Tweet
Please read this thread as soon as possible. I have asked about this before and I do not get it resolved. I absolutely must be able fix this so that my member feel their privacy is secure.
-
Last edited by glenv; Mon 12 Nov '01, 4:08am. -
The only way I've ever heard of this happening is if someone is accessing the forum from behind a proxy server and they are using session IDs instead of cookies.
Your user - wsualum - is 'logged in' as someone else but I notice that he/she can't post as this other person. At some point it appears that he/she is asked for a user name and password.
Have you checked wsualum's user profile to see what the setting is for 'Browse the board with cookies?' Make sure this is set to 'yes'.Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
Change CKEditor Colors to Match Style (for 4.1.4 and above)
Steve Machol Photography
Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.
-
This just happened to me, too.
Both users are using the same proxy, it would appear, through their ISP. Both also have cookies enabled in their profiles, as well as "remember name/password".
I assume that by logging out of the forums when they are done for the day, this would prevent this - not sure if they both try to come on at the same time - blah.
Any ideas?
Cheers.
ScottIncursus: (latin: clash, collision/attack, raid, foray, invasion)
We Create Thingz.Comment
-
Here's another old thread I found, from about a year ago, same subject.
Cheers.
ScottIncursus: (latin: clash, collision/attack, raid, foray, invasion)
We Create Thingz.Comment
-
They are viewing cached pages.
Add no-cache headers to the index.php and private.php scripts and that's all.
They are not actually logged in as a different user (which is why they're still prompted to log in when they want to post et. al.)Comment
-
Thwap! That makes total sense - thanks...
Cheers.
ScottIncursus: (latin: clash, collision/attack, raid, foray, invasion)
We Create Thingz.Comment
-
Well, after looking at it, my forumhome template already has it in there.
Back to the drawing board.Code:<head> <!-- no cache headers --> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="no-cache"> <meta http-equiv="Expires" content="-1"> <meta http-equiv="Cache-Control" content="no-cache"> <!-- end no cache headers --> <title>$bbtitle</title> $headinclude </head>
Incursus: (latin: clash, collision/attack, raid, foray, invasion)
We Create Thingz.Comment
-
Those are no-cache headers for wusses
HTML no-cache headers don't affect proxy servers anymore. Put this
on line #3 (after error reporting) of index.phpPHP Code:header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . "GMT"); // always modified
header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Pragma: no-cache"); // HTTP/1.0
Last edited by bira; Sun 16 Dec '01, 3:30am.Comment
-
Very cool, Bira - thanks - will give it a go.
Cheers.
ScottIncursus: (latin: clash, collision/attack, raid, foray, invasion)
We Create Thingz.Comment
-
interesting solution bira.. anyone confirms that it worksOriginally posted by bira
Those are no-cache headers for wusses
HTML no-cache headers don't affect proxy servers anymore. Put this
on line #3 (after error reporting) of index.phpPHP Code:header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . "GMT"); // always modified
header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Pragma: no-cache"); // HTTP/1.0
:: Always Back Up Forum Database + Attachments BEFORE upgrading !
:: Nginx SPDY SSL - World Flags Demo [video results]
:: vBulletin hacked forums: Clean Up Guide for VPS/Dedicated hosting users [ vbulletin.com blog summary ]Comment
-
Seems to be working here - I haven't received any complaints.Incursus: (latin: clash, collision/attack, raid, foray, invasion)
We Create Thingz.Comment
-
Eva I have these lines in my index.php since almost a year now - and since I've done it, all complaints stopped
Comment
-
Originally posted by bira
Eva I have these lines in my index.php since almost a year now - and since I've done it, all complaints stopped
thanks
:: Always Back Up Forum Database + Attachments BEFORE upgrading !
:: Nginx SPDY SSL - World Flags Demo [video results]
:: vBulletin hacked forums: Clean Up Guide for VPS/Dedicated hosting users [ vbulletin.com blog summary ]Comment
-
I should clarify, though, that if you have no-cache headers turned ON in the Admin CP options, then this addition is redundent.
If I turn no-cache headers on, bandwidth and server load pops up the sky on my BB. So I preferred to turn it off, but added these headers to index.php to prevent what seemed to be a fairly common "mistake" of people seeing cached page with someone else's username.
I used to have this in private.php as well. I removed it cos it destroys the user's ability to go "back" when he makes a mistake (his message will be lost). And, I suppose it could be added to usercp.php as well. In any event, index.php has always been the problematic page for viewing cached pages. private.php and usercp.php are the only other two pages that could potentially cause the same effect.Comment
-
thanks for the note.. i have forced all members to use cookies and disabled sessions so i don't get the problem but maybe one day might get sessions back
:: Always Back Up Forum Database + Attachments BEFORE upgrading !
:: Nginx SPDY SSL - World Flags Demo [video results]
:: vBulletin hacked forums: Clean Up Guide for VPS/Dedicated hosting users [ vbulletin.com blog summary ]Comment
Comment