goughie27 Posted September 29, 2009 Posted September 29, 2009 Hi Guys, This is my fisrt time post dont have much experience as of yet but hope to gain some from you all. Im having a major problem with my site. When users login they sometimes see another users account information. I have never been able to reproduce this myself, but many customers say it is happening. There were even a few orders posted that had the wrong account associated with the order when this happens it seems the new account created has dissappeared and the order has gone to the last user account which was logged in. The sales are suffering because of this, as I expect it is a real security confidence killer. Can anyone help me? Regards Mark Gough
♥ecartz Posted October 1, 2009 Posted October 1, 2009 In admin >> Configuration >> Sessions, try turning on Recreate Session (i.e. set it to true). Make sure that Prevent Spider Sessions is set to true. The normal cause of this is that multiple people are using the same URL with a hard coded session ID. This can be caused by a search engine spidering URLs with the session ID in them. Another thing to check is that your COOKIE settings are correct in includes/configure.php Always back up before making changes.
SchlungMarketing Posted December 12, 2009 Posted December 12, 2009 Did you fix this? We started experiencing the same exact problem. Any input would be greatly appreciated - new too. Hi Guys, This is my fisrt time post dont have much experience as of yet but hope to gain some from you all. Im having a major problem with my site. When users login they sometimes see another users account information. I have never been able to reproduce this myself, but many customers say it is happening. There were even a few orders posted that had the wrong account associated with the order when this happens it seems the new account created has dissappeared and the order has gone to the last user account which was logged in. The sales are suffering because of this, as I expect it is a real security confidence killer. Can anyone help me? Regards Mark Gough
SchlungMarketing Posted December 12, 2009 Posted December 12, 2009 im experiencing the same problem. What should the cookie settings be in the configure.php Thank you In admin >> Configuration >> Sessions, try turning on Recreate Session (i.e. set it to true). Make sure that Prevent Spider Sessions is set to true. The normal cause of this is that multiple people are using the same URL with a hard coded session ID. This can be caused by a search engine spidering URLs with the session ID in them. Another thing to check is that your COOKIE settings are correct in includes/configure.php
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.