Response Time
24 — 48 hours
Hi Stackideas.
We have been dealing with a scary bug lately that causes users to post as other users.
We get this error in our logs quite often and I suspect it might be related:
PHP Notice: A session had already been started - ignoring session_start() in /var/www/administrator/components/com_easysocial/includes/oauth/clients/facebook/facebook.php on line 61
Also, a non-logged in user was suddenly logged into an account he doesn't own, that account has a row in the xx_session table, with an empty session id
The facebook oauth plugin is disabled in the easysocial applications backend, I tried deleting it and got this:
"Sorry, but you are not allowed to delete a core application"
We have been dealing with a scary bug lately that causes users to post as other users.
We get this error in our logs quite often and I suspect it might be related:
PHP Notice: A session had already been started - ignoring session_start() in /var/www/administrator/components/com_easysocial/includes/oauth/clients/facebook/facebook.php on line 61
Also, a non-logged in user was suddenly logged into an account he doesn't own, that account has a row in the xx_session table, with an empty session id
The facebook oauth plugin is disabled in the easysocial applications backend, I tried deleting it and got this:
"Sorry, but you are not allowed to delete a core application"
5 Replies
The replies under this section are restricted to logged in users or users with an active subscription with us
