Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Customers able to see other customers data


WebDev22

Recommended Posts

A promotional email using Constant Contact was sent out with a URL that included the session ID. As a result, customers are able to see other customers' information. It's a big mess. Does anyone have any advice on how to put out this fire and do some damage control?

 

Brett

Link to comment
Share on other sites

In your admin under sessions, set 'Recreate Session' True

 

Save it,

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Jim,

 

Thanks for posting the solution. My client will sleep much better tonight.

 

Brett

 

Jim,

 

I just received a message that two staffers are still able to see identical information. I told them to each log out and click on that link again... the link they embedded in Constant Contact with the session URL. I would think this would eliminate the problem but wanted to see if there was anything else that can be done, just in case.

 

Thanks,

 

Brett

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...