When I first tried to post this post, a crazy thing happened:
The Website decided I was that thread's OP, Darkholme. Seriously: at the bottom of the post screen, where it said "post as" it read Darkholme and his alias, and at the top navigation bar, it read, "Welcome "Name of Person on Darkholme's Paizo Account"!" with definitely not my own name.
I reloaded the page and everything righted itself, and I was me again--but that was a little freaky. I don't know what would have happened if I hit "submit" while it was still listing me as the other person but... best fix that bug before someone figures out how to exploit it. Thanks very much.
|
Trouble!
Word and the same happened to me a few days ago.
A friend sent me a link and I was logged in as him on my computer!
I believe, but did not attempt, that I could have posted as him (but couldn't decide if he would use the word 'poo' or 'poop' when describing his actions OOC) and instead signed off.
When I logged back in, I was myself again.
I do believe it is possible to get logged on as another user via sharing of a full/web-objected link.
-Pain
Chief Technical Officer
|
We'll look into it, and make any necessary changes.
(I'm confident that the worst case here only involves posting; if you attempted to access any private data, you'd be prompted for a password. Also, the actual window during which such a URL might be usable even to make a post is short.)
Thanks, Mr. Wertz.
Painlord, that's exactly it--I clicked on a link he had made (to one of my posts, oddly enough)--and that's when it happened.