What’s the reason for the logouthash usage?

**Andy** · Sun 3 Oct '10, 8:43am

I doubt it has any purpose and should be removed. Can you enter it as a bug in the tracker system?

**Ace** · Sun 3 Oct '10, 8:47am

Originally posted by Andy

I doubt it has any purpose and should be removed. Can you enter it as a bug in the tracker system?

Aside from maybe some clown linking them to 'domain.com/forums/login.php?do=logout' and NOT having it force them to logout?

**Ivalde** · Sun 3 Oct '10, 12:15pm

The logouthash usage seems just stupid, just as stupid as edit the original SQL database triggers when not trusted.

What should be included inside the logout process is the userid usage only, not such a strange logouthash.

**Andy** · Sun 3 Oct '10, 3:40pm

Originally posted by Ace

Aside from maybe some clown linking them to 'domain.com/forums/login.php?do=logout' and NOT having it force them to logout?

Thank you Ace. Looks like that is the purpose of the long hash.

**compwhizii** · Sun 3 Oct '10, 4:43pm

It's not useless. If it didn't exist, right now I could do this

See that? When you viewed this page now you would be logged out.

**Zachery** · Sun 3 Oct '10, 5:11pm

Its to prevent malcious logouts from third party scripts.

**Ivalde** · Sun 3 Oct '10, 11:26pm

OK, many thanks for the explanations.

I see the reason for the logouthash to be included. However, I would like to see the logout mechanism handle all the user specific settings in the background scripting thus not included in the logout URL visible to the user. Hope to see such a logout process in next versions.

vBulletin 4 End of Life

What’s the reason for the logouthash usage?

[Forum] What’s the reason for the logouthash usage?

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Related Topics