We have a user who is consistently accessing the board to cause trouble and to make threats on the life of one of my moderators (the police are involved).

However I was thinking about a general way to get rid of someone permanently that doesn't involve email or IP addresses, both of which can change.

Is there a way that I can write a hack so when someone who I know is a person I don't want logs into the forums a cookie (or other such thing) is placed on their computer to idenitify who they are and then thus denied access to the forums.

Critically this cookie should not be deleted when a user logs out of the forums. So even if he logs out and registers under a different name he will still be denied access.

I know that he can get rid of the cookie manually if he wants to. But I don't think he has the knowledge for that sort of thing.

Your thoughts appreciated.

Thanks

I guess you could put code to place a cookie if username is XXX, then after he visits once remove the code.

Then add a check to the checkipban() function to also make sure the user doesn't have this cookie in his copmuter.

Thats exactly what I'm looking for. Any pointers on how to do this. Or places to look I can get examples of the code I need?

Also my site uses multiple sub-domains
e.g. site1.motorsportforum.com
site2.motorsportforum.com
I assume for the purposes of cookies these are treated as two seperate domains and a process running under the site2 domain would not be able to look at the site1 cookie?

I wonder if there is some way to make sure the checkipban function will always run from the same domain name. Explicitly call it from a program perhaps. So this person cannot just type in a new random subdomain.