Every member has to be manually checked on our forum. So awaiting approval then we check their details are ok and let them in. Someone got in but we didn't let them in as they didn't pass our checks. I remember seeing this user in awaiting to moderated and left them there. I also remember seeing them listed in the forum as members online which is technically ok right? But they can't see any of the forums. They can just login and out and change account details. Avatar, email address etc. They did change their email address. Now they are set as "valid" in the backend. Is that possible?