2013-10-28, 02:15 PM
Hi,
I was looking to use myBB for a project, but I'm concerned about security. If users login and tick the 'remember me' tick box then their cookie in mybbuser does not expire for 1 year. So is there anyway I can either: change the cookie expiry from 1 year to a few hours or disable and hide the 'remember me' tick box so that users are not automatically logged in when they return to the site. This is really driving me crazy - I've been looking at this for a number of days. Tried the login_cap plugin, but it does not display captcha images even though they work on registration and new posts - I do not think this plugin works for 1.6
Tried changing the session time-out in member php - but that does not work for me either.
Pulling my hear out - just looking for a solution that will force users to have to login every time they visit the site.
Any help at this stage would be very welcomed - I really like myBB, but I feel this is a show stopper.
Thanks in advance,
casol01
Change of direction:
Hi all,
OK finally got to a stage where the 'remember me' check box is unticked by following this thread: http://community.mybb.com/thread-110743....t=remember
And I've got to the stage on the header_welcome_block where 'remember me' is now displaying as undefined by removing lang.remember_me = "{$lang->remember_me}"; from the template.
However the 'remember me' tick box is still visable but labelled as 'undefined' - how do I remove this tick box from the header_welcome_block?
Regards,
casol01
I was looking to use myBB for a project, but I'm concerned about security. If users login and tick the 'remember me' tick box then their cookie in mybbuser does not expire for 1 year. So is there anyway I can either: change the cookie expiry from 1 year to a few hours or disable and hide the 'remember me' tick box so that users are not automatically logged in when they return to the site. This is really driving me crazy - I've been looking at this for a number of days. Tried the login_cap plugin, but it does not display captcha images even though they work on registration and new posts - I do not think this plugin works for 1.6
Tried changing the session time-out in member php - but that does not work for me either.
Pulling my hear out - just looking for a solution that will force users to have to login every time they visit the site.
Any help at this stage would be very welcomed - I really like myBB, but I feel this is a show stopper.
Thanks in advance,
casol01
Change of direction:
Hi all,
OK finally got to a stage where the 'remember me' check box is unticked by following this thread: http://community.mybb.com/thread-110743....t=remember
And I've got to the stage on the header_welcome_block where 'remember me' is now displaying as undefined by removing lang.remember_me = "{$lang->remember_me}"; from the template.
However the 'remember me' tick box is still visable but labelled as 'undefined' - how do I remove this tick box from the header_welcome_block?
Regards,
casol01