Password security issue with multiple ccount scripts

[realitybytes]

Version of script:1.2

Write your message below:

Hi great script. I have found a password security issue when running multiple copies of ccount on a server.

Example ccount is setup with the following folders each having different passwords.

/ccount
/ccount1
/ccount2

Logging in to the first setup then pointing your browser directly to the other locations does not request new login credentials it loads straight in allowing full access to the links.

[Klemen]

CCount was never mean to have multiple installs on the same domain, if you are counting many links or clicks you will be better off finding a MySQL back-end script as text databases aren't powerful or secure enough.

That said, if you still want to use different copies under the same domain you can change value for $_SESSION['logged'] from Y to something unique in each different index.php (for example change it to "DFAFJ348"). It needs to be changed 3 times throughout index.php file.

[puniksem]

Version of script:1.2

Write your message below:

Hi great script. I have found a password security issue when running multiple copies of ccount on a server.

Example ccount is setup with the following folders each having different passwords.

/ccount
/ccount1
/ccount2

Logging in to the first setup then pointing your browser directly to the other locations does not request new login credentials it loads straight in allowing full access to the links.

Adjusting each script code to direct each ccount script to a seperate uniquely named config file. as the browser is only including one config file for all ccount scripts. worked for me.