[TYPO3-dev] Bug in loginfunctionlaity in Typo3??
Sune
nospam_sune at talefod.dk
Fri Mar 24 12:40:18 CET 2006
Hi everyone,
Im experiencing some wierd things when people logs into my website. I have
send out an email with a link like this:
http://www.domain.com/index.php?id=574&pid=7&logintype=login&user=username&pass=password
when the user clicks the link he gets logged in automaticly. This works just
fine. But the problem is that sometimes peolpe see the wrong profile, as if
they where logged in as another user. How can this happen?
I have checked my apache logfile and the pattern i find is that if 2 users
log in at the same time, their profiles get mixed up. If this is correct
then there is a huge security issue in Typo3.
Please let me know if anyone have had the same problems or if you can tell
me what the problem might be.
And let me know if you need anymore information.
BTW: i use typo3 3.7.0
Regards
Sune Brodersen
More information about the TYPO3-dev
mailing list