Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.For example: I'm already logged in to a Drupal install using "OpenID Sync Client". I have the OpenID "http://badguy.badddymc.bad". Cron runs and my OpenID is added to the banned list... but I stay logged in. Would it be possible to kill my session? Maybe killing all admin sessions with sess_destroy_uid($uid) is acceptable compromise?
| Comment | File | Size | Author |
|---|---|---|---|
| #1 | force_logout.patch | 3.54 KB | raines37 |
Comments
Comment #1
raines37 commentedAttached is an SVN diff that adds this feature. I've tested this pretty extensively, but may have done some stupid stuff. Please check the "normalization" function especially for stupidity... Also, a minor change still needs to go in, which is noted in source.