Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Cache problem


zopeuser

Recommended Posts

Posted

Hi there

 

we are running our os commerce 2.2 shop for 2 years now.

Some users discover problems because they can see the address information of other users.

 

Yesterday a user ordered an article with the address of another user.

The address information he saw came from the the last order where a user had ordered an article 9 hours before.

How could that happen?

 

Any idea what might be wrong? Is there a security hole in the oscommerce shop?

My cache configuration at config > cache > use cache is set to "false".

 

Any tips are highly appreciated.

 

Regards

Posted

Log in to your osc admin panel.

 

Under SESSIONS:

 

Prevent Spider Sessions --> True

If set to True spiders will be prevented from receiving a session id and starting a session. It is recommended that this setting is set to True.

 

Recreate Session --> True

If set to True the session id will be recreated when the customer tries to checkout or login to their account. This helps prevent two customers from accidently logging into each others account due to hard coded session id's in the store. (Requires PHP >=4.1)

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...