TOWebstress Posted January 25, 2007 Posted January 25, 2007 I've recently installed a SMF forum on my site. It's the current version, as installed by Fantastico through the TCH cPanel. It's been working ok until yesterday when one user was inadvertently posting using another poster's ID. The IP addresses linked back to the right person but the name on the post did not. These two posters are not posting from the same computer, and neither of them know how it happened either. Any ideas? Quote
abinidi Posted January 25, 2007 Posted January 25, 2007 This might be a good question for the SMF forums. They have a broader user base and you might find somebody there who has encountered this problem. They will probably be better equipped to troubleshoot this type of problem as well. Good luck! http://www.simplemachines.org/community/index.php Quote
TCH-Bruce Posted January 25, 2007 Posted January 25, 2007 I agree with Paul that the SMF forum may be a better place to ask but I have some questions. How did the user login under someone else's ID? Why do they know the other person's password? Allowing people to masquarade as someone else on any forum is not a good idea. Second, I'm not sure I understand if there is a problem. For the post in question who's IP number was recorded? The actual user that made the post? That is how I would expect it to work. And for the name attached to the post it should have been the name they were logged in as, whether or not that name is associated to a particular IP address is immaterial. I access this board from two different IP addresses and both are recorded as I post with the name I am logged in under as it should be. Quote
TOWebstress Posted January 25, 2007 Author Posted January 25, 2007 I tried the SMF forum, but got no answers. This forum is so helpful, I thought I'd take a shot at someone here having experience with it. How did the user login under someone else's ID? Why do they know the other person's password? Allowing people to masquarade as someone else on any forum is not a good idea. The user didn't log in under someone else's ID. That's the problem. He didn't know the other user's login information. There was nothing on his end that would indicate that he would (or even COULD) post under the other user's name. He was just as surprised as anyone that when it posted, that it was under another user's name. The actual user's IP address was recorded in the errant posts. Thank you for any insight you have! Quote
TCH-Bruce Posted January 25, 2007 Posted January 25, 2007 It sounds like you may have some database corruption. I would rebuild the database. Quote
carbonize Posted January 29, 2007 Posted January 29, 2007 Or possibly the first user sent the second user a link with their sessionid in it. Bad coding if that is what happened and highly unlikely with SMF. Quote
Samrc Posted January 29, 2007 Posted January 29, 2007 How close are the usernames/passwords? Are you allowing the lowest grade password (4 digit) instead of boosting it up a notch? Within SMF, you can do a repair on the databases. I would try that. Maybe your indexes have gotten out of sync. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.