Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Strange issue with login


plazman65

Recommended Posts

Last week I had a customer log into another account but they used their own paypal account to make a purchase. I emailed the customer that had "logged" into the others account but never heard back. We thought it was strange since she used her own paypal to make a purchase.

Well today the customer that had her account hacked or logged into went to the website and it said she was logged in but was actually already logged in as someone else entirely, she had access to a different customers orders. I am running a older version 2.2 rc2

Im not sure where to even look for a solution? Thanks for anyhelp you can provide :)

Link to comment
Share on other sites

Sounds like the site has been indexed with session ID's attached.

 

In your admin set:

 

Prevent Spider Sessions True

Recreate Session True

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

And update your spiders.txt file, link to contribution here

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...