> On 8/15/07, Tomas Kuliavas <tokul@xxxxxxxxxxxxxxxxxxxxx> wrote: >> > >> Dear all, >> > >> I use mail server under Debian with squirrelmail 1.4.9 but I have problem >> > >> with some users informations. >> > >> Most of the time, users calls me and say that their "personnal informations" has changed to another one. >> > >> How can I solve this problem ? >> > >> Regards, >> > >> ------------ >> > >> Kone Bakenon >> > > >> > > Do these users login to SquirrelMail on a computer that already has another user >> > > logged into a different SquirrelMail profile? Concurrent logins will >> cause >> > > mixing or >> > > corruption of preferences. >> > >> > Ok but, how can I avoid that ? >> > >> > > >> > > Short term: tell your users to logout the previous session before >> they >> > > login. >> > >> > I have already done it ! >> > >> > > Long-term, better solution: ideally, someone will modify >> SquirrelMail so >> > > that any >> > > login automatically logs out any existing session on the same >> computer. >> > >> > Can you help me to it ? >> >> Standard src/login.php automatically logs out any existing session. If custom >> login form is used, session information is not destroyed in >> src/redirect.php. >> SquirrelMail can't autologout users, because your users won't notice that older >> account logged out and continue using open browser windows. >> >> There are two ways to solve it. >> >> A) don't allow logging in, if active session is detected or ask for confirmation. > > It is important to note that asking for confirmation will not solve the issue if the user does not actually go close the other window at some point. > > It is perhaps more important to note that in some environments where public terminals are being used, that this tactic may alert someone that they can access a stranger's email. Although this issue exists even without SquirrelMail alerting the user to the fact, some > administrators may not like SquirrelMail making it so obvious - in fact, if logging in is disallowed, the user will be *forced* to go find the window with the stranger's email and click the signout link. > >> requires modifications in two scripts and solves some interface abuse problems. >> >> B) SquirrelMail can work without cookies >> >> requires modifications in many core scripts and plugins. > The problem is not only happen when users uses the same computer. > ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ -- > squirrelmail-users mailing list > Posting Guidelines: > http://www.squirrelmail.org/wiki/MailingListPostingGuidelines > List Address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx > List Archives: > http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995 List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users > ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ -- squirrelmail-users mailing list Posting Guidelines: http://www.squirrelmail.org/wiki/MailingListPostingGuidelines List Address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995 List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
