[geeklog-devel] Bug with anti-hacking functionality can cause users to be incorrectly booted out

Dirk Haun dirk at haun-online.de
Fri Mar 14 15:22:31 EDT 2008


Blank, Jessica wrote:

>I am assuming that this is not desired behaviour. I believe it should
>not be difficult to reproduce this bug.

When you call up users.php with out any parameters, that counts as a
failed login attempt (and the last time I looked at it, that did seem to
make sense). However, we should probably not be counting it if you are
already logged in at that point.

Hmm, or should we? Vinny?

bye, Dirk

 
-- 
http://www.haun-online.de/accu/




More information about the geeklog-devel mailing list