I’m not an php nor security expert…
but wouldn’t be better if your comment cookies are DELETED when you select “log out”?
There’s a link on the comment pages, that say “Logged in as… log out” but when you log out and go back to a page with a form (if comments open) your info is loaded back from your cookies, showing someone else your comment user and email (and probably pass if you know how to use the cookie info).
Is it too crazy?
If you forgot to check “don’t remember me” (if your template has it) you can be “forgotten”, logged out or both.
The wordpress cookies are cleared when you logout (per http://codex.wordpress.org/WordPress_Cookies ), but most browsers remember your ID and password these days, so you have to tell the browser to kill that on your own. It’s not a cookie thing, and since each browser is different, you can’t code it into WP.
Viewing 1 replies (of 1 total)
The topic ‘Log out that clears your comment cookies’ is closed to new replies.