jampjamp Posted September 20, 2017 Share Posted September 20, 2017 Sometimes when I register a new account or when I put all information to buy a product without an account (PWA BS module), there are some wrong orders in account history. It's serious issue, because it means that one client can see some orders of another clients, with all personal data. Also, I have loyalty discount module, so it counts those orders. I can't fully reproduce this problem, because it happens only sometimes, so it's hard to find a source of problem. Only one thing which I am almost sure is, it gets only orders done by clients without an account, but sometimes it's one order, sometimes few orders, usually none. Do you have any idea why does it happen? Link to comment Share on other sites More sharing options...
jampjamp Posted September 21, 2017 Author Share Posted September 21, 2017 @raiwa maybe you got any (any) ideas what's the reason? I've done many tests yesterday and it didn't happen even once. But sometimes it is. I'm putting all data to register an account (or to buy without account), then it's being registered and in the box "Order history" and in account_history.php it shows some wrong orders, made by another clients. Link to comment Share on other sites More sharing options...
♥raiwa Posted September 21, 2017 Share Posted September 21, 2017 Hello Mick @jampjamp, I never got something similar reported with PWA BS. Can you give some more information, which loyalty discount module are you using. When did you add it and did the problem happen before you added loyalty discount module or changed something else. What are the exact characteristics of the orders where this problem appears. It must be that the orders are stored with the wrong customer ID or listed with the wrong customer ID. Very difficult to find out without having a llook in your database and files. About Me: http://www.oscommerce.com/forums/user/249059-raiwa/ Need help? How To Get The Help You Need Is your version of osC up to date? You'll find the latest osC community version CE Phoenix here. Public Phoenix Change Log Cheat Set on Google Sheets Link to comment Share on other sites More sharing options...
tgely Posted September 21, 2017 Share Posted September 21, 2017 @jampjamp Recreate session is true in session configuration? osCommerce based shop owner with minimal design and focused on background works. When the less is more.Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store. Link to comment Share on other sites More sharing options...
burt Posted September 22, 2017 Share Posted September 22, 2017 You need to take your shop down until you can get to the bottom of this. Exposing a clients data to another client...that's incredibly serious and if one of them takes it forward, you could easily end up with no business at all. Suggestion; get a developer on it asap. Suspect; the problem is somewhere in the guest account system (why anyone has this is just beyond me). Link to comment Share on other sites More sharing options...
♥raiwa Posted September 22, 2017 Share Posted September 22, 2017 @jampjamp, @burt I suppose we are talking about : Purchase without account BS I checked a store using this contribution since more than a year-> no duplicated customer ids. The procedure to create guest and regular accounts is identical as well as the checkout procedure (clean core script). Each guest checkout creates a unique correlative customer id, just like creating a new regular account. The only difference is that the account gets flagged in an additional column as a guest account. Guests have no access to their order history. Even if a guest proceeds to qualify his guest account into a regular account or if he repeats as a guest or whatever, there is virtually no possibility to get duplicated customer id's, which is as far as i can see the reason to see orders from other customers. To confirm this, you should check in your database if the 2 customers the orders belong to, have the same customer id and also if one of the orders showing wrong is a guest order. As always, it is possible that a third party contribution/modification interferes. I agree that it is a serious problem and that the installation should be checked. About Me: http://www.oscommerce.com/forums/user/249059-raiwa/ Need help? How To Get The Help You Need Is your version of osC up to date? You'll find the latest osC community version CE Phoenix here. Public Phoenix Change Log Cheat Set on Google Sheets Link to comment Share on other sites More sharing options...
jampjamp Posted September 25, 2017 Author Share Posted September 25, 2017 Hi, sorry for long time of answer. At first I want to say that my shop migration from MS2.2 to BS Edge is still under testing in localhost, so there is nothing to worry about :) @burt @raiwa I'm using old ot_loyalty_discount.php order total module: https://apps.oscommerce.com/osgrq&customer-loyalty-discount-scheme It works in BS version with micro changes. I think it has nothing to do with this, just gets wrong informations as core engine. On 22.09.2017 at 3:48 PM, raiwa said: @jampjamp, @burt To confirm this, you should check in your database if the 2 customers the orders belong to, have the same customer id and also if one of the orders showing wrong is a guest order. Ok, I will check it when the problem occurs once again, because now it doesn't want to happen and everything works as it should. Worst kind of problems, by the way. On 21.09.2017 at 6:16 PM, Gergely said: @jampjamp Recreate session is true in session configuration? @Gergely Yes, it's true. Here are my session settings: https://i.imgur.com/IR4nkSP.png Link to comment Share on other sites More sharing options...
♥raiwa Posted September 25, 2017 Share Posted September 25, 2017 @jampjamp, Then a possible explication would be: - you created some test accounts in the new store - then you imported accounts from your old store - you didn't mark "drop table if exists" when you exported the old customer tables - and you didn't delete (truncate table) the customer data in the new database before importing old customers - in this scenario you'll get duplicated customer ids - > aways empty( truncate) the table of the new databse before importing or include ""drop table if exists" when you export the old table, if no structural difference exists between both database tables. About Me: http://www.oscommerce.com/forums/user/249059-raiwa/ Need help? How To Get The Help You Need Is your version of osC up to date? You'll find the latest osC community version CE Phoenix here. Public Phoenix Change Log Cheat Set on Google Sheets Link to comment Share on other sites More sharing options...
jampjamp Posted September 25, 2017 Author Share Posted September 25, 2017 @raiwa oh, of course I clean old database tables before importing another data into it. I need to check this customer id's, but now when I need it to occur, it doesn't happen :( Link to comment Share on other sites More sharing options...
tgely Posted September 25, 2017 Share Posted September 25, 2017 customers_id never be duplicated due to table structure when PRIMARY KEY (customers_id) is used even if table structure is bad. I suppose that customers_id is null or mixed in session when this issue happened. This could be session recreation issue. What is the PHP version? Have you installed v2.3.4.1 update packages? osCommerce based shop owner with minimal design and focused on background works. When the less is more.Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store. Link to comment Share on other sites More sharing options...
