newland Posted June 1, 2006 Posted June 1, 2006 Hi all A customer of mine emailed me to say they recieved someone else details on checkout. I'm really confused about how this may have happened. Any one know hoe it could have happened? My settings were: Session Directory /tmp Force Cookie Use False Check SSL Session ID false Check User Agent false Check IP Address false Prevent Spider Sessions False Recreate Session False I've now changed them to: Session Directory /tmp Force Cookie Use False Check SSL Session ID True Check User Agent True Check IP Address True Prevent Spider Sessions False Recreate Session False Also my configure.php file has the following settings: define('USE_PCONNECT', 'false'); // use persistent connections? define('STORE_SESSIONS', ''); // leave empty '' for default handler or set to 'mysql' Should store sessions be set to mysql? Cheers Newland
ozcsys Posted June 1, 2006 Posted June 1, 2006 You really should set the sessions to mysql. Also you should use Force Cookie Use False Check SSL Session ID false Check User Agent false Check IP Address false Prevent Spider Sessions true Recreate Session False The Knowledge Base is a wonderful thing. Do you have a problem? Have you checked out Common Problems? There are many very useful osC Contributions Are you having trouble with a installed contribution? Have you checked out the support thread found Here BACKUP BACKUP BACKUP!!! You did backup, right??
newland Posted June 2, 2006 Author Posted June 2, 2006 Cheers i'll make the change ASAP You really should set the sessions to mysql. Also you should use Force Cookie Use False Check SSL Session ID false Check User Agent false Check IP Address false Prevent Spider Sessions true Recreate Session False
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.