2.8c/vb3: Unreged users adding products and reviews

7thgencivic.com · July 20th, 2004, 05:28 AM

http://www.7thgencivic.com/parts_rev...hp?product=242

I don't know if you can see that, so let me know. And yes, that usergroup has all NO's in the permissions

permalink · July 20th, 2004, 08:43 AM

Look in the database, is there a userid for that product?

Michael P · July 20th, 2004, 08:46 AM

http://www.photopost.com/members/for...=107349&page=3

Might be similiar to this problem where people who login to vB block cookies and use sessions.

7thgencivic.com · July 20th, 2004, 08:55 AM

the userid is showing as 0.

So that code that omega entered, is that the fix?

Michael P · July 20th, 2004, 09:03 AM

It's a work in progress.

Chuck S · July 20th, 2004, 01:35 PM

As Michael said work in progress.

I posted the above code in that thread for Bryan Ex as he and I have been working on tracking this down for a while. Photopost does not use sessions. We use Cookies. I was finally able to on an install that I did for a new customer able to duplicate the problem since cookies were not setting for this site. I found that VB reads the user as logged in from the session cookie and the session cookie caused a half logged in situation. I was able to do a mini test on that install using the code above. We may go about killing or blocking the session in a whole different way we shall see. This is in the very early stages.