Modified preventing login by barred IP with stolen credentials to for…

…ced logout; enables reading of site, in case of valid reasons

action.php

@@ -40,8 +40,8 @@ function dw_start(&$event, $param)
 
 
        if( empty($u) && empty($p) && empty($_REQUEST['http_credentials']) && !empty($USERINFO) && !$this->is_allowed($allowed, $ip)){
-            header("HTTP/1.0 403 Forbidden");                   
-            exit("<div style='text-align:center; padding-top:2em;'><h1>403:  Login Required</h1></div>");
+             unset($USERINFO) ;
+             global $ACT;  $ACT = 'logout';          
       }   
 
       if($test && isset($USERINFO) && in_array('admin', $USERINFO['grps'])) {