[geeklog-devel] Bug with anti-hacking functionality can cause users to be incorrectly booted out

[Dirk Haun]

Blank, Jessica wrote:

>I am assuming that this is not desired behaviour. I believe it should
>not be difficult to reproduce this bug.

When you call up users.php with out any parameters, that counts as a
failed login attempt (and the last time I looked at it, that did seem to
make sense). However, we should probably not be counting it if you are
already logged in at that point.

Hmm, or should we? Vinny?

bye, Dirk

 
-- 
http://www.haun-online.de/accu/