Security Issue

This topic is locked

Security Issue	3/7/2012 7:02:47 PM
PHPRunner General questions
P plehmann author Hi all, I have the following issue. A user login to an application. The access is organized via "username and password from database" It works fine. Then, the user clicks on an url to another application, where the access is also organized via "username and password from database". And ... The user gets access to that application even it the "username and password from database" refers to a different database user table. Very cool! Any help? best regards Peter

Mark as Solved Mark as not solved

2 replies


C	cgphp 3/7/2012
	Could you reformulate your question?


	Sergey Kornilov admin 3/8/2012
	I guess I understand what your question is about. By default PHP sessions are shared between all applications on the web server. If you have two PHPRunner applications located on the same web server users logged in to the first application will be able to access second one without logging in. To prevent this from happening put each application to it's own subdomain i.e. http://app1.example.com, http://app2.example.com etc.

2 replies

Mark as Solved Reply