[imp] user getting other people's sessions
Bjørn Ove Grøtan
bjorn.grotan@itea.ntnu.no
Wed, 21 Aug 2002 16:19:24 +0200
Jan Schneider:
> Zitat von Jie Gao <J.Gao@isu.usyd.edu.au>:
>
> > > I have users saying to me that they get other people's sessions while
> > > using IMP sometimes.
> > >
> > > Anyone else here have this problem as well, or has this issue been
> > > dealt with and if so, what can I do to patch it up quickly without
> > > having to upgrade?
> >
> > I've found that the logout process does not set the cookies to null
> > value - it just leaves the cookies with their original values in the
> > user's browser. This might contribute to the subject problem.
>
> I don't think it's a browser problem. Do I assume correctly that you all use
> custom (e.g. db based) session handlers?
My install do not use custom session handlers, but the default from imp
which again uses the default of php as far as I can see.
Regards
Bjørn Ove Grøtan