Hello,
I'm building a webshop with Products in combination with Orders.
Maybe i'm wrong but i think theres a mayer privacy bug in it.
When you're past the first page where you fill in your name and
adres. The link in your browser becomes like this:
?mact=Orders,cntnt01,confirm,0&cntnt01returnid=26&cntnt01order_id=4
When i change the last var: order_id to a lower number, i can read the name
an adres from costumers who ordered something before i did! Also
all the stuff that there buyed.
Is this true, or am i doing something wrong?
Many thanx, Job.
Major privacy bug in Orders?
Re: Major privacy bug in Orders?
Hi Job,
I couldn't duplicate this bug.
I'm either returned to the billing information forms pre-checkout, or I get the follwing message:
"A problem occurred when trying to retrieve pertinent information from the database. Perhapss you have waited too long to complete the order process. You should try starting the checkout process again."
Which is the session timeout I think.
Are you sure it's not due the session still being active with your current FEU account?
Are you using the most up to date versions of the modules?
Perhaps try using a different browser and repeating your steps?
Regards,
M
I couldn't duplicate this bug.
I'm either returned to the billing information forms pre-checkout, or I get the follwing message:
"A problem occurred when trying to retrieve pertinent information from the database. Perhapss you have waited too long to complete the order process. You should try starting the checkout process again."
Which is the session timeout I think.
Are you sure it's not due the session still being active with your current FEU account?
Are you using the most up to date versions of the modules?
Perhaps try using a different browser and repeating your steps?
Regards,
M
