#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2012
    Posts
    1
    Rep Power
    0

    Exclamation User login, and see someone else profile


    hi everybody,

    I'm developing a system using Code Ignitor framework.
    When a user login to the system, it keeps user profile in session

    as general way.

    Sometimes users report me that, they can see "someone else

    profile", and when change page, it becomes normal, and some times,
    they can see someone else profile again. These users use their own

    computer and not share to anyone.

    This problem is found only some times, but it is really not good.
    I cannot specify the cause, because session system in the

    framework should be well-design.
    I also wonder that for systems those require high-certainty such

    as online banking, how do they manage this issue.

    Please give me some idea about this problem.

    Thanks a very lot,
  2. #2
  3. Sarcky
    Devshed Supreme Being (6500+ posts)

    Join Date
    Oct 2006
    Location
    Pennsylvania, USA
    Posts
    10,908
    Rep Power
    6351
    We need a lot more information than this, unfortunately. Start logging session data along with IP, see if the session for an IP changes at random.
    HEY! YOU! Read the New User Guide and Forum Rules

    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin

    "The greatest tragedy of this changing society is that people who never knew what it was like before will simply assume that this is the way things are supposed to be." -2600 Magazine, Fall 2002

    Think we're being rude? Maybe you asked a bad question or you're a Help Vampire. Trying to argue intelligently? Please read this.

IMN logo majestic logo threadwatch logo seochat tools logo