our success? individual commitment to a group effort

• About Us
  • News
  • About osCommerce
  • osCommerce Philosophy
  • Open Source Definition
  • The osCommerce Team
  • Support The Project
  • In The Press
  • Supported Gateways
  • Trademark Policy
  • Copyright Policy
  • Webmaster (Impressum)
• Solutions
  • osCommerce
  • Downloads
• Community
  • Community Support
  • Contributions
  • Bug Reports
  • Roadmap
  • Interviews
  • Photo Galleries
• Showcases
  • Demonstration
  • Live Shops
  • Sponsors' Shops
• Partners
  • Corporate Sponsors
  • Community Sponsors
• Network
  • Support Site
  • Community Forums
  • Live Shops Directory
  • Knowledge Base
  • Development Server
  • osCommerce Blog
  • osCommerce Worldwide
  • German Support Site

Contributions

Security Fix for logoff.php

This has been bothering me for ages.

There is a glitch in the log off system of osc that allows a person to click the back button on a browser and reload the last expired page .. which could be something private like account details page or something. They can see a persons account info etc.

The default osc logoff.php just needs a small piece of code added to destroy and redirect / refresh the logout page once so that if the back button is clicked the logout page will stay locked in a loop and will not go back to any previous cached page history.

IN catalog/logoff.php near the top FIND:

require('includes/application_top.php');


JUST BELOW it ADD this code:

// BEGIN LOGOFF BACK BUTTON SECURITY FIX
// Do not let the customer use back button or refresh to go back after logoff
if (tep_session_is_registered('customer_id')) {
//$navigation->set_snapshot();
tep_session_destroy(); // disabled above line and changed to destroy so cannot hit back button and see potentially private info
tep_redirect(tep_href_link(FILENAME_LOGOFF, '', 'SSL')); // changed to FILENAME_LOGOFF instead of FILENAME_DEFAULT ... lock in loop
}
// END LOGOFF BACK BUTTON SECURITY FIX

Now if say someone leaves their browser open and someone else comes along and hits the back button to Snoop! ... no matter how many times they click it ... the Logoff Page just refreshes itself beacuse the session is permanently destroyed and the page is telling itself not to do anything but refresh or allow them to continue on somewhere else.

NOTE: No file attached

Expand All / Collapse All

Note: Contributions are used at own risk.

Trademark Policy | Copyright Policy | Sitemap

Copyright © 2000-2012 osCommerce. All rights reserved.
Webmaster: Harald Ponce de Leon (Impressum)

osCommerce is a registered trademark of Harald Ponce de Leon