Process flow bug assumption

[rainworm]

I'll try to write down how I got to this bug (I can't always reproduce it, so I can't quite pin point it).

1. logout of system (if logged in),
2. clear my cookies and sessions,
3. go to main.php and click to Sign-up link,
4. at register.php enter some data (enter wrong ones - too short username or something like that - you wan't to get an error! (it is possible that itworks with valid data too)),
5. click link to main page,
6. enter valid username and password,
7. logout,

Instead of system returning you to main page, it displays register.php and message that you are already registered. My guess is that error happend inside process.php and has something to do with session that wasn't destroyed in register.php.

greetings, rainworm

[sxweet]

I have something similar, But it happens with other pages too. Well anything that uses the process.php file. I'm thinking it has something to do with the referrer function in the session class. But don't have any solution for it so far, you can try changing the following,

header("Location: ".$session->referrer); header("Location: "main.php);

But that way the session referrer function is kinda useless. I hope to find the problem.

regards,