Hi all,


Wondered if anyone has come across this problem.

I have been testing out my osC installation and have tried to use the admin front end as much as possible so as not to mess up the database.

I have been adding a few false customers for testing and have placed orders and so forth. It now comes to the time to clean up the back-end, by deleting the false customers, ready for release to the public.

Now that we have gone live, a customer has just informed me that they are able to see someone elses old orders having just created a new account!!
Now this is of great concern.
I immediately went to the back admin and checked the customer and they was right, they did have someone elses order.

By just deleting an old customer is not enough, you also have to search through the database and delete their orders that they had placed so the system doesnt pick it up.

Has anyone else experienced this dangerous flaw?

Is this right osCdox Member? should this be happening??

thanks.