Results 1 to 2 of 2
  1. 28 Mar 2014, 06:39 PM #1
    cyberbaffled
    cyberbaffled is offline Zen Follower
    Join Date
    Apr 2012
    Location
    Louisville, Colorado, USA
    Posts
    116
    Plugin Contributions
    0

    Default Can server differentiate user computers?

    On the "Thank You" page there's this notice: "Thank you for shopping. Please click the Log Off link to ensure that your receipt and purchase information is not visible to the next person using this computer."

    Does this imply that the server cannot differentiate user computers such that if a session is terminated by any means other than using Log Off -for example, terminated by using a browser's "close" utility, or interruption of router signal, or a "time out"- the possibility exists that the chronological next server connection using a different computer begins with the previous user's account information plus receipt and purchase information?
    Last edited by cyberbaffled; 28 Mar 2014 at 06:41 PM.
    Reply With Quote Reply With Quote
  2. 28 Mar 2014, 08:20 PM #2
    DrByte's Avatar
    DrByte
    DrByte is offline Sensei
    Join Date
    Jan 2004
    Posts
    66,373
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: Can server differentiate user computers?

    I'm not sure I understand your question.

    It's basically the same message as what a bank website tells you: please logoff to protect your privacy.
    They say that regardless of the fact that the session is set to expire when closing the browser ... because clicking Logout IS more secure than merely letting a timeout happen.

    (In case you want clarification of the technicality behind why a Logout is more secure than a timeout, it's because if somehow someone has hijacked your banking or shopping session without you knowing, if you click Logout then that forces a logout on the server-side too, effectively killing a hijacker's access)
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
    Reply With Quote Reply With Quote
 

 
« Previous Thread | Next Thread »

Similar Threads

  1. Is there a way to require login or differentiate pricing?
    By saltsandsuch in forum General Questions
    Replies: 1
    Last Post: 15 May 2013, 11:48 AM
  2. v139h how can i insert serials numbers for computers parts?
    By daniroe in forum Setting Up Categories, Products, Attributes
    Replies: 0
    Last Post: 26 Feb 2012, 02:23 PM
  3. Differentiate Search Button from Header and Global
    By makehveli in forum Templates, Stylesheets, Page Layout
    Replies: 24
    Last Post: 24 Jun 2011, 07:20 PM
  4. Setting up user rights/permissions/ownership on my server
    By fneergaard in forum Installing on a Linux/Unix Server
    Replies: 2
    Last Post: 21 Aug 2010, 02:30 PM
  5. Can't add new products - only from certain computers
    By lancer in forum Setting Up Categories, Products, Attributes
    Replies: 2
    Last Post: 8 Jan 2008, 12:02 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR
Content and Graphics Copyright (c) 2003 - 2024 Zen Ventures, LLC - all rights reserved
Zen Cart® is a Registered Trademark of Zen Ventures, LLC