Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Navigating into someone elses cart


kvadre

Recommended Posts

Hi

 

If I posted a link containing an osCsid number an the first person follwed this link, added things to the cart, logged in and checked them out, could it then happen that the next person who followed the link would end up logged in as the first user?

 

I have a customer telling me that this has happened and I think the problem was the link I posted, but would like to be sure.

 

/Jesper

Link to comment
Share on other sites

Yep.

 

Never post a link with osCsid.

 

In your admin set recreates session to true and prevnet spiders to true under configuration->sessions.

Link to comment
Share on other sites

After reading a bit around i'm thinking on just forcing cookies and be done with it.

Be careful with that. Not all accept coolies.

 

The osCsid should go away in a click or two.

 

Just make sure you do not send out any links with that in it.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...