Forum

> > Unreal Software > Multiple cookies on different IPS
Forums overviewUnreal Software overviewLog in to reply

English Multiple cookies on different IPS

4 replies
To the start Previous 1 Next To the start

old Multiple cookies on different IPS

Apache uwu
User Off Offline

Quote
I usually go on us on my cellphone, computer, @school and basically everywhere there is internet. I've noticed that the cookies are saved and they still work after like 2 days on inactivity.

I forget to click log out sometimes, when I go home I click logout there but I'm still signed in from that remote computer.

Is it possible to just remove all logins when I click logout?

Example for concept:

1
DELETE FROM logins WHERE username="Textual Context";

Or something, I'm curious to know what the expire time is.

old Re: Multiple cookies on different IPS

DC
Admin Off Offline

Quote
Quote
Is it possible to just remove all logins when I click logout?

no, that's technically absolutely impossible.
cookies are always saved clientside and not on the server.
so there is no possibility for Unreal Software to remove them remotely. cookies are not saved in SQL databases as your code implies.

you have to have direct access to the PC were the cookie is saved to remove it. simple way: go to the PC and log out.

the expiration time is 90 days and it is auto refreshed whenever you visit the page.


hint for users of public PCs:

• uncheck the "Save: Stay logged in (Cookie)" checkbox when logging in. Unreal Software will not even save your login in a cookie that way. closing the browser is then sufficient to log out safely.

• or always make sure to click logout before leaving the PC.

old Re: Multiple cookies on different IPS

Apache uwu
User Off Offline

Quote
I know cookies are not saved (edit: server-sided). But of course the server must keep track of all the session ids.

Those session ids saved in sql must also link back to my username. Should it not be possible to reverse the logic and delete all instances of my username on logout?
edited 1×, last 14.09.11 01:28:31 am

old Re: Multiple cookies on different IPS

DC
Admin Off Offline

Quote
cookies ARE saved. on the clients.

yes the server keeps track of session IDs obviously. but we are talking about login cookies here. these cookies just save the user name and password to log you in automatically when you visit the website. they are not related with the session at all (besides the fact that they start a new session because they log you in automatically). they do not contain the session ID or anything like that.

and as I already said: I can't delete these cookies remotely. simple fact. so they will continue to log you (or others) in until they are removed. locally.

of course I could kill all sessions of you when you log out. but this will not kill the login cookies on all PCs that ever logged in and saved a login cookie for your account. there is only one scenario when this would work: if the other PCs are logged in at the same time (having the browser opened and surfing on unrealsoftware.de with YOUR account while you click logout). in this case I could send them a signal to remove their login cookie as well. but chances are quite low that this is the case.
edited 2×, last 14.09.11 01:32:33 am
To the start Previous 1 Next To the start
Log in to replyUnreal Software overviewForums overview