We have a Windows 2003 web Edition server running IIS 6. On the webserver we are running an application using classic ASP using JScript as the scripting language and MySQL 4.1 as the backend DB.
The user logs in and their userid is saved to a session variable. With that variable they can access/change various information within their profile.
However, what appears to be happening is that somehow, their userid within the session changes and they get other users data. Am completely stumpted as to how this can be happening. It appears to happen completely randomly, or at least I have failed to see a pattern yet. At no point is the session programatically changed by us. Have taken our router out of the equasion for now just in case it is a hardware/routing issue.
Would appreciate some advice,
Regards
Nell1
The user logs in and their userid is saved to a session variable. With that variable they can access/change various information within their profile.
However, what appears to be happening is that somehow, their userid within the session changes and they get other users data. Am completely stumpted as to how this can be happening. It appears to happen completely randomly, or at least I have failed to see a pattern yet. At no point is the session programatically changed by us. Have taken our router out of the equasion for now just in case it is a hardware/routing issue.
Would appreciate some advice,
Regards
Nell1