Page 1 of 2 12 LastLast
Results 1 to 10 of 11
  1. #1
    Join Date
    Jun 2007
    Posts
    18
    Plugin Contributions
    0

    Default Everyone Sees Account Info

    A customer created an account after clicking on a direct link to one of our products and now whenever any one clicks that link (doesn't matter which computer) they are logged in under his account.

    I have temporarily renamed zencart and haven't been able to recreate the issue in the new location, but was able to I went back to the original folder.

    Any ideas why this is happening?

  2. #2
    Join Date
    Dec 2006
    Location
    Seligman, MO U.S.A.
    Posts
    2,101
    Plugin Contributions
    5

    Default Re: Everyone Sees Account Info

    Go to Admin>Configuration>Sessions, find: Prevent Spider Sessions and make sure this is set to "True". See if that helps.
    Teach them to shop and they will shop today;
    Teach them to Zen and they will OWN a shop tomorrow!

  3. #3
    Join Date
    Apr 2006
    Location
    West Salem, IL
    Posts
    2,739
    Plugin Contributions
    0

    Default Re: Everyone Sees Account Info

    check that link and see if there is a zenid attached to the end of the url. if there is that is what is causing the problem. Effectively everyone comes in from that link with the same session.
    Mike
    GeekHost - Zen Cart Certified & PCI Compliant Hosting
    The Zen Cart Forum...Better than a monitor covered with post-it notes!

  4. #4
    Join Date
    Jun 2007
    Posts
    18
    Plugin Contributions
    0

    Default Re: Everyone Sees Account Info

    I checked the settings and prevent spiders was already set to true. What I think happened was I posted the link with the zenID and when a customer clicked that link and created an account it became their sessionID so everyone who clicked on that link after that got the first customers information.

    Does this sound like something that could happen? Is there anyway to prevent this if the zenID is every accidentally included in the future?

  5. #5
    Join Date
    Jun 2007
    Posts
    18
    Plugin Contributions
    0

    Default Re: Everyone Sees Account Info

    I was typing when Barco posted. So I guess it was the zenID. So, is there a way to protect against this in the future?

  6. #6
    Join Date
    Apr 2006
    Location
    West Salem, IL
    Posts
    2,739
    Plugin Contributions
    0

    Default Re: Everyone Sees Account Info

    set recreate session to true
    Mike
    GeekHost - Zen Cart Certified & PCI Compliant Hosting
    The Zen Cart Forum...Better than a monitor covered with post-it notes!

  7. #7
    Join Date
    Jun 2007
    Posts
    18
    Plugin Contributions
    0

    Default Re: Everyone Sees Account Info

    Recreate session was set to true

  8. #8
    Join Date
    Mar 2008
    Posts
    25
    Plugin Contributions
    0

    Default Re: Everyone Sees Account Info

    I have this same problem and all of my settings are the same as above, is this a bug? It's created much havoc on my site and has my customers questioning the integrity of the security of their personal information.

  9. #9
    Join Date
    Sep 2006
    Posts
    27
    Plugin Contributions
    1

    Default Re: Everyone Sees Account Info

    I'm having the same problem.... Someone posted a link somewhere that included the zenID. Now when I go to who's online, there are numerous entries with the same zenID all from different IP addresses.

    If I click on the link and then go to the home page, the zenID disappears from the url. If I just browse the site the zenID remains.

    Is there a way to redirect the url that includes the zenID to the home page so the zenID is removed?

  10. #10
    Join Date
    Mar 2004
    Posts
    16,042
    Plugin Contributions
    5

    Default Re: Everyone Sees Account Info

    rignt now your best bet is to rename zenid

    If you go into the zen admin and go to tools -> developers toolkit and type in zenid and search for all in catalog you will find 2 places to redefine zenid to something else,
    Zen cart PCI compliant Hosting

 

 
Page 1 of 2 12 LastLast

Similar Threads

  1. Can "create account" be used to edit/update account info?
    By toneyourlife in forum All Other Contributions/Addons
    Replies: 1
    Last Post: 13 Jun 2008, 12:47 AM
  2. Replies: 4
    Last Post: 18 Jan 2008, 08:14 PM
  3. Customer Logs in and sees another customers account
    By romanus in forum General Questions
    Replies: 2
    Last Post: 28 Sep 2007, 12:34 PM
  4. Lining up info correctly on the My Account / Order Info Page
    By eist1 in forum Templates, Stylesheets, Page Layout
    Replies: 3
    Last Post: 8 Sep 2006, 09:34 PM
  5. Info for everyone on Paypal for UK
    By waghelak in forum General Questions
    Replies: 3
    Last Post: 22 Jul 2006, 05:48 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR