users logged in as a different user [Q and A] - XOOPS Web Application System

users logged in as a different user

2005/11/5 5:40
veaglarwen
Just popping in
Posts: 28
Since: 2004/12/2

Hi, I'm not sure how to handle this issue I've been seeing recently. One morning several weeks ago I woke up and went to my site (allisonmackonline.com) and noticed I was already logged in...as another member of the site. I cleared my cookies and cache and it reset.

I just got a message from a user saying that they were logged in as me.

What is causing this? Have you guys seen this before? What can I do to prevent this? If any random user can log in as me, the site has a serious security risk that needs to be addressed.

I'm running XOOPS 2.0.13 on a linux machine.

Re: users logged in as a different user

2005/11/5 5:46
jdseymour
Friend of XOOPS
Posts: 3782
Since: 2004/11/11

Do you have any links that include a PHP session ID?

Proactive Support for Sites and Servers

WebServerMasters.com | XOOPS Tutorials

Re: users logged in as a different user

2005/11/5 5:54
veaglarwen
Just popping in
Posts: 28
Since: 2004/12/2

that could have been the case.

thanks for letting me know.

Stats
Goal:	$100.00
Due Date:	Nov 30
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

users logged in as a different user

Re: users logged in as a different user

Re: users logged in as a different user

Login

Search

Recent Posts

Re: Mymenus Module with XOOPS 2.5.11-Stable

Re: Migrate from Wordpress

Re: Error in https://xoops.org/modules/wggithub/

Re: Error in https://xoops.org/modules/wggithub/

Re: XOOPS 2.5.11 session handling too strict?

Error in https://xoops.org/modules/wggithub/

Re: XOOPS 2.5.11 session handling too strict?

Re: XOOPS 2.5.11 session handling too strict?

Re: XOOPS 2.5.11 session handling too strict?

Re: XOOPS 2.5.11 session handling too strict?

Who's Online

Donat-O-Meter

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}