When 2 users visit my cart within minutes of each other, the second user sees the profile information of the first user, as if it is retaining the session on the server and offering it up to the next visitor.
If the second user fails to notice and completes their purchase, their confimation email is sent to the first user (whose profile they are logged in under).
I verified that the users are NOT sharing a computer (users were in 2 different cities).
I tried enabling "check SSL session ID " to true, thinking this would force the 2nd user to create a new session, but no joy.

What is going on here? How do I make Zen Cart make a new user session for each visitor?
Should I enable check user agent ? (what is it?)
Force cookies?