Hi,

I'm concerned about a couple of reports of corrupted orders I have received during the last week. The first customer reported that after placing two items in their shopping cart the checkout page showed a long list of items totalling over £31000. I checked this order myself by logging into their account and some of the items in the cart had text entry options which were filled with spam type text and links. Today another customer reported that their shopping cart showed someone else's order for over £2000 and they had to log out and start again in order to complete their order. I'm not sure if these two issues are connected but I am concerned in case this is some kind of virus or hacking attempt. I am running the latest version 6.8.5. Any advice?

Richard.

My first thought is re-upload all your files in case you were hacked. This will overwrite any hacks in the files.

Marshall
CENLYT Productions - ms designs
Affordable Web Design
Custom Ecommerce Designs
Responsive Websites
Cenlyt.com

Hi Richard

It may be a sessions problem but are both these orders from logged in customers? It sounds like they are. Just to check session details, can you copy and paste there the first 6 or 7 lines you have on cart.php?

Andy

Please feel free to review / rate our software

Hi,

I believe that both customers were logged in.

First lines of cart.php are as follows..

<?php
session_cache_limiter('none');
session_start();
ob_start();
include "vsadmin/db_conn_open.php";
include "vsadmin/inc/languagefile.php";
include "vsadmin/includes.php";
include "vsadmin/inc/incfunctions.php";
?>
-----------------------


Thanks,

Richard.

Hi Richard,
Have you had any new customer accounts created recently that look suspicious?

I could check the cart table by client ID and see if it relates at all to the account you may consider suspicious.



* Database Migrations and Conversions*
* ASP to PHP Cart Conversions*
*Contact Us*
*Buy The PHP Capture Card Plugin*
*Rate Our Services/View Our Feedback*

Hi,

Thanks for suggestions. I checked the recent logins from the last few weeks and couldn't see anything suspicious looking. I did also have a look at the database cart / cartoptions fields and noticed that there are quite a lot of entries from products where the text entry options have been filled with spam text and links. This is similar to what I saw on the first corrupted order mentioned earlier so I suspect this could be the cause of the problems. Is there any way to prevent this type of activity or to ensure that it doesn't cause problems on the site?

Richard.

Hi Richard, I'll be escalating this to the developer to followup with you.

Winners never quit, quitters never win
CSS and Responsive Designs
User Manual for Ecommerce Templates

Hi,

Following on from the issue reported previously, another customer has just contacted me today saying they set up an account when trying to place an order and the checkout page showed another customers details - all they could remember was that it was Andrew something from Australia. This is the third report now within a couple of weeks so I suspect other customers may have experienced the same but not reported it so I am quite concerned and would like to resolve this. I was checking customer accounts on the Client Login page and noticed a message - There are countries in the client login table that do not now exist. These need to be mapped to actual countries - I don't know if this has anything to do with the issue or how to correct this.

Richard.

Hi Richard

It sounds like there may be a problem with the sessions, that's why I asked earlier about the code at the top of the pages, and that looks fine to me as long as there are no spaces before / after those lines of code. Have you been in contact with your host, could you ask them to check the sessions on the server and explain why you think there may be a problem?

Andy

Please feel free to review / rate our software

Trying to resolve this issue I just noticed that when logged in on the checkout page the message 'Duplicate entry '2147483647' for key 'PRIMARY'
' appears just before the checkout button. This only appears when logged in using Firefox. It doesn't appear in Chrome. Any idea what this means or why it is there?

Richard.

I'm not sure what that would suggest but I will ask for you.

Andy

Please feel free to review / rate our software

Hi Richard
From that errors that you are getting it looks like the database may have been corrupted in some way. If you want us to look into it then we do have a database health check service here...
https://www.ecommercetemplates.com/Database-Health-Check

Vince

Click Here for Shopping Cart Software
Click Here to sign up for our newsletter
Click Here for the latest updater