Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Customer getting someone elses details


newland

Recommended Posts

Hi all

 

A customer of mine emailed me to say they recieved someone else details on checkout. I'm really confused about how this may have happened. Any one know hoe it could have happened?

 

My settings were:

Session Directory /tmp

Force Cookie Use False

Check SSL Session ID false

Check User Agent false

Check IP Address false

Prevent Spider Sessions False

Recreate Session False

 

I've now changed them to:

Session Directory /tmp

Force Cookie Use False

Check SSL Session ID True

Check User Agent True

Check IP Address True

Prevent Spider Sessions False

Recreate Session False

 

 

Also my configure.php file has the following settings:

define('USE_PCONNECT', 'false'); // use persistent connections?

define('STORE_SESSIONS', ''); // leave empty '' for default handler or set to 'mysql'

 

Should store sessions be set to mysql?

 

Cheers

Newland

Link to comment
Share on other sites

You really should set the sessions to mysql.

 

Also you should use

 

Force Cookie Use False

Check SSL Session ID false

Check User Agent false

Check IP Address false

Prevent Spider Sessions true

Recreate Session False

The Knowledge Base is a wonderful thing.

Do you have a problem? Have you checked out Common Problems?

There are many very useful osC Contributions

Are you having trouble with a installed contribution? Have you checked out the support thread found Here

BACKUP BACKUP BACKUP!!! You did backup, right??

Link to comment
Share on other sites

Cheers i'll make the change ASAP

 

You really should set the sessions to mysql.

 

Also you should use

 

Force Cookie Use False

Check SSL Session ID false

Check User Agent false

Check IP Address false

Prevent Spider Sessions true

Recreate Session False

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...