zentac Posted July 9, 2007 Share Posted July 9, 2007 When a customer logs in with thier own login/password they are being presented with another users orders, address etc.... where do I start tacking this one down? Link to comment Share on other sites More sharing options...
Guest Posted July 9, 2007 Share Posted July 9, 2007 When a customer logs in with thier own login/password they are being presented with another users orders, address etc.... where do I start tacking this one down? Start looking where the oscid is included as part of the url, as distinct to the oscid created when you first hit the site. I think that this has recently been discussed in the forums. Link to comment Share on other sites More sharing options...
zentac Posted July 9, 2007 Author Share Posted July 9, 2007 what appears to have happened is that my customer_id within the order table is being populated incorrectly, which is strange as the customer_name is correct. Ive fixed them manually now, but which php script inserts into the orders table? Link to comment Share on other sites More sharing options...
crash3903 Posted July 9, 2007 Share Posted July 9, 2007 what appears to have happened is that my customer_id within the order table is being populated incorrectly, which is strange as the customer_name is correct. Ive fixed them manually now, but which php script inserts into the orders table? Are you on a shared server? Regards Mark A Reynolds Link to comment Share on other sites More sharing options...
tigergirl Posted July 9, 2007 Share Posted July 9, 2007 Have a read of this for a little background - common problem. customer details seen by other customers I'm feeling lucky today......maybe someone will answer my post! I do try and answer a simple post when I can just to give something back. ------------------------------------------------ PM me? - I'm not for hire Link to comment Share on other sites More sharing options...
zentac Posted July 9, 2007 Author Share Posted July 9, 2007 Are you on a shared server? Yes Link to comment Share on other sites More sharing options...
zentac Posted July 11, 2007 Author Share Posted July 11, 2007 what appears to have happened is that my customer_id within the order table is being populated incorrectly, which is strange as the customer_name is correct. Ive fixed them manually now, but which php script inserts into the orders table? Anyone got any more ideas? Link to comment Share on other sites More sharing options...
jasonabc Posted July 11, 2007 Share Posted July 11, 2007 Anyone got any more ideas? Make sure that: 1) Admin > Configuration > Sessions > Prevent Spider Sessions and Admin > Configuration > Sessions > Recreate Session are both set to "true" 2) Make sure that any external links you may have posted to your site *do not* contain the unique session ID. So this: http://yoursite.com/product_info.php?produ...34edff52081aa32 should just be this: http://yoursite.com/product_info.php?products_id=22 I had an issue a week or so ago where a customer of my client pasted a link to the store into her Blog. She copied the session ID in as well - so everyone who subsequently clicked the link all came in on the same session ID. Caused all sorts of problems - and took a while to track down the offending external link too.... Jason My Contributions: Paypal Payflow PRO | Rollover Category Images | Authorize.net Invoice Number Fix Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.