Urgent Issue: PHPSESSID_hash_present

trenchardtrenchard Member
in Help edited August 2012
A client site just started throwing this error in the cart when the Checkout button is pushed. I can duplicated it with 0 qty in the cart, but others are getting this error under normal conditions. The site is losing customers now so this is urgent.
Tagged:
Comments
  • fc_adamfc_adam FoxyCart Team
    @trenchard,

    We've replied to the email you sent in - let's continue the discussion there.
  • Thanks. Yes, i see session_start() being called in a module we've introduced and I suspect that is triggering the URL injection for some users. I can't discern any browser, data, or url pattern that triggers it. It looks like our host may be the culprit.

    Is it considered good practice to turn off FoxyCart form validation?

    Mark
  • fc_adamfc_adam FoxyCart Team
    You don't have to have it on for your cart to work, but if you're concerned about customers possibly playing with your add to cart links or forms within the browser, the HMAC encryption is the best way to secure them.
Sign In or Register to comment.