Jump to content


Hosting Developers Payment Shipping Accounting Templates Marketing Books

Our Partners


Latest News: (loading..)

- - - - -

Strange issue with login

Started by plazman65, Jun 06 2012 11:05 PM

This topic has been archived. This means that you cannot reply to this topic.
3 replies to this topic

#1   plazman65

plazman65
  • Members
  • 31 posts

Posted 06 June 2012 - 11:05 PM

Last week I had a customer log into another account but they used their own paypal account to make a purchase. I emailed the customer that had "logged" into the others account but never heard back. We thought it was strange since she used her own paypal to make a purchase.
Well today the customer that had her account hacked or logged into went to the website and it said she was logged in but was actually already logged in as someone else entirely, she had access to a different customers orders. I am running a older version 2.2 rc2
Im not sure where to even look for a solution? Thanks for anyhelp you can provide :)

#2   germ

germ
  • Members
  • 13,921 posts

Posted 06 June 2012 - 11:28 PM

Sounds like the site has been indexed with session ID's attached.

In your admin set:

Prevent Spider Sessions True
Recreate Session True
If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."
- Me -

"Headers already sent" - The definitive help

"Cannot redeclare ..." - How to find/fix it

SSL Implementation Help

Like this post? "Like" it again over there >

#3   germ

germ
  • Members
  • 13,921 posts

Posted 06 June 2012 - 11:42 PM

And update your spiders.txt file, link to contribution here
If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."
- Me -

"Headers already sent" - The definitive help

"Cannot redeclare ..." - How to find/fix it

SSL Implementation Help

Like this post? "Like" it again over there >

#4   plazman65

plazman65
  • Members
  • 31 posts

Posted 07 June 2012 - 04:54 AM

Thank you so much for the reply!
Back to Security


  1. osCommerce Support Forum
  2. osCommerce Online Merchant v2.x
  3. Security
  4. Privacy Policy
  5. Forum Rules ·