MODS.DB9.DK

[Cyberian75]

I set the max sessions to 500, and I got a critical error saying it's not able to create more sessions. I had to uninstall this mod in order to gain control of my board.

There should be some kind of "back door" for admins and a much friendly message like "maximum number of users . . ."

[Niels]

The max session works, even before the user is logged in to the forum, therefore it does not distingues between admin or any other user....

A back door, would be a potential security bug, if this mod should make any sence....

The critical erro, can be hard coded into the session.php into something more nice, if you prefere, the mod, can not support muliple languages, since the users language is not loaded at that time....


keep in mind that the reason for this mod, is to prevent flooding of the forum, inorder to gain this, it is vital that absolutly minimum work is done, before the mod can say "go" or "no go" to the client, therefor it does work in a very early state of the connection.

The user witch initial requested this mod, was requesting this, so a user could not make meny sessions, and flood the forum, in order to make the DB go down.
if this mod did make meny SQL queryes before determen if the user was allowed or not, it would give no meaning

hope you now understand, why this mod work as it does , simply to increase the security of the forum

Aand yes, a user could make 500 sessions, and thereby disable other users access - but he would have to keep all 500 sessions alive all the time, but at least the DB server would still be runing....importent if other appl. does use the same DB