plazman65 Posted June 6, 2012 Share Posted June 6, 2012 Last week I had a customer log into another account but they used their own paypal account to make a purchase. I emailed the customer that had "logged" into the others account but never heard back. We thought it was strange since she used her own paypal to make a purchase. Well today the customer that had her account hacked or logged into went to the website and it said she was logged in but was actually already logged in as someone else entirely, she had access to a different customers orders. I am running a older version 2.2 rc2 Im not sure where to even look for a solution? Thanks for anyhelp you can provide :) Link to comment Share on other sites More sharing options...
germ Posted June 6, 2012 Share Posted June 6, 2012 Sounds like the site has been indexed with session ID's attached. In your admin set: Prevent Spider Sessions True Recreate Session True If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
germ Posted June 6, 2012 Share Posted June 6, 2012 And update your spiders.txt file, link to contribution here If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
plazman65 Posted June 7, 2012 Author Share Posted June 7, 2012 Thank you so much for the reply! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.