Does courier have any ability to deny login to accounts that are still in
the database? I'd like to have it so if an account gets disabled, courier
rejects the login to it. Is this possible?
-Charlie Davis
Sure.
Solution A, aka "messy" or "sloppy" method:
Reset the password of any disabled account to something that would never be valid, such as a normal string in a cryptpw field (and to a blank clearpw field if it's not already) -- like "-DISABLED-".
Solution B, aka "lame":
Change the user id in such a way that it will no longer validate. (i.e. convert the first character -- or 5 -- to HTML escape sequences; or rot13 the whole id string; or ... well, you get the idea.)
Solution C, aka "better":
Use another field in the database record that marks an account as active or inactive and use the MYSQL_WHERE_CLAUSE to check its value during authentication. (e.g. I could use 'PGSQL_WHERE_CLAUSE active=1' in my authpgsqlrc file, seeing as I use PostgreSQL instead of MySQL over here)
Solution C.2, aka "better: the alternate version":
Use another field as in C, but create your own entire select statement with the MYSQL_SELECT_CLAUSE option... if that's more appropriate to your situation.
Solution D, aka "the stuff I didn't think of".....
-jab
------------------------------------------------------- This SF.net email is sponsored by Dice.com. Did you know that Dice has over 25,000 tech jobs available today? From careers in IT to Engineering to Tech Sales, Dice has tech jobs from the best hiring companies. http://www.dice.com/index.epl?rel_code=104 _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
