Possible Session Problem
On my website, when a person logs in - a session is started and variables set with his/her information taken from the "users" database. This allows them to access their information where they can add, edit or delete certain information.
I registered as a user and entered some test information to make sure everything works, etc.. I left for a while without logging out and when I came back to access my information I found that I had access to someone else's information instead of mine.
The login script is suppose to automatically log you out after a period of inactivity. I don't know what happened here, but I'm hoping that someone could share some light on what possibly may have happened.
Doesn't this destroy the session almost immediately?
setcookie (session_name(), '', time()-300, '/', '', 0); // Destroy the cookie.
Well, you should probably just use session_destroy().
However, being able to access somebody else's information doesn't sound like it has anything to do with your session-clearing. You must have stored bad information in the session somehow, through bad queries or something like that. :/
Let us know if you see any more problems
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)