[thelist] some session info not destroyed on logout from siteusingPEAR Auth

Max Schwanekamp lists at neptunewebworks.com
Tue May 16 18:08:52 CDT 2006

> From: Anthony Baratta 
> > log in with different user credentials, they still appear 
> to be logged 
> > in to the account they previously logged in with.
> This is a guess, but it sounds like the login page does not 
> over-write existing cookies or session info when the login 
> process is activated. Instead it's accepting any existing data.

I'd also suggest double-checking if the page is being cached by the browser.

Max Schwanekamp

More information about the thelist mailing list