URL Login seems unsecure...

[jinxy]

Hey,  Thanks for the great mod cas!!  I am working to tweak a couple things in order for it to work correctly on my site and i should be all set to enjoy it!

Here is whats happening.  I have the gallery all configured and working, users can login and whatnot. When the gallery link is clicked it displays a very long link in the browsers address bar.  Now this link can be coppied and then pasted into someone elses browser and they will be logged into the gallery under that user.

http://www.jinxyjinx.com/modules.php?op=modload&name=pnCPG&file=index&url=http://jinxyjinx.com/cpg143/index_pn.php?parm=Guest~1~0~0~0~~http://www.jinxyjinx.com/~english~~y~default~~y%26check=8c7575bff3137a682399b9b16cb7bc6d

It seems that all the login info is contained within the address bar.  I noticed on your site cas, all the info that is displayed in the brower address bar when the gallery is accessed is

http://www.casnuy.com/pn750/index.php?module=pnCPG&func=main

How can I change mine to act like yours does?

I am using post nuke .750 with pnCPG 3.0 and coppermine gallery v.143

(I have also posted this within the forums at casnuy.com but figured I would post it here as well so that a different audience might see my problem and may have an answer)

[jinxyjinx]

does anyone have any ideas???  Any help would greatly be appreciated!!

[casNuy]

I do not think it is a big risk but as of the latest version 3.1 this is fixed. There still is an issue with the blocks under 3.1 but that is nearly fixed.

cas