Hello Ircd, On Wednesday, January 07, 2004, [EMAIL PROTECTED] wrote... > Hi, kinda new to this list, wondering if anyone else has experienced > a problem similar to this, I'm just about tired of trying to figure > it out :)I have 3 installs of squirrelmail, though I'm not sure this > is directly affecting what is happening - every now and then, say > once or twice a week - User 1 is logged in, active etc - then user 2 > logs in, same domain, or different - doesn't really have an effect - > but when user2 logs in, it takes user1's session and seemingly > overwrites it, so if you refresh user1's session, bam you have all > of user2's emails etc as if it was a session hijack, when it isn't - > I've had this happen with 2 operating systems,(OpenBSD 3.3/3.4 and > FreeBSD 5.1/5.2-RC2) and can't seem to find a solution as it only > occurs intermittently...but when it does, it is obviously a huge > security risk - I know php stores all session files in tmp, but I > figured they were random enough to not actually effect each other - > anyone else experience anything similar? is this some simple > misconfig on my behalf? any help of course is greatly appreciated...
This isn't too uncommon... If you read the archives, you'll see it comes up from time to time. It is inherently a PHP issue, but I am working on a scheme to work around the issue. All I can suggest is logoff user 1, then logon as user 2... or close the browser, and reopen it to logon as the second user. -- Jonathan Angliss ([EMAIL PROTECTED]) ------------------------------------------------------- This SF.net email is sponsored by: Perforce Software. Perforce is the Fast Software Configuration Management System offering advanced branching capabilities and atomic changes on 50+ platforms. Free Eval! http://www.perforce.com/perforce/loadprog.html -- squirrelmail-users mailing list List Address: [EMAIL PROTECTED] List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995 List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
