Search found 8 matches

Page 1 of 1

Search found 8 matches

Re: Urgent! Serious Security and Data Protecton Issue!

Did someone face this issue in a dedicated host? Opencart 2.1

Jump to post
  • Thu Mar 16, 2017 5:56 pm
  • Replies 24
  • Views 4493
Re: Help: Session Exchange. What?

Did someone face this issue in a dedicated host? Opencart 2.1

Jump to post
  • Thu Mar 16, 2017 5:55 pm
  • Replies 16
  • Views 1644
Re: session login

Did someone face this issue in a dedicated host?

Jump to post
  • Thu Mar 16, 2017 5:53 pm
  • Replies 21
  • Views 1606
Re: session login

Can someone explain me these settings at library/session.php: ini_set('session.use_only_cookies', 'Off'); ini_set('session.use_cookies', 'On'); ini_set('session.use_trans_sid', 'Off'); ini_set('session.cookie_httponly', 'On'); and if I should change it somehow? My problem was session_start() functio...

Jump to post
  • Wed Jul 13, 2016 12:13 am
  • Replies 21
  • Views 1606
Re: session login

Your new version still do not works.

Any how I've fixed it by myself.

The question is, will this module fix my problem? It seams different logins with same ip (eg. shared ip in a company network) is causing this problem:

User A login at PC1; user B login at PC2 => user A will see user B account.

Jump to post
  • Tue Jul 12, 2016 11:15 pm
  • Replies 21
  • Views 1606
Re: session login

I'm getting errors:


Notice: Trying to get property of non-object in system\library\csrf.php on line 58

Notice: Indirect modification of overloaded property Csrf::$session has no effect in system\library\csrf.php on line 51

Jump to post
  • Tue Jul 12, 2016 10:39 pm
  • Replies 21
  • Views 1606
Re: session login

It is not a shared host.

I found out customer_ip table to have same ip on different customer_id

This shared ip is used by a global ISP, so I assume both customers use same internet provider.

Could this be a problem?

How session id is generated in opencart? Based on IP only?

Jump to post
  • Tue Jul 12, 2016 10:10 pm
  • Replies 21
  • Views 1606
session login

Hi

I got a complaint from a customer of my webshop who was logged in with another user account. Session variable was set with another user id. But the customers does not know each other, they also doesn't know each other passwords.

How could this happens?

Did someone of you face same issue?

Jump to post
  • Tue Jul 12, 2016 7:51 pm
  • Replies 21
  • Views 1606

Page 1 of 1

Search found 8 matches