Comment 1 for bug 850580

This does not look to be happening for a deleted user anymore. It does, however, happen for a suspended user.

The problem is the ./htdocs/auth/user.php has an authenticate() function that saves the new 'lastlogin' value and it is called before the check to see if one is suspended. If we swap this around it should sort the problem.

But then comes the question: Do we want the database to reflect the last legitimate login or the last time they tried to to login?