[_ck_]

Block may never have worked like one would think.

I think it just treats them like “bozo” status.

It gives them the capability of “not_play_nice” = true

hmm actually…

function bb_block_current_user() {

global $bbdb;

if ( $id = bb_get_current_user_info( 'id' ) )

bb_update_usermeta( $id, $bbdb->prefix . 'been_blocked', 1 ); // Just for logging.

bb_die(__("You've been blocked.  If you think a mistake has been made, contact this site's administrator."));

}

function bb_reset_password( $key ) {

global $bbdb;

$key = sanitize_user( $key );

if ( empty( $key ) )

bb_die(__('Key not found.'));

if ( !$user_id = $bbdb->get_var( $bbdb->prepare( "SELECT user_id FROM $bbdb->usermeta WHERE meta_key = 'newpwdkey' AND meta_value = %s", $key ) ) )

bb_die(__('Key not found.'));

if ( $user = new BB_User( $user_id ) ) :

if ( bb_has_broken_pass( $user->ID ) )

bb_block_current_user();

if ( !$user->has_cap( 'change_user_password', $user->ID ) )

bb_die( __('You are not allowed to change your password.') );

.

According to all that, their password should be scrambled and they should be unable to reset it – so they can’t log in.

But you can’t stop them from seeing the website.

There’s no IP based blocking (yet) in bbPress.

To really block an IP, you’d have to go into htaccess and add a “deny from” – at least for now.

I guess someone could write a plugin to block the IP of blocked users, perhaps for 48 hours or so. Since bbPress doesn’t store the last login IP for users by default, this makes it difficult, the plugin would have to start storing IPs on every login.