© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
Ok, lets leave the SESSION_COOKIE_AGE as it is. The best way to log a user out is using the flush() method: https:/
During testing this works just fine. Creating a middleware and testing each request for 'is_active' and run 'sessions.flush()' in case of 'not is_active' should work imho. So the user is logged out and couldn't log in anymore. But i am not sure if this is really a goal: Registering with another username is easy... resulting in lots of users which may have to set 'not active'. I would say: lets leave it as it is right now. Having hidden posts is better than having new users.
The current state of the work is:
- Moved spam keyword check to pybb/forms.py. This is a better place for doing this
- Inform only admins of hidden posts per e-mail. Not hidden posts are managed as usually. It needs additional work if a hidden post is not spam and got unhided (is 'uncovered' the right term here?) by an admin: The notifications needs updated and users must be noticed of a new post in subscribed topics
- changed the admin site of pybb/post and show the 'hidden' property as well as some modification of the fields which are shown. The admin page could be sorted by the 'hidden' property
I want to do some more tests before proposing to merge though.
Superspammer was active yesterday, but the one post he has written got hidden. The day before yesterday and today no spam. Added the term 'rsgold' to the keywords.