[thelist] some session info not destroyed on logout from siteusingPEAR Auth
Max Schwanekamp
lists at neptunewebworks.com
Tue May 16 18:08:52 CDT 2006
> From: Anthony Baratta
> > log in with different user credentials, they still appear
> to be logged
> > in to the account they previously logged in with.
>
> This is a guess, but it sounds like the login page does not
> over-write existing cookies or session info when the login
> process is activated. Instead it's accepting any existing data.
I'd also suggest double-checking if the page is being cached by the browser.
--
Max Schwanekamp
http://www.neptunewebworks.com/
More information about the thelist
mailing list