Guest Posted July 26, 2006 Share Posted July 26, 2006 I keep on getting orders from differant IP's and shiping details which are not the same as the real user ( verified with few users ). I found in logs that the 'bad' ip does not go through login.php, but directly to checkout_shipping.php and shopping_cart.php ... and makes an order. I must find this security hole and close it. I am getting to much false orders, and angry customers. Please help. Link to comment Share on other sites More sharing options...
Gil_e_n Posted July 26, 2006 Share Posted July 26, 2006 My first thought is do you require cookies to be enabled to check out? If the person placing these orders is getting these customers' session id that displays in the URL, then you really need to require cookies. If that isn't the problem, then I have no idea and will be playing close attention to this thread. Always BACK UP your files and your database before making any changes. Before asking questions, check out the Knowledge Base. Check out the contributions to see if your problem's solved there. Search the forums. Useful threads: Store Speed Optimization How to make a horrible shop Basics for design change How to search the forums Useful contributions: Easypopulate Fast, Easy Checkout Header Tag Controller Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.