♥raiwa Posted September 25, 2017 Share Posted September 25, 2017 1 hour ago, Gergely said: customers_id never be duplicated due to table structure when PRIMARY KEY (customers_id) is used even if table structure is bad. I suppose that customers_id is null or mixed in session when this issue happened. This could be session recreation issue. What is the PHP version? Have you installed v2.3.4.1 update packages? @Gergely, Yep, you are right, wasn't aware of this About Me: http://www.oscommerce.com/forums/user/249059-raiwa/ Need help? How To Get The Help You Need Is your version of osC up to date? You'll find the latest osC community version CE Phoenix here. Public Phoenix Change Log Cheat Set on Google Sheets Link to comment Share on other sites More sharing options...
♥raiwa Posted September 25, 2017 Share Posted September 25, 2017 2 hours ago, Gergely said: customers_id never be duplicated due to table structure when PRIMARY KEY (customers_id) is used even if table structure is bad. I suppose that customers_id is null or mixed in session when this issue happened. This could be session recreation issue. What is the PHP version? Have you installed v2.3.4.1 update packages? 54 minutes ago, raiwa said: @Gergely, Yep, you are right, wasn't aware of this @Gergely,Thought again about and I believe what I explained can happen in the order table. So the wrong orders can be linked to a customer. About Me: http://www.oscommerce.com/forums/user/249059-raiwa/ Need help? How To Get The Help You Need Is your version of osC up to date? You'll find the latest osC community version CE Phoenix here. Public Phoenix Change Log Cheat Set on Google Sheets Link to comment Share on other sites More sharing options...
tgely Posted September 25, 2017 Share Posted September 25, 2017 select c.* from customers c left join orders o on o.customers_id = c.customers_id where o.customers_id is not null and o.customers_guest = 1 group by c.customers_id I am not an expert of your PWA mod @raiwa but something like the above sql could help to track something for @jampjamp. Could it be correct sql query? osCommerce based shop owner with minimal design and focused on background works. When the less is more.Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store. Link to comment Share on other sites More sharing options...
jampjamp Posted October 10, 2017 Author Share Posted October 10, 2017 @raiwa @Gergely Since our last posts I've tried many times to get the problem again and it didn't appear even once. But I've seen in "Order history" box that if I would buy a product (checkout success) as guest and make an interrupt on choosing if I want to register an account, then the last order will be in the box even after restarting the server. Of course I know it's actually normal, because it disappears on next page and is being kept for someone who chooses to set the password, but maybe in some circumstances it's shown for another customers? Or maybe sometimes I can see those orders because it's still same session and if it would be another customers they would never be able to see that? @Gergely I've missed your questions. PHP is 5.3.21. I didn't make an update to 2.3.4.1 because it's bootstrap edition I'm working on, so I guess it doesn't fit together. Your SQL query shows 16 rows. One is my own migrated account which I was using to tests, another are newer test accounts: https://i.imgur.com/Ugujox0.jpg I don't know what to do now, because I've spend a lot of time to get all backend & frontend to be ready for migration, but now I'm little bit scared if it won't happen again. Do you have any other ideas what should I check? Link to comment Share on other sites More sharing options...
tgely Posted October 10, 2017 Share Posted October 10, 2017 15 minutes ago, jampjamp said: @raiwa @Gergely Since our last posts I've tried many times to get the problem again and it didn't appear even once. But I've seen in "Order history" box that if I would buy a product (checkout success) as guest and make an interrupt on choosing if I want to register an account, then the last order will be in the box even after restarting the server. Of course I know it's actually normal, because it disappears on next page and is being kept for someone who chooses to set the password, but maybe in some circumstances it's shown for another customers? Or maybe sometimes I can see those orders because it's still same session and if it would be another customers they would never be able to see that? @Gergely I've missed your questions. PHP is 5.3.21. I didn't make an update to 2.3.4.1 because it's bootstrap edition I'm working on, so I guess it doesn't fit together. Your SQL query shows 16 rows. One is my own migrated account which I was using to tests, another are newer test accounts: https://i.imgur.com/Ugujox0.jpg I don't know what to do now, because I've spend a lot of time to get all backend & frontend to be ready for migration, but now I'm little bit scared if it won't happen again. Do you have any other ideas what should I check? Update is a security update so you have to do it. PWA session is a pressed session with fake registration and keep alive until user log out or the session will be expired. osCommerce based shop owner with minimal design and focused on background works. When the less is more.Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store. Link to comment Share on other sites More sharing options...
jampjamp Posted October 10, 2017 Author Share Posted October 10, 2017 @Gergely Thanks for your answer. What about query you've posted. Are we supposed to see something in results? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.