admin管理员组

文章数量:1130349

I need help regarding WordPress session management. Follow these steps::

Bug: Session management and break authentication.

Steps to reproduce:

  1. Log in to your account using browser 1.

  2. Now, login to the same account using browser 2.

  3. Change the password in browser 1.

  4. Refresh in the browser 2 nothing will happen account remains logged in.

If this bug is not present than account must log out automatically when the browser 2 is refreshed.

It is a medium severity bug. What will be the solution? Thanks

I need help regarding WordPress session management. Follow these steps::

Bug: Session management and break authentication.

Steps to reproduce:

  1. Log in to your account using browser 1.

  2. Now, login to the same account using browser 2.

  3. Change the password in browser 1.

  4. Refresh in the browser 2 nothing will happen account remains logged in.

If this bug is not present than account must log out automatically when the browser 2 is refreshed.

It is a medium severity bug. What will be the solution? Thanks

  • wp-admin
  • security
  • password
Share Improve this question edited Jan 10, 2019 at 8:54 bueltge 17.1k7 gold badges62 silver badges97 bronze badges asked Jan 10, 2019 at 6:17 JohnthanJohnthan 1 2
  • I don't think this is a bug, because you have authenticated before and WordPress stores an authentication cookie, to check if you're logged in. Changing your password doesn't force you out if you're logged in on another client. See: codex.wordpress/WordPress_Cookies – Remzi Cavdar Commented Jan 10, 2019 at 6:34
  • PS: I understand your point and it seems to be more like a feature request. You should report it here: core.trac.wordpress – Remzi Cavdar Commented Jan 10, 2019 at 6:38
Add a comment  | 

1 Answer 1

Reset to default 2

I have gone through the above case. I have checked when you change password you will have the option of logout every where else. So you need to check it. https://www.screencast/t/0tilp5u2

I will explain it the reason for the same. In this when you login into wordpress.The details are saved in the form of cookies into your browser in form of sessions. However on selecting above button you will be clearing all the session of the website.

If you do not do it there will be session on the system so you will not be logged out on another browser

I need help regarding WordPress session management. Follow these steps::

Bug: Session management and break authentication.

Steps to reproduce:

  1. Log in to your account using browser 1.

  2. Now, login to the same account using browser 2.

  3. Change the password in browser 1.

  4. Refresh in the browser 2 nothing will happen account remains logged in.

If this bug is not present than account must log out automatically when the browser 2 is refreshed.

It is a medium severity bug. What will be the solution? Thanks

I need help regarding WordPress session management. Follow these steps::

Bug: Session management and break authentication.

Steps to reproduce:

  1. Log in to your account using browser 1.

  2. Now, login to the same account using browser 2.

  3. Change the password in browser 1.

  4. Refresh in the browser 2 nothing will happen account remains logged in.

If this bug is not present than account must log out automatically when the browser 2 is refreshed.

It is a medium severity bug. What will be the solution? Thanks

  • wp-admin
  • security
  • password
Share Improve this question edited Jan 10, 2019 at 8:54 bueltge 17.1k7 gold badges62 silver badges97 bronze badges asked Jan 10, 2019 at 6:17 JohnthanJohnthan 1 2
  • I don't think this is a bug, because you have authenticated before and WordPress stores an authentication cookie, to check if you're logged in. Changing your password doesn't force you out if you're logged in on another client. See: codex.wordpress/WordPress_Cookies – Remzi Cavdar Commented Jan 10, 2019 at 6:34
  • PS: I understand your point and it seems to be more like a feature request. You should report it here: core.trac.wordpress – Remzi Cavdar Commented Jan 10, 2019 at 6:38
Add a comment  | 

1 Answer 1

Reset to default 2

I have gone through the above case. I have checked when you change password you will have the option of logout every where else. So you need to check it. https://www.screencast/t/0tilp5u2

I will explain it the reason for the same. In this when you login into wordpress.The details are saved in the form of cookies into your browser in form of sessions. However on selecting above button you will be clearing all the session of the website.

If you do not do it there will be session on the system so you will not be logged out on another browser

本文标签: wp adminNeed help for WordPress User Session Management

版权声明:本文标题:wp admin - Need help for WordPress User Session Management? 内容由热心网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:https://it.en369.cn/questions/1749026303a2305159.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。