Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Customer accounts getting mixed up


Guest

Recommended Posts

Hi, The first customer placed an order, and when the second customer placed an order, it came through the first customer's account, as though the first customer had placed the second order. Boy, the second customer was mad about the breach of privacy! It happened again, and it's scaring people away. So we've shut the cart down.

 

My coder found the following: http://www.oscommerce.com/community/bugs,2197/category,Other which sounds a lot like the situation, but he followed the instructions (or some of the instructions) and things seem worse instead of better.

 

Has anyone had this problem and resolved it? Or can anyone point us in a useful direction?

 

Thanks so much,

Jan

Link to comment
Share on other sites

Since I didn't get any replies, let me try explaining this again, just in case I didn't do a good job.

 

The first customer placed an order, and then the second customer placed an order. But the second customer's order was seen in the cart as having been ordered by the first customer. There was no record of the second customer in the cart at all.

 

This is a mess. Any leads on how to work with this would be appreciated.

 

Thanks,

Jan

Link to comment
Share on other sites

Since I didn't get any replies, let me try explaining this again, just in case I didn't do a good job.

 

The first customer placed an order, and then the second customer placed an order. But the second customer's order was seen in the cart as having been ordered by the first customer. There was no record of the second customer in the cart at all.

 

This is a mess. Any leads on how to work with this would be appreciated.

 

Thanks,

Jan

 

That's some scary stuff. I would direct your coder to http://www.oscommerce.info/kb/Developers_S...plementations/4

 

From the sounds of it, your customer 1 and/or 2 clicked on a link that contained the same session id. IE, customer 1 clicks link, session starts, customer 2 clicks same link and intercepts. Your site thinks that Customer 2 is Customer 1. If this is the case , customer 2 would have complete access to customer #1's account. Very scary stuff.

 

Of course, I am not certain which release of osc you are using. I am now researching if any fixes were implimented for this in the latest milestone release.

Link to comment
Share on other sites

Thanks for your reply, Mark. It is likely the most recent release of osc, since we just set the cart up starting around Thanksgiving. We've decided to shut the whole cart down until this is resolved, since it's just too messy. Yes, customer 2 had access to customer 1's personal information. Another potential customer noticed the problem, e-mailed me about it, but then disappeared. Not good at all.

 

I appreciate your doing some research, and will check back. I hope we can figure out what is going wrong.

 

Best wishes,

Jan

Link to comment
Share on other sites

Thanks for your reply, Mark. It is likely the most recent release of osc, since we just set the cart up starting around Thanksgiving. We've decided to shut the whole cart down until this is resolved, since it's just too messy. Yes, customer 2 had access to customer 1's personal information. Another potential customer noticed the problem, e-mailed me about it, but then disappeared. Not good at all.

 

I appreciate your doing some research, and will check back. I hope we can figure out what is going wrong.

 

Best wishes,

Jan

 

 

How are you storing your sessions info? In a file or in the database?

The Knowledge Base is a wonderful thing.

Do you have a problem? Have you checked out Common Problems?

There are many very useful osC Contributions

Are you having trouble with a installed contribution? Have you checked out the support thread found Here

BACKUP BACKUP BACKUP!!! You did backup, right??

Link to comment
Share on other sites

Teresa,

 

It is www.sunrisehealthcoach.com, but the cart is not available right now. We have it shut down because we don't want any more trouble with mixups and with customers complaining about it. If you let me know approximately when you will visit, I will take it "off maintenance" so you can access and look at it. You could e-mail me at [email protected] to let me know when. Or I will check back here periodically.

 

Thank you so very much.

 

Jan

Link to comment
Share on other sites

Teresa,

 

It is www.sunrisehealthcoach.com, but the cart is not available right now. We have it shut down because we don't want any more trouble with mixups and with customers complaining about it. If you let me know approximately when you will visit, I will take it "off maintenance" so you can access and look at it. You could e-mail me at [email protected] to let me know when. Or I will check back here periodically.

 

Thank you so very much.

 

Jan

 

 

This is all very interesting, it actually happened with me while I was shopping on one store (powered by zencart instead). I immediately contact the owners and they fixed the problem, I asked them what the problem was (I was curious), but never told me. I think it has to do with the sessions though.

 

Please, let us know how to fix the problem when you do. Thanks,

 

Elaine

"There are only 10 types of people in this world: those who understand binary, and those who don't. "

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...