It seems that every weekend this website experiences new major glitches.


Last week the website repeatedly reset the backup status of the Oracle database ebaumsworld uses to the previous Friday morning's status, allowing users to repeatedly order from the erep prize store as their points continuously returned to them. It also caused messages that had been deleted to appear undeleted for a moment.


This week (and I noticed this on Wednesday as well) the login seems to log you in, but the PHPSESSIONID is not saved on the server, which means you're logged out at the same time you're logged in.

If this website is being attacked, it means someone is spamming the website with the PHPSESSID of every user in order to cause the login_IP to change to theirs (this is how they would normally hijack an account), but I had the previous administrators block this bug by adding an automatic logout function if the IP of a user changes for the same login, thus, now if a user tries to use another user's PHPSESSID, it will automatically log both users out.

That would completely explain why were are getting randomly logged out- because someone is getting our PHPSESSID right in their attempts!

Another possibility is that ebaumsworld now has a spam function that if you do too much too fast (or even in multiple windows), it will automatically log you out. I haven't tested this theory, but give it a try yourself.

Now, if this website in fact was being updated however, backed up, or was going through some last minute changes and tests from the administrators, not only would it make sense, it would be welcomed. However, without any notice to us, the users, of said updates, that leaves me to believe that the server is under attack every weekend because no one works here on the weekends. Admins, as you've spoken to me that you would like to take this website in a better direction, I must make a point that transparency is also a part of that new direction.


Let us know what's going on so we will be sure not only to stay here and contribute, but to fight for it as well.



Uploaded 03/01/2009
