The Foxy forums are on the move!

We're in the process of moving our forums over to a new system, and so these forums are now read-only.
If you have a question about your store in the meantime, please don't hesitate to reach out to us via email.

Urgent Issue: PHPSESSID_hash_present

trenchardtrenchard Member
in Help edited August 2012
A client site just started throwing this error in the cart when the Checkout button is pushed. I can duplicated it with 0 qty in the cart, but others are getting this error under normal conditions. The site is losing customers now so this is urgent.
  • fc_adamfc_adam FoxyCart Team

    We've replied to the email you sent in - let's continue the discussion there.
  • Thanks. Yes, i see session_start() being called in a module we've introduced and I suspect that is triggering the URL injection for some users. I can't discern any browser, data, or url pattern that triggers it. It looks like our host may be the culprit.

    Is it considered good practice to turn off FoxyCart form validation?

  • fc_adamfc_adam FoxyCart Team
    You don't have to have it on for your cart to work, but if you're concerned about customers possibly playing with your add to cart links or forms within the browser, the HMAC encryption is the best way to secure them.
Sign In or Register to comment.