There appears to be a problem concerning rights. I created a client and two projects and granted the client rights to one project. When I log in as this client, his project is listed on the right. So far, so good. However, when I click this link and change the ID in the URL, whoops, there's project number 2. Hehe. I was only testing now and I'm pretty impressed, so I'm probably going to use this for my freelance jobs, though I don't think it's such a good idea when one client can view all other projects of other clients. ;)

I was actually surprised that this wasn't brought up yet, am I the only one playing with URL's all the time? :P It's probably something you overlooked. Other than this I think it's pretty stable, though I hope you're planning to make upgrading a bit easier. :) Great job, this tool wil make communicating a lot more easier.

Oh, by the way, the only thing your great app lacks is AJAX. It would make the use even easier than it already is, especially since I find my self clicking a lot of links (and thus refreshing quite often). But don't rush it, take your time to develop a good and stable app.

I toyed with it and found the same issue. As a client, I changed the last part of the URL from

active_project=2
to
active_project=1

and had access to a project 1, where I was not a member. I could not download a PDF file or read messages from the link in the overview log, but I could view messages using the tab links.

Nice, thanks. I wasn't able to test it with cookies/sessions cleared (see first reply) since my servers have been down since yesterday morning (yeah, the DreamHost fileserver thingie).

Quite funny by the way, I noticed my (test) client could not post new messages or anything: those links were hidden. So you did not overlook it completely... ;)