WebDev22 Posted January 23, 2009 Share Posted January 23, 2009 A promotional email using Constant Contact was sent out with a URL that included the session ID. As a result, customers are able to see other customers' information. It's a big mess. Does anyone have any advice on how to put out this fire and do some damage control? Brett Link to comment Share on other sites More sharing options...
germ Posted January 23, 2009 Share Posted January 23, 2009 In your admin under sessions, set 'Recreate Session' True Save it, If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
WebDev22 Posted January 23, 2009 Author Share Posted January 23, 2009 In your admin under sessions, set 'Recreate Session' True Save it, Jim, Thanks for posting the solution. My client will sleep much better tonight. Brett Link to comment Share on other sites More sharing options...
WebDev22 Posted January 23, 2009 Author Share Posted January 23, 2009 Jim, Thanks for posting the solution. My client will sleep much better tonight. Brett Jim, I just received a message that two staffers are still able to see identical information. I told them to each log out and click on that link again... the link they embedded in Constant Contact with the session URL. I would think this would eliminate the problem but wanted to see if there was anything else that can be done, just in case. Thanks, Brett Link to comment Share on other sites More sharing options...
WebDev22 Posted January 23, 2009 Author Share Posted January 23, 2009 Is it possible to delete a session? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.