Quote:
|
Originally Posted by 26 Year Gap
We have a member page that allows access to contact info for other members in our group. Be aware, though, that sometimes there are cached pages that allow backdoor links into member-only areas. Haven't checked it with our site, but I have seen it with others.
|
The cache will
usually have the contents of the pages that were viewed on that machine....they'll only be accessible by someone logged in as that user or someone with administrative rights on that machine. There are ways to prevent the caching but that is only really necessary for certain types of pages (those with SSN's, DOB's, etc.) and usually those pages are only accessible by specific people, not the members in general.
Also, any well designed site will not have "links" that get someone into member-only areas. When someone clicks on a link into a member-only area, the site should be checking the validity of the session and rejecting the attempt if it is not by a currently logged in member.