eZ Community » Forums » Setup & design » Double User Login Across Different...
expandshrink

Double User Login Across Different Machines

Double User Login Across Different Machines

Thursday 05 July 2012 11:47:17 pm - 3 replies

The Problem:
User A Logs in and is on the homepage on computer A...
in the header it says the user's name, "User A"

User B Logs in and is on the homepage on computer B...
in the header it says the user's name, "User B

User A refreshes the homepage on computer A...
in the header the user's name has changed to "User B"!
and he has the abilities that User B has.

User A has apparently been somehow logged in as User B!
Even though they're on different computers!

User A can now navigate the entire site as User B despite their never having logged in as that user.

 

Note:
Turning off View Cache stops the issue, but load times suffer severely.

 

Specs:
I'm using EzPublish 4.6.0 Beta

I'm running it on WAMP with Apache 2.2.21 and PHP 5.3.4

What can I do so that the view cache is on but user's sessions aren't carried over to other user's computers!?

Modified on Thursday 05 July 2012 11:49:50 pm by Edgar Muentes

Thursday 05 July 2012 11:50:50 pm

I'll probably, very soon, be upgrading to EZP 4.7.0 with Apache 2.2.22 and PHP 5.4.12 the latest WAMP package.

I still need to know what the cause of the issue above is, in case EZP 4.7 has not solved the issue!

Friday 06 July 2012 10:57:59 am

The cacheing is unaware of user-level caching by default.

 

What we do is set a cache block witha  ttl of zero for the content that we don't want to cache (such as some menu items, etc). Then we use a key to set the specifics to make conditional caching (actually, multiple cache files. you can skip the ttl=0 and still get cache blocks unique to users

Here is an example to get you started:

<span class="line">{cache-block keys=array( $uri_string, $current_user.contentobject_id )}</span><span class="line">...</span><span class="line">{/cache-block}</span>

This example essentially creates this block separately for every user.  It is example 4 from:

http://doc.ez.no/eZ-Publish/Technical-manual/3.8/Reference/Template-functions/Miscellaneous/cache-block

 

Please keep in mind that if you have included templates inside of other templates and start muddling with cache blocks, then you could have a situation where block B is inside of block A and even though you have conditional caching for block B, if block A is not conditional, then the end result is that block B is just a single cache block as well (only cached the time that block A was cached.

Tuesday 10 July 2012 1:14:39 am

To get you started: view templates and pagelayout templates are different beasts.

The view cache applies to view templates. It is calculated taking into account view parameters and permissions of current user. If another user from the same groups logs in, he will see view cache possibly generated earlier by anther user.

That's why you never display username in a view-template, but only in pagelayout template (and the templates included from it)

expandshrink

You must be logged in to post messages in this topic!

36 542 Users on board!

Forums menu

Proudly Developed with from