I'm with you, Xavi, its probably just buggy.
Something to do with posters being signed in and on the same thread, perhaps the forum is accidentally swapping IDs when people are logged in and viewing and/or posting on the same thread.
Lemme see what Chat says...
Query:
On a forum, there is some weirdness going on where for example poster A will make a post but it will show that it was made by poster B. It's not a hacking incident or anything like that. What explanation are you able to provide for this? See screenshot of forum code to discern platform, etc.
Response:
Most common non-hacking explanations
1) SQL “JOIN” bug or wrong variable used in the template (most likely)
Typical mistakes:
- Joining on the wrong field (e.g., joining
users to threads.lastposter instead of posts.user_id) - Using the wrong variable in the post loop (e.g., printing
$thread['username'] for every post instead of $post['username']) - Using
SELECT posts.*, users.* and then reading an associative array where duplicate column names (like id, username) overwrite each other. This can make the “author” fields drift and look random.
Fix: alias columns in SQL (users.username AS author_username) and print the aliased fields.
2) Caching mixing users/posts
If the forum (or a reverse proxy like Nginx fastcgi_cache / Varnish / Cloudflare “cache everything”) is caching HTML fragments, you can get mismatched “author blocks”.
This is especially likely if the “post header/user panel” is included via a cached PHP include.
Quick test: hard-refresh (Ctrl+F5), or temporarily disable any page cache.
Fix: don’t cache pages/fragments that include dynamic per-request data; ensure cache keys include the right params; send appropriate Cache-Control.
3) Session collisions (can mis-attribute new posts)
If posts are actually being saved under the wrong account, a classic cause is broken session handling:
- sessions keyed by IP (bad idea) so two users behind the same NAT can collide
- misconfigured custom session store
- proxies causing users to “share” session identifiers in edge cases
Quick test: have two users on the same Wi-Fi post alternately and see if it correlates.
Fix: standard cookie-based session IDs only; don’t key session by IP; regenerate IDs properly.
4) “Last poster” / thread metadata being shown as author
Some forum scripts store thread.lastposter_name and accidentally display that in the post template. Then multiple posts can appear authored by whoever posted last.
Quick test: does the “wrong author” often equal the last person who replied? If yes, it’s this.