Risk involved when not forcing cookies?

[rescamilla]

Hi,

The oscommerce cart I launched last week is run on a pretty busy site. We can expect to have about 200 orders per day.

 

I switched to oscommerce because the software we used previously was having problems with about 2% of the orders having "merged carts". When I say merged, I mean, during checkout time a customer would have someone else's products in their cart.

 

This always occurred with customers that were using AOL as their ISP. The problem was that the cart software used IP addresses to track the carts contents, and with AOL's floating IP's it was a big mess.

 

Anyway, I launched the new oscommerce site with the option to force cookie use set to ON and it seems that 25% percent of the customers cannot set their permissions up correctly to access the cart. This has resulted in lower sales and a barrage of complaint phone calls. It is hard to believe that this many people cannot follow the instructions on how to turn their cookie permissions on. Maybe it is a different problem? I don't know.

 

So.....I have no other choice right now other than to turn the force cookie use option to OFF. Does anybody know the risk of not having cookie forcing on? Will carts be "merged"? If cookies are not used, does the cart track users by IP?

 

Thanks!

-Ray

[241]

merging usually occurs where a shared host is involved whereby the sites are using the same tmp directory