Announcement

Collapse
No announcement yet.

Something very strange is going on here...

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Something very strange is going on here...

    Hi all,

    I am planning to integrate 3D Cart into my existing website and something very strange happened. I launched my updated website with the "Order Now" buttons that link to my 3D Cart then had my father test it (he lives 900 miles away, just to illustrate the weirdness of what happened)...

    Before launching the new site that links to 3D Cart, I was in my 3D cart admin, hit "View Store" and was testing it to make sure that shipping to Hawaii, Puerto Rico, etc. was calculating correctly and I left it as my address in Honolulu, HI (I live in New Jersey) and closed out.

    When my father, who again lives 900 miles away in Georgia, tested the cart on his computer, it showed him all of the information that I had entered when I was testing the cart an hour ago or so. His cart had all of my information including my email, and even my address as "Honolulu, HI"!

    I have NO idea how this happened and it freaked me out so I quickly republished the old site that links to our current GoDaddy cart until I can figure out what happened here.

    Any ideas on what happened? One thing that I wasn't sure about was that in the new website that was published (not the actual shopping cart) that links to 3D Cart, I added a picture of a shopping cart with a "View Cart" link underneath and linked it to MYDOMAINNAME.3dcartstores.com/view_cart.asp, assuming that this was a generic link that would call upon a cookie placed in a customer's computer that stores only THEIR information, not anyone else who was previously in the cart....forgive my ignorance, I have no idea what things like ".asp" are...I'm the definition of amateur :)

    Thanks in advance for any ideas, and I'm also going to open a support ticket or call 3D Cart on Monday but was hoping someone would have an idea before then.

    -James


    EDIT: I just re-tested this on my fiancees computer (in the same home as I) and it did not have this same problem. The information on her computer showed blank for all fields (did not show any of the information that I had entered)...I am so confused! One thing that I also thought of is that I have sent my father links to check out the shopping cart a few weeks back, is it possible that it somehow captured and now shares, anything that I enter on my own computer?????
    Last edited by JR123; 11-29-2009, 03:32 PM.

  • #2
    This is very troubling indeed if customers can see chached information from a previous customer.
    Then again, it is also curious why there is a need for "if you are not named customer, click here" which logs you out of an account. Why the need?

    But, my guess is if you used the view order for an uncompleted order by your father, you would then have the same cookie as your father. When you view an order, you are actually viewing the customers order. When you view the store again, you are viewing it under the last account you viewed. It is odd indeed.
    Last edited by Mark; 11-29-2009, 04:05 PM.

    Comment


    • #3
      Hi Mark,

      I wasn't trying to alarm any other 3D Cart users, it was likely an isolated incident and/or something that I myself did incorrectly or unintentionally that caused this incident. Part of the problem undoubtedly lies in the fact that I am an extreme novice when it comes to web design and applications, including things like 3D Cart (and it shouldn't go without saying that you've been very helpful to me in the past, and much appreciated!).

      Perhaps it happened because I sent a link to my father by copying and pasting what showed in my broswer bar a while back and it just tracked whatever moves I made thereafter...then again, I have no idea if this is even a feasible rationale. I had never sent the link to my fiancee and she did not have such information in the cart when I tested on her laptop.

      I was just caught off guard and didn't know if anyone else had ever seen or heard about something like that happening...

      Thanks,
      -James

      Comment


      • #4
        account info

        I have also experienced the same problem. I had created a test account using my husband's info. I then two weeks later had a customer abandon a shopping cart that had all my husband's contact info in it! I deleted her shopping cart and hoped she didn't notice. Any suggestions of what has happened?

        Comment


        • #5
          Please check on this to find out if it is a security issue.

          Comment


          • #6
            The times I've seen this happening its because there are a few functions on the 3dCart admin that let you log in as a customer. Once you are logged in, you will stay logged in until you log out. You will see the store just like they are seeing it on their side, with their price level, their information, items on their cart, etc. (The main purpose of this feature is to be able to finish an order on behalf of your client, help him/her shop, etc.)

            So you could for example look at an incomplete order from a visitor, and open order button, which takes you to the store and logs you in as them. If you forget about this and start a new order for yourself, and check out, you could overwrite their login info with yours. When they log in, they will see your info.

            A simple way of making sure you are always logged off, is to visit

            http://www.yourstore.com/logout.asp

            that should log you off. If you are logged off, and you see someone else's info, then you want to submit a ticket so we can take a closer look.
            ----------------------------
            Gonzalo Gil
            3dCart Support
            800-828-6650 x111

            Comment

            Working...
            X