From: <ha...@us...> - 2007-11-27 10:22:11
|
Revision: 93 http://jgbbs.svn.sourceforge.net/jgbbs/?rev=93&view=rev Author: hanru Date: 2007-11-27 02:22:06 -0800 (Tue, 27 Nov 2007) Log Message: ----------- After log out, the cookie "pwd" should be deleted too. Also note that our treatment of "pwd" cookie is not secure: we simply put the MD5 hash of password field in it, this issue should be fixed one day. Modified Paths: -------------- jgbbs3/trunk/logout.asp Modified: jgbbs3/trunk/logout.asp =================================================================== --- jgbbs3/trunk/logout.asp 2007-09-23 07:40:58 UTC (rev 92) +++ jgbbs3/trunk/logout.asp 2007-11-27 10:22:06 UTC (rev 93) @@ -34,6 +34,8 @@ Session.Contents.Remove(unique & "gid") Response.Cookies("uname").Path = unique Response.Cookies("uname") = "" +Response.Cookies("pwd").Path = unique +Response.Cookies("pwd") = "" Call DoMessage(langMsgLogoutSuccess, "./default.asp") This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |