Orders placed on the previous customers log in

[gkstep]

I have received orders with two different Customer's information in the order. From conversations with a customer, they selected an item to purchace for the shopping cart and when they selected checkout they were logged in as the previos customer. They then entered their address and credit card information to complete the sale. The resulting order showed them under the billing addres and payment info. But the previous customer info including the email address was still there and the order conformation email was sent to the wrong customer. Does anyone know my problem?

[gkstep]

I have received orders with two different Customer's information in the order. From conversations with a customer, they selected an item to purchace for the shopping cart and when they selected checkout they were logged in as the previos customer. They then entered their address and credit card information to complete the sale. The resulting order showed them under the billing addres and payment info. But the previous customer info including the email address was still there and the order conformation email was sent to the wrong customer. Does anyone know my problem?

[Rami]

My customer faced same problem than gkstep and we are more than worried about this. Is there any ideas about possible solution?

[gkstep]

I had some more of these orders. What payment modules are you using? I made a change to day and hope it was a fix.

[DrByte]

How did these customers get to your site?

Did you post a link to your store somewhere, which contained a &zenid=blablablabla in it ? That's a huge no-no, and will cause you all kinds of grief.


Go to Admin->Configuration->Sessions and set Session Recreate = true. This will force all customers to jump to a new zenid whenever they login to your store.

[Rami]

Customers we are talking about has arrived to store straight to domain, not via links and messed customers has been totally unknown to each other. This occasion happened now second time and there is no any regularity between cases. Only common thing is that incidents happened in very short period (about 30min in first case and 2h in second case) so that both customers (right and messed one) were very likely in shop at the same time.

Session recreation has been forced all the time. Both cases happened using finnish bank modules (different banks) as a payment method, but there is one common table in database which is used by all four bank modules.

[Rami]

I did find wrong path to the sessions directory from settings and it is now fixed. Here is other settings from Configuration -> Sessions:

Cookie Domain: True
Force Cookie Use: False
Check SSL Session ID: False
Check User Agent: False
Check IP Address: False
Prevent Spider Sessions: True
Recreate Session: True
IP to Host Conversion Status: true

Store uses shared SSL. Entire frontend is not secured, only specific sites when system uses SSL.

Maybe wrong path in sessions was the failure?

With deep respect,

Rami

[mgrunk]

Bumping this - it happened to my customer 3 times today - someone posted about a new book she's published - sent the extended zen url - recreate session was already set to true - anything else I can do to ensure this doesn't happen again?

Michelle
chswebmaster.com

[aivo]

Same problem here, I fixed the settings in Sessions but what wrong path are You talking? Maybe I need to fix this problem too.

Kiitos!

I did find wrong path to the sessions directory from settings and it is now fixed. Here is other settings from Configuration -> Sessions:

Cookie Domain: True
Force Cookie Use: False
Check SSL Session ID: False
Check User Agent: False
Check IP Address: False
Prevent Spider Sessions: True
Recreate Session: True
IP to Host Conversion Status: true

Store uses shared SSL. Entire frontend is not secured, only specific sites when system uses SSL.

Maybe wrong path in sessions was the failure?

With deep respect,

Rami

[DonRichardsonNH]

I have now seen this situation over the last few days where customers get an order that have additional items in it, or contains other customer information.

I have now corrected the path to the session directory, and have set the Recreate Session to True.

I will watch this, but as some others have written here - this is still happening to their stores.

Please update any other possible causes fro this if there are any.

Regards,

Don