baltimirc Posted January 19, 2017 Share Posted January 19, 2017 (edited) Hello, Recently I am receiving free orders valued at more than $500. Seeing the details of those orders I see that several non-public coupons have been applied to deduce the 100% of the order value. All those coupons are non-public so I realise someone can access to those codes. Obviously I don't know how. I get this problem in USA orders and also Chile orders, so is not the same person who can be hacked my backoffice. The prestashop version is: 1.6.1.6. Anyone had this problem also? Bernat. Edited January 19, 2017 by baltimirc (see edit history) Link to comment Share on other sites More sharing options...
shokinro Posted January 19, 2017 Share Posted January 19, 2017 Any of those coupons are public so I realise someone can access to those codes. Obviously I don't know how. What do you mean "public"? you mean non-public? If it can be applied to any user, then anyone can use it. it is better to set restrictions and conditions of the coupons. Your coupon code may exposed to public users or spread over by some users you gave. You can also try to re-generate the coupon code at cart rules management page so old code will not be used. Link to comment Share on other sites More sharing options...
baltimirc Posted January 19, 2017 Author Share Posted January 19, 2017 Hello, Some of those coupons are private, never shared... only for internal testing. That's why I can't understand why they aplied and makes me think about a security hole. Link to comment Share on other sites More sharing options...
joseantgv Posted January 19, 2017 Share Posted January 19, 2017 http://forge.prestashop.com/browse/PSCSX-8172 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now