Cannot reproduce Login/Logout Continuity

[PGU]

Issue: If you have two tabs open (say 1 in the admincp and one on the forumhome) and log out of one (say the forum home), you are still able to perform admin functions in the other tab. once an action is done, it logs the user back in without password prompt.

This means that if you log out in one tab, someone can still sit down do any action on the forum and then continue to act as the [formerly] logged in user.


Steps to reproduce:
login to the admin cp
open a new tab in the same browser
open the forum home (you should now be logged in with the same user name you are in the admin cp)
log out of the forum home (by clicking log out)
go to admin cp tab
make any change and submit it (i changed stuff under basic board information)
go back to the forum home tab
hit refresh
you should now be logged back in

 

[PGU]

anyone else able to reproduce this?

 

[Jake Bunce]

I have experienced behavior where the Admin CP login is decoupled from the front end login such that I can be logged in as two different users on the front and back end. (in the same browser)

 

[Mike]

It is theoretically possible to be logged in in the ACP and the front end as different users. This is more or less intentional, though it is a challenge to trigger now I believe.

As for this issue, I can't reproduce this. Looking at the code, the session for the ACP will be removed, which will log you out. (If you are logged in as different users in the front-end and ACP, then you will still be logged in the ACP.)

 

[swatme]

my other issue is.

i login in frontend
then i login in admincp

after few minutes, when i go back to frontend, its already logout.
but the admincp is still loggedin.

this happens in few times in a day...

any idea what causes it?