Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Shared server, changes overwriting both accounts


dayOff

Recommended Posts

Hi

 

This one's blown me away.

 

A client had an OSC site up and running, fine, no problem. Let's call this installation A.

 

I started another OSC installation the other night, both on a shared server with a professional hosting service. This new one, installation B.

 

I downloaded the latest version from the OSC site, went through the installation wizard, created the database, etc. and last night added some products and categories.

 

This morning, the categories for site A, which is live I might add, are those I added for B last night.

 

Under one of those erroneous categories is the full set of categories that should still be there.

 

Clicking the erroneous categories takes us to the site B installation and proceeds happily (wrongly) there.

 

I absolutely didn't add the categories or products to the wrong database .. the logins for A were in a filing cabinet I just had to root them out.

 

The erroneous categories appearing in the A website are not present in the database for A, checked in PHPmyAdmin.

 

So, something's pointing wrong.

 

Site B seems to work OK.

 

Clues please .. 'cus I'm lost.

 

 

???

I'm not sure how to tell what version the old A site is, but in its index.php it starts

 

****

$Id: index.php,v 1.1 2003/06/11 17:37:59 hpdl Exp $

 

 

 

osCommerce, Open Source E-Commerce Solutions

 

http://www.oscommerce.com

 

 

 

Copyright © 2003 osCommerce

***

 

All help appreciated :-)

----------------------------

John Allsopp

http://www.johnallsopp.co.uk/

Link to comment
Share on other sites

OK, site A is now back working correctly.

 

All I did to make that happen is go into site B, delete the three products in the last category, and delete the last category.

 

I've checked the config files and they seem OK (both sites, admin and normal), and the databases seem OK too, it wasn't database cross-contamination.

 

Also, site A wasn't compromised by installation of B, nor by the deletion of the initial test DVD products. We only noticed A was showing B's products and categories after I added products to B last night.

 

Is this a bug somewhere in category/product add? Should I be logging this for the developers, if so, where?

----------------------------

John Allsopp

http://www.johnallsopp.co.uk/

Link to comment
Share on other sites

All I did to make that happen is go into site B, delete the three products in the last category, and delete the last category.

 

Correction, I didn't delete the last category (I never pressed the final OK)

----------------------------

John Allsopp

http://www.johnallsopp.co.uk/

Link to comment
Share on other sites

Most likely, the problem is that both shops are using the servers tmp directory for cache. You need to change that setting in admin so it uses a local directory.

 

Jack

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

All of My Addons

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

Most likely, the problem is that both shops are using the servers tmp directory for cache. You need to change that setting in admin so it uses a local directory.

 

Thanks, I used /home/myaccountname/tmp under advice from the host, the site continued to work, I added the three products back in and it hasn't contaminated the other site, so that may have solved it.

 

Goodness, so how do we filter this back so it gets into the product?

----------------------------

John Allsopp

http://www.johnallsopp.co.uk/

Link to comment
Share on other sites

I don't understand the question.

Jack

 

Then thanks very much for asking for clarity.

 

I mean .. I'd like to suggest that the product ships with a note about this or so it chooses this better tmp directory .. whatever works. So, how do I feed that back to the development team so they know about this experience / bug / insufficiency / security issue.

----------------------------

John Allsopp

http://www.johnallsopp.co.uk/

Link to comment
Share on other sites

Are You using the same db for both sites.

Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site.

 

Check My About US For who am I and what My company does.

Link to comment
Share on other sites

Then thanks very much for asking for clarity.

 

I mean .. I'd like to suggest that the product ships with a note about this or so it chooses this better tmp directory .. whatever works. So, how do I feed that back to the development team so they know about this experience / bug / insufficiency / security issue.

It isn't a problem if you are on a dedicated server. Or even on a shared server if the host has the tmp directory setup to be shared. In other words, no one can write a program to handle all possible situations. There is a bug report page in the menu somewhere. You can report it there if you like.

 

Jack

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

All of My Addons

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

It isn't a problem if you are on a dedicated server. Or even on a shared server if the host has the tmp directory setup to be shared.

Jack

 

My host replied:

"Your server is running a standard 'RedHat Linux Enterprise' installation with cpanel. There is nothing out of the ordinary."

 

so it would seem to be a risk.

 

I mean .. if I somehow 'infected' another user through the tmp directory, it's just probably just chance that others maybe aren't using OSC that it hasn't happened before. But the possibility is there for one person to get cross pollinated with another's info, and it happens across OSC versions. That seems significant to me. Maybe it's documented and I didn't RTFM, but at least I have a duty to push it upwards to the development team.

 

Thank-you very much again for your help with this, I'm impressed :-)

----------------------------

John Allsopp

http://www.johnallsopp.co.uk/

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...