I was just working on a website and made a new group and a new user for a website. The website is like this:
As you can see i'm using 4 dirs with the language as name. And in those folders are installed the WB 2.7 versions. So i have installed 4x WB on 1 server with 1 database but WITH PREFIX!!
Why i have done the 4 dirs is because of language and as the sites are really big with over 100 pages i decided to use seperate installations. Now i changed the session to all the same so people could switch if logged in with same user/pass. But what now happens:
I made a user on the NL page like "beheerder". On the other 3 installations i havent made anything yet only the session name to be all the same. If i now use a hyperlink from the NL admin like http://www.website.com/UK/admin
i'm suddenly Logged in WHILE THAT USER DOES NOT EXCIST ON THE UK INSTALLATION!
How is this possible, does WB not check if that user even excists if it is using the same sessionname?
If this is correct it COULD be (change is like 1 on 1.000.000) that i have a site with Admin as login name and i check out an other url with the same session name (even it takes a random number) and that installation has also an Admin as login that i suddenly are logged in on that installation?
Is this a bug or am i getting paranoid because of the sleep i did not get the last 5 days?