"" class=""button2"" name=""submit"" value=""Submit"" />" & vbNewLine &  _
		" <input style=""color:" & strHeadFontColor & "; font-weight:bold; font-family:" & strDefaultFontFace & "; padding:3px 6px 3px 6px; border:1px solid " & strTableBorderColor & "; text-shadow:0px 1px 1px #000; font-weight:bold; text-decoration:none; border-radius:25px; -webkit-border-radius:25px; background:"&strHColor&";"" type=""Reset"" class=""button2"" name=""reset1"" value=""Reset"" />" & vbNewLine & _
		"								</td>" & vbNewLine & _
		"							</tr>" & vbNewLine
End If
Response.Write	"							</form>" & vbNewLine & _
	"							</table>" & vbNewLine & _
	"						</td>" & vbNewLine & _
	"					</tr>" & vbNewLine & _
	"				</table>" & vbNewLine
WriteFooter

Function TableExists(TableToFind)
	TableExists = False
	Set adoxConn = CreateObject("ADOX.Catalog")
	Set adodbConn = Server.CreateObject("ADODB.Connection")
	adodbConn.Open(strConnString)
	adoxConn.ActiveConnection = adodbConn
	IsThere = False
	For Each Table In adoxConn.tables
		If LCase(Table.Name) = LCase(TableToFind) Then
			IsThere = True
			Exit For
		End If
	Next
	adodbConn.Close
	Set adodbConn = Nothing
	Set adoxConn = Nothing
	If IsThere Then TableExists = True
End Function
%>


"inc_header.asp"


Look for the following lines (appx 225-227):

Response.Write	"<html>" & vbNewline & vbNewline & _
		"<head>" & vbNewline & _
		"<title>" & GetNewTitle(strScriptName) & "</title>" & vbNewline


Above them, insert these:

strSql = "SELECT KICKER_ID, MEMBER_ID FROM " & strTablePrefix & "KICKER WHERE MEMBER_ID = " & MemberID
Set rs = my_Conn.Execute(strSql)
If Not (rs.BOF Or rs.EOF) Then
	my_Conn.Execute("DELETE * FROM " & strTablePrefix & "KICKER WHERE KICKER_ID = " & rs("KICKER_ID"))
	rs.Close
	Set rs = Nothing
	Response.Redirect "logout.asp"
	Call ClearCookies
	Session.Abandon
End If
Set rs = Nothing


"admin_home.asp"


Look for the following line (appx ):

		"                <LI><span class=""spnMessageText""><a href=""admin_member_search.asp"">Member Search</a></span></LI>" & vbNewLine & _


Above it, insert this:

		"                <LI><span class=""spnMessageText""><a href=""admin_kick_member.asp"">Kick Member</a></span></LI>" & vbNewLine & _
Edited by - Carefree on 25 December 2015 01:57:14
Go to Top of Page

Webbo
Average Member

United Kingdom
982 Posts
Posted - 25 December 2015 :  17:17:32  Show Profile  Visit Webbo's Homepage
Does that just delete their cookie until they log back in again Carefree, or does it delete their cookie continuously like a ban tool ?
Go to Top of Page

Carefree
Advanced Member

Philippines
4207 Posts
Posted - 25 December 2015 :  21:28:51  Show Profile
No, it's a single deletion. So if you change a user's password, perhaps for a security reason (e.g., suspected hack), they'll be kicked out and have to log back in. Typically a hacker who gets another password will leave a window open with a macro-controlled screen refresh so they don't get logged out due to inactivity. This would prevent that. Banning would be much easier - just set the user account level to -1.
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.29 seconds. Powered By: Snitz Forums 2000 Version 3.4.07