Hello, I'm in the middle of this because I do not know what to do with this problem that's haunting me for days! Yesterday practically from nowhere (seriously, from nothing at all) started this problem, where the user logs into their user normally and gives an "F5" on the page, it would be in the account of another random user. At first I still have this theory, I think it's a kind of "Cache", but I do not have any caches activated in my site, nor in "Sucuri" (Firewall which I use) and not even in my CMS has any Cache structure .
So this problem is making me crazy already, because I do not know what can be and much less the source. I leave you the "Log in" code for you to see that I (at least I think) am doing nothing incorrectly.
AuthController.php -
public function login()
{
global $twig, $params, $language;
try {
$user = Model\User::select()
->where('username', QB::EQ, $_POST['login_username'])
->whereOr('email', QB::EQ, $_POST['login_username'])->find();
if($user->login($_POST['login_password'])) {
if($user->isBanned()) {
radCMS\App::Message('error', $language['home']['notifications']['banned'], [
'{username}' => $user->getUsername(),
'{reason}' => $user->getBan()->getReason(),
'{expires}' => date('d-m-Y \à\s H:i:s', $user->getBan()->getExpire())
]);
return radCMS\App::Redirect('home');
}
else {
$_SESSION['id'] = $user->id();
$user->setLast_ip(OctaCMS\App::GetIP());
$user->setLast_online(time());
radCMS\App::Redirect('me');
radCMS\App::Message('success', $language['notifications']['logged_in']);
}
}
else
{
radCMS\App::Message('error', $language['home']['notifications']['login_incorrect']);
Model\Input::saveFields($_POST);
radCMS\App::Redirect('home');
}
} catch (\RangeException $ex) {
radCMS\App::Message('error', $language['home']['notifications']['login_incorrect']);
radCMS\App::Redirect('home');
Being that I work with MVC, I have this in my index.php
index.php -
if(!session_start())
session_start();
And another file I have a small function which only checks if the user is logged in
App.php -
public static function isLoggedIn()
{
return isset($_SESSION['id']);
}
So, guys, I'd appreciate some help with this.