Post by iplocker » Wed Aug 16, 2017 11:24 pm

Hello.
Some times when I m going to checkout I see some others customers details already filled the checkout fields.
I cant replicate the issue but when it happens I find it very serious .
I dont use any cache tool at my site , also using PHP 7.1 and I have Journal template 2.14.6 and activate Quick Checkout.
Any idea how this is happening ?!
Thanks

Active Member

Posts

Joined
Sun May 26, 2013 6:39 pm


Post by rgbrewer » Thu Aug 17, 2017 6:51 am

Something must have modified your model call. Have you touched the code? Try restoring the code to stock opencart if so. If not, start disabling stuff until you find the culprit. That data comes from the database, it's got to be grabbing the wrong stuff from somewhere. It shouldn't be too hard to figure out for a developer.

New member

Posts

Joined
Sat Apr 22, 2017 9:30 am

Post by iplocker » Thu Aug 17, 2017 2:55 pm

Hello.
Well I haven't touch the code of OC , I m using Journal2 theme which they have quick checkout but they are saying that's not theme related.
Of course I am using some extensions but my problem is that I cant replicate the issue, it happens some times , is there is a way when it happens that time to make a debug somehow ?!
Thanks

Active Member

Posts

Joined
Sun May 26, 2013 6:39 pm


Post by paulfeakins » Thu Aug 17, 2017 5:02 pm

We've had reports of this on Journal2 but have been unable to replicate and unable to find the cause so far.

For quick, professional OpenCart support please email info@antropy.co.uk


User avatar
Active Member

Posts

Joined
Mon Aug 22, 2011 11:01 pm
Location - Reigate, Surrey, United Kingdom

Post by iplocker » Thu Aug 17, 2017 5:06 pm

Hello.
Thanks for the replies guys.
I found it serious problem if you ask me .
Can I ask please, now with my Firefox every time I m going to checkout I see the required fields the quick checkout needs filled with a customers details , if I will clean the cache of Firefox those fields will be cleaned, so I am asking if I can do something now which I m facing that .
Thanks

Active Member

Posts

Joined
Sun May 26, 2013 6:39 pm


Post by iplocker » Thu Aug 17, 2017 5:52 pm

Update:
I have disable Journal2 theme and still face the problem with Default Opencart checkout, in Guest Checkout I see more fields filled from the Regist choice.
So its Opencart problem!
From Journal support: " ...even though this surely has nothing to do with our theme. Order id is saved into session and sessions are not handled by us, if there are any problems with php sessions, then this surely is something related to your server setup or Opencart. "

Thanks

Active Member

Posts

Joined
Sun May 26, 2013 6:39 pm


Post by ADD Creative » Mon Sep 04, 2017 5:35 pm

I could be an issue with how sessions and set up on your server. Do you have more than 1 OpenCart install on the same server?

Have you also tried clearing your browser cookies?

ADD Creative - Web development and e-commerce development, Milton Keynes or Christchurch, UK
ADD Filtration - HVAC Panel Filters, Bag Filters and HEPA Filters


Active Member

Posts

Joined
Sat Jan 14, 2012 1:02 am

Post by iplocker » Mon Sep 04, 2017 6:18 pm

Hello thanks for replying BUT even if I have 10 opencarts installation at the server , even if I m not clearing my cookies , is it logical to going to login and suddenly I see that I m logged in with a customer account which I have never use his account or know him somehow ?!
I found it pretty serious and dont know how to debug it or replicate it . It happens some times in random times .
Thanks

Active Member

Posts

Joined
Sun May 26, 2013 6:39 pm


Post by ADD Creative » Tue Sep 05, 2017 7:53 pm

You said in one of your previous posts mentioned you had the issue on guest checkout. If you did not try to login on the front end or login as a one of your customers from the admin. Then I would say, as the customer's details are not taken from the database, it's most likely that you are somehow getting another customer's session.

If you are logging in as a customer and seeing another customer's details on login then I don't think this would be a session problem. It's more likely to be a database or code problem. You could check your database for errors.

Some topics on similar issues.

Seems to have been caused by a page caching extension.
http://forum.opencart.com/viewtopic.php?f=20&t=139197

Seems to have been an issue with sessions not being unique. It also mentions CSRF, however this would only be an issue if you have clicked a malicious link.
viewtopic.php?t=165170#p628372

ADD Creative - Web development and e-commerce development, Milton Keynes or Christchurch, UK
ADD Filtration - HVAC Panel Filters, Bag Filters and HEPA Filters


Active Member

Posts

Joined
Sat Jan 14, 2012 1:02 am

Post by iplocker » Wed Sep 06, 2017 11:01 pm

Hello .
Thanks for replying.
I dont have any error with the db also no error logs at my site.
Probably is that you re saying: ... it's most likely that you are somehow getting another customer's session....
I have asked my Siteground hosting company and they told me that they are not having any cache system running and keep sessions .
ALso I m not using any cache extension .

PS. I have read at the posts you send me (and thanks for that) that the problem not get resolved.
Thanks

Active Member

Posts

Joined
Sun May 26, 2013 6:39 pm


Post by ADD Creative » Mon Sep 11, 2017 9:04 pm

One thing you could check when it happens again is to use your web browser's inspect windows to have a look at your cookies. Check that the default and PHPSESSID cookies values are set to something random. You could also try deleting them and refreshing the page and see what happens to the values.

ADD Creative - Web development and e-commerce development, Milton Keynes or Christchurch, UK
ADD Filtration - HVAC Panel Filters, Bag Filters and HEPA Filters


Active Member

Posts

Joined
Sat Jan 14, 2012 1:02 am

Post by paulfeakins » Tue Sep 12, 2017 9:29 pm

There's another report of the same thing here:
viewtopic.php?f=190&t=187578&sid=fcb4a4 ... fa32023471

And we have seen this happen, but as the OP says, it's very hard to replicate.

For quick, professional OpenCart support please email info@antropy.co.uk


User avatar
Active Member

Posts

Joined
Mon Aug 22, 2011 11:01 pm
Location - Reigate, Surrey, United Kingdom

Post by ADD Creative » Tue Sep 12, 2017 10:52 pm

Interesting that both reports are using PHP 7, although that could be just a coincidence.

Might be worth checking your PHP session settings. There are some recommended values here. http://php.net/manual/en/session.security.ini.php

ADD Creative - Web development and e-commerce development, Milton Keynes or Christchurch, UK
ADD Filtration - HVAC Panel Filters, Bag Filters and HEPA Filters


Active Member

Posts

Joined
Sat Jan 14, 2012 1:02 am

Post by paulfeakins » Tue Sep 12, 2017 10:57 pm

I suspected the issue was Journal, but then the one I've linked to doesn't use Journal.

The case we saw did also use PHP7, but that could be a co-incidence.

For quick, professional OpenCart support please email info@antropy.co.uk


User avatar
Active Member

Posts

Joined
Mon Aug 22, 2011 11:01 pm
Location - Reigate, Surrey, United Kingdom
Who is online

Users browsing this forum: No registered users and 45 guests