This is my reasoning, so it may not be correct. But I would like to show you one solution.
If there is any bug in the open login plugin, you should delete it. However, deleting the plugin will not solve the login problem. Because, if the user checked "remember" option on the login page, session (login) data will be stored in the user's machine (cookie) for one month. If the user visits your site again, Q2A will automatically log in using incorrect login data.
I think there are several ways to solve this problem. The easiest way is to temporarily change Q2A session variables. Incorrect login data on the client (cookie) expires after one month. Therefore, you can restore the core program after one month.
How to change core program:
- Open qa-include/app/users.php with any text editor
- Replace from "'qa_session" to "'qa_session_temp" (Those lines will be 15)
Example of L198:
//setcookie('qa_session', $handle.'/'.$sessioncode.'/'.($remember ? 1 : 0), $remember ? (time()+2592000) : 0, '/', QA_COOKIE_DOMAIN, (bool)ini_get('session.cookie_secure'), true);
setcookie('qa_session_temp', $handle.'/'.$sessioncode.'/'.($remember ? 1 : 0), $remember ? (time()+2592000) : 0, '/', QA_COOKIE_DOMAIN, (bool)ini_get('session.cookie_secure'), true);
I can not compensate you for your damage due to this change. Therefore, you must do this on your own risk. However, this measure may be useful if you are in trouble.