[SOLVED] PHPR 10.6 Fixed Username Password Bug

This topic is locked

[SOLVED] PHPR 10.6 Fixed Username Password Bug	8/18/2021 3:23:32 PM
PHPRunner General questions
S Sun author If you use Hardcoded - Fixed Username Password in PHPR v10.6, it will just make you login, without entering anything in the username and password field

Mark as Solved Mark as not solved

4 replies


S	Sun author 8/21/2021
	Even built 37666 also has the same security issue


	HJB 8/23/2021
	Wrong info from your end. It is fact that the login credentials are called upon first opening of the web application (under a fresh start of the browser). As long as the browser window is open after you suceeded to login, PHPRunner keeps that very session alive. If you close the browser, the session ends, thus upon a new login later on, the web application is asking for the login credentials again. Under "security" section within PHPRunner you can find options for the session control, so, if you under a hardcoded (= one user) think it to be very important that you need to pass loging credentials, think about let us say a 5 minutes time of inactivity to be the limit for a session for any user to be set to then end the session inside the browser.


S	Sun author 8/23/2021
	You can visualize it here, you should have tried to reproduce the same before your long reply.... click to view


S	Sun author 8/27/2021
	Rectified in build 37732.

4 replies

Mark as Solved Reply