- Posts: 4
- Thank you received: 0
Kunena 6.3.0 released
The Kunena team has announce the arrival of Kunena 6.3.0 [K 6.3.0] in stable which is now available for download as a native Joomla extension for J! 4.4.x/5.0.x/5.1.x. This version addresses most of the issues that were discovered in K 6.2 and issues discovered during the last development stages of K 6.3
Question E-mail Subscription Link & Spoof Guest Users
I have several of my users who check the 'remember me' box when logging into the website. If they click the link in a subscription e-mail generated from Kunena it takes them into the forum but the forum then displayes the Access Denied, "You do not have permissions to access this page." error message. If they hit the refresh button, the thread loads fine, but always goes back to the first page. Any thoughts?
Other users are fine as when they click the link in the e-mail it prompts them to login, and when they do it takes them to the last post correctly.
Also, I have another issue whereby in my statistics section I am showing several guest users even though all permissions in Joomla and Kunena are set to 'Registered'. Whilst I don't doubt that guests are unable to access my forum, it is disconcerting for my users who think guests are being allowed access. Any thoughts?
---
Database collation check: The collation of your table fields are correct
Joomla! SEF: Enabled | Joomla! SEF rewrite: Enabled | FTP layer: Disabled |
This message contains confidential informationhtaccess: Exists | PHP environment: Max execution time: 60 seconds | Max execution memory: 128M | Max file upload: 100M
Kunena menu details:
Warning: Spoiler!
ID Name Menutype Link Path 582 Forum kunenamenu view=home&defaultmenu=583 forum 583 Index kunenamenu view=category&layout=list&catid=0 forum/index 584 Recent Topics kunenamenu view=topics&mode=replies forum/recent 585 New Topic kunenamenu view=topic&layout=create forum/newtopic 586 No Replies kunenamenu view=topics&mode=noreplies forum/noreplies 587 My Topics kunenamenu view=topics&layout=user&mode=default forum/mylatest 589 Help kunenamenu view=misc forum/help 590 Search kunenamenu view=search forum/search 588 Profile kunenamenu view=user forum/profile 591 Forum mainmenu Itemid=582 kunena-2013-01-01
Joomla default template details : beez5 | author: Angie Radtke | version: 2.5.0 | creationdate: Unknown
Kunena default template details : Blue Eagle 2.0 | author: Kunena Team | version: 3.0.0 | creationdate: 2013-05-15
Kunena version detailed: Kunena 3.0.0 | 2013-05-15 [ Wanga ]
| Kunena detailed configuration:| Kunena integration settings:Warning: Spoiler!
Kunena config settings: board_offline 0 enablerss 0 threads_per_page 20 messages_per_page 10 messages_per_page_search 15 showhistory 1 historylimit 6 shownew 1 disemoticons 0 template blue_eagle showannouncement 0 avataroncat 1 catimagepath category_images/ showchildcaticon 1 rtewidth 450 rteheight 300 enableforumjump 0 reportmsg 0 username 0 askemail 0 showemail 1 showuserstats 1 showkarma 0 useredit 1 useredittime 0 useredittimegrace 600 editmarkup 0 allowsubscriptions 1 subscriptionschecked 1 allowfavorites 0 maxsubject 50 maxsig 300 regonly 1 pubwrite 0 floodprotection 0 mailmod 0 mailadmin 0 captcha 0 mailfull 1 allowavatarupload 1 allowavatargallery 1 avatarquality 65 avatarsize 500 imageheight 800 imagewidth 800 imagesize 500000 filetypes zip,txt,doc,gz,tgz,pdf filesize 500000 showranking 1 rankimages 1 userlist_rows 30 userlist_online 1 userlist_avatar 1 userlist_name 1 userlist_posts 1 userlist_karma 0 userlist_email 0 userlist_joindate 1 userlist_lastvisitdate 1 userlist_userhits 1 latestcategory showstats 0 showwhoisonline 1 showgenstats 1 showpopuserstats 0 popusercount 5 showpopsubjectstats 0 popsubjectcount 5 usernamechange 0 showspoilertag 1 showvideotag 1 showebaytag 1 trimlongurls 1 trimlongurlsfront 40 trimlongurlsback 20 autoembedyoutube 1 autoembedebay 1 ebaylanguagecode en-gb sessiontimeout 900 highlightcode 0 rss_type topic rss_timelimit month rss_limit 100 rss_included_categories rss_excluded_categories rss_specification rss2.0 rss_allow_html 1 rss_author_format name rss_author_in_title 1 rss_word_count 0 rss_old_titles 1 rss_cache 900 defaultpage categories default_sort asc sef 1 showimgforguest 0 showfileforguest 0 pollnboptions 10 pollallowvoteone 1 pollenabled 1 poppollscount 5 showpoppollstats 1 polltimebtvotes 00:15:00 pollnbvotesbyuser 100 pollresultsuserslist 1 maxpersotext 50 ordering_system replyid post_dateformat ago post_dateformat_hover datetime hide_ip 1 imagetypes jpg,jpeg,gif,png checkmimetypes 1 imagemimetypes image/jpeg,image/jpg,image/gif,image/png imagequality 60 thumbheight 32 thumbwidth 32 hideuserprofileinfo put_empty boxghostmessage 0 userdeletetmessage 0 latestcategory_in 1 topicicons 1 debug 0 catsautosubscribed 0 showbannedreason 0 version_check 1 showthankyou 1 showpopthankyoustats 1 popthankscount 5 mod_see_deleted 0 bbcode_img_secure text listcat_show_moderators 0 lightbox 1 show_list_time 720 show_session_type 0 show_session_starttime 0 userlist_allowed 1 userlist_count_users 1 enable_threaded_layouts 0 category_subscriptions post topic_subscriptions first pubprofile 0 thankyou_max 10 email_recipient_count 0 email_recipient_privacy bcc captcha_post_limit 0 keywords 0 userkeywords 0 image_upload registered file_upload registered topic_layout flat time_to_create_page 1 show_imgfiles_manage_profile 1 hold_newusers_posts 0 hold_guest_posts 0 attachment_limit 8 pickup_category 0 article_display intro send_emails 1 fallback_english 0 cache 0 cache_time 60 iptracking 0 rss_feedburner_url autolink 1 access_component 0 userlist_usertype 0 sefutf8 0 enablepdf 0 jmambot 0 annmodid 62 changename 0 userlist_username 1 rules_infb 1 help_infb 1 onlineusers 1 | Joomla! detailed language files installed:Warning: Spoiler!Kunena - AlphaUserPoints Disabled
Kunena - Community Builder Disabled
Kunena - Gravatar Disabled
Kunena - JomSocial Disabled
Kunena - Joomla Enabled: access=1 login=1
Kunena - Kunena Enabled: avatar=1 profile=1
Kunena - UddeIM Disabled
Warning: Spoiler!
