Posting in the Magento forums has been disabled pending the implementation of a new and improved forum solution which should better serve the community.

For new questions please post at, the community-run support site for the Magento community. We will be providing updates on the new forum solution soon. For questions or concerns please email

Magento Forum

New Orders Are Assigned To Existing Customers / Session Hijack Problem (Magento
Jr. Member
Total Posts:  1
Joined:  2012-02-20


I’m having an issue on a client’s Magento store where we are occasionally getting orders assigned to the wrong customer. It appears to happen like so:

1. A customer places an order on the site and registers an account
2. Minutes / hours later, another (completely unrelated) customer places an order as a guest
3. Instead of the guest order being assigned to a new guest account, it gets assigned to the first customer’s account
4. The original registered customer receives the confirmation email intended for the guest customer

Obviously this is a huge data protection issue, not to mention looking incredibly unprofessional.

I’ve done some research and found the following threads on much older versions (1.3) of Magento, however we are running 1.7. Here they are anyway for reference:

I’ve implemented 2 “fixes” so far - the first being a script which aggressively deletes unused session files, and the second being to disable APC on the server (as there seems to be a known issue with Zend and APC and session caching).

However this problem is still occurring.

I can’t enable the session validation settings as the client is using ebizmarts SagePay payment extension which explicitly requires these options to be disabled. I’ve opened a support thread with them but they haven’t been particularly helpful so far:

Is there anything else we can try to alleviate this problem?

Magento Community Magento Community
Magento Community
Magento Community
Jr. Member
Total Posts:  4
Joined:  2012-04-27

We just encountered the same problem. Could you find a solution?

Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
Back to top