Unknown user may login
2 posters
Page 1 of 1
Unknown user may login
Anyone can modify data
Possible Error | Severity | Form page | Location | Possible correction | Comment | |
1 | Homepage ‘Remember’ remembers ALL the time | high | Homepage | http://www.daspecster.com/cam/index.php/ | Recode the ‘Remember’ | (see below) |
At the homepage, it's like the 'Remember' is performing its duty without being asked to do that.
Kenny- Posts : 14
Join date : 2008-09-29
Re: Unknown user may login
Kenny wrote:
Since this is a Web app, if a user does not logout explicitly (probably was accessed from a Cafe), I think it is possible for an UNKNOWN USER to continue accessing the database for any Camper from the same computer used.
At the homepage, it's like the 'Remember' is performing its duty without being asked to do that.
If you are referring to the fact that a user will stay logged in for a certain amount of time, then yes, the user is "remembered." If you close your browser and open it back up again, however, you will see that you must log in again because the cookie has been deleted.
'Remember' is for if you want the cookie to persist for multiple browser sections. I don't think it would be a very user-friendly "feature" to require our users to log in every time they switched pages.
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
|
|