Same application name would definitely give you problems. On Mon, 8 Jul 2002, S. Isaac Dealey wrote:
> > This is a scoping question. Somewhere on one of our servers there is a > > customer setting a variable password. I am not even sure which scope it > > is > > in, however if another customer does something with password and they do > > not > > specify the scope (i.e. Form) they get this other customers value. I > > think > > that is terribly abnormal but how could this be? My thoughts were the > > same > > application name perhaps. I am going to investigate further but I thought > > you all could provide some suggestions. > > How spaghettied is the code for this site? ... Could be that the password > for some ugly reason wound up getting stored in application or session scope > and then is being copied into the form scope on the other customer's page > .. If there are any unlocked session variables in the site, that could be > an inadvertent gateway for leakage from one person's session to another... > > Isaac Dealey -- ============================================================ Todd Rafferty ([EMAIL PROTECTED]) - http://www.web-rat.com/ | Team Macromedia Volunteer for ColdFusion | http://www.macromedia.com/support/forums/team_macromedia/ | http://www.flashCFM.com/ - webRat (Moderator) | http://www.ultrashock.com/ - webRat (Back-end Moderator) | ============================================================ ______________________________________________________________________ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