Joomla! languages installed: en-GB English (United Kingdom)
Third-party components: UddeIM 3.0
Third-party SEF components: None
Plugins: None
Modules: Kunena Latest 3.0.0
Please Log in or Create an account to join the conversation.
Let's look first at the question about the Remember Me checkbox. As far as I know, this checkbox exists for those people who use a web browser and do not have some kind of "remember what form fields I used last time I visited this website" feature. On submitting the form, the Remember Me checkbox causes Kunena to write a cookie on the user's PC and the cookie is used to populate the form fields (at least, that's my understanding of what it's used for and maybe I'm wrong).
But checking the Remember Me checkbox does not automatically login the user to the site ... and I think that's where the difference lies in understanding what this issue is all about. Just because the Username and Password fields are filled in with the details of the account that was used the last time the person accessed your website from that particular PC - remember that cookies only exist on the PC where you accessed a website from - this does not mean that a user is logged-in simply by visiting a web page. The user still has to press the Login button.
Further, the ability to "remember" the contents of form fields depends on the platform and the browser that you used. When I access the Kunena website from my iPad, the form fields are never populated with the information that I used between when I last accessed the site and when I turned off my iPad. Safari for iPad does not seem to have any "store cookies" or "store form field" information (at least, not that I have been able to discover).
So can we first eliminate the factors that I have described above?
Blue Eagle vs. Crypsis reference guide
Read my blog and
Please Log in or Create an account to join the conversation.
The 'Remember Me' function in Joomla, on my website at least, definately keeps the user logged in until they log out on that particular device. You are right it uses a Cookie to do this.
This is how my members use the function and they report that even if they don't visit the website for a week or more they are still logged in when they return?
I have tested it myself and can easily re-create the issue by checking the 'Remember Me' box - I can go directly to any link on the website that's only accessible to registered users and it works fine, but if the first page I go to is a Kunena page I get the access denied error I mention above. This only applies to external links opening up the website, if you are already on the website and use the menu etc to access the forum it all works fine.
Any help appreciated thanks!
Please Log in or Create an account to join the conversation.
I do not think that's how Joomla works at all. Perhaps if you asked the Joomla forum for this information, and post the considered reply from one of the members of the Joomla development team here, there might be a dissenting view.ozzie1989 wrote: The 'Remember Me' function in Joomla, on my website at least, definItely keeps the user logged in until they log out on that particular device. You are right it uses a Cookie to do this.
A user remains logged-in for as long as the session cookie is "alive" when the session cookie expires the user is logged-out. The expiry time for a user's Joomla session is defined by the value (in minutes) of
Joomla Global Configuration » Server » Session Settings » Session Lifetime
Kunena also has a session setting (a value in seconds), defined by
Kunena Forum » Configuration » General » Basic Settings » Session Lifetime
When people have problems with users being "logged-out" unexpectedly, we have discussed the suggested arrangement where you should define these two values the same. That is, if you have a Joomla Session Lifetime of 15 minutes (which is the default) then you should, likewise, set the Kunena Session Lifetime to 1200 seconds (which is not the default). The Kunena Session Lifetime is important for
... access rights recalculation, whoisonline display and NEW indicator. Once a session expires beyond that timeout, access rights and the NEW indicator are reset.
As far as the possibility that a user can login, close a web browser page and revisit the site a week later and expect to pick up from where they left off before, that's not only unusual, I have never heard of such a possibility occurring. This, to me, would pose a risk to security by allowing anyone to use someone else's PC and do all manner of things without the former user being aware of them.
Blue Eagle vs. Crypsis reference guide
Read my blog and
Please Log in or Create an account to join the conversation.
Please Log in or Create an account to join the conversation.
sozzled wrote: As far as the possibility that a user can login, close a web browser page and revisit the site a week later and expect to pick up from where they left off before, that's not only unusual, I have never heard of such a possibility occurring. This, to me, would pose a risk to security by allowing anyone to use someone else's PC and do all manner of things without the former user being aware of them.
This is a feature on most websites, the biggest one I can think of is Google. If I check the 'remember me' box when loggin into Goole, when I go back on my PC later that day, the day after or even a week after I can still access all my Google freatures (e-mail, drive etc.) without being prompted for a login.
After all, I am the only one who uses my PC and I have a password on it so why not?
Before I take this any further I will speak to the Joomla guys to confirm if this feature is working correctly on my site and I'll check the session timers (although I don't actually have an issue with users being logged out of either Joomla or Kunena, as Kunena even displays their name when it denies them access).
Please Log in or Create an account to join the conversation.