Author Topic: Sessionid if posting a link to gallery (Read 6458 times)

martrix · « **on:** April 01, 2005, 10:02:27 AM »

For your own security:
if you post links to your gallery, do not include the "sessionid=asdfadfagagagfadfasd" string in there.
Because if someone uses that link as long as the session is still "active" on the server, the visitor (following that link) gets "logged-in" as YOU!
If it was a session, in which you were logged-in as admin, then you could get in real trouble.

2 Jan, V@no and Co.:

Shouldn't this be included in the MUST READ guidelines?
Just think, that it could cause big problems, if somebody missuses that...

have fun

RoadDogg · « **Reply #1 on:** April 01, 2005, 10:40:13 AM »

translation / Übersetzungen

Achtet beim Erstellen von Beiträgen, dass Links zu eurer Galerie keine SessionID mit sich führen. Zu erkennen an dem sessionid=acdfsdsfdgdrtddfdf (am Ende des Links).
Sollte jemand diesem Link benutzen, so lange die SessionID noch aktiv ist (und ihr eingeloggt ward), ist derjenige mit eurem Account eingeloggt (idR dann als Admin).

martrix · « **Reply #2 on:** April 03, 2005, 01:34:13 PM »

Danke RoadDogg... konnte das ja auch gleich inkl. der deutschen Sprache posten

TheOracle · « **Reply #3 on:** August 30, 2005, 04:02:05 PM »

This has been corrected in the bug fixes section of the forum recently.

4images Forum & Community

News:

Author Topic: Sessionid if posting a link to gallery (Read 6458 times)

martrix

Sessionid if posting a link to gallery

RoadDogg

Re: Sessionid if posting a link to gallery

martrix

Re: Sessionid if posting a link to gallery

TheOracle

Re: Sessionid if posting a link to gallery