How Come Our Admin Names Are Still Being Sent To Cs-Cart?

When I log in my admin name is being sent to CS-Cart as part of the updates check.

This means ( to me ) that there could be a repeat of the great hack of late MAY14.

Our admin names were the keys to our doors and whereas we are advised to change them

( post installation ) what’s the point if they end up sitting on someone else’s server.

It’s more than fair to send our license information otherwise one license could

be used over many web sites but our admin name ?

Somebody please tell me that I am wrong.

​( preferably someone from CS-Cart support )


Still waiting for ( hopefully ) CS-Cart to confirm that our renamed admin.php is not being 'stored'.

Hope you are a patient man…

Given the usual CS.Cart support forum visit cycle, I expect a response around 3rd November…fingers crossed.

I hope all is well with you tbirnseth.

Why don’t you just send them a direct message? They will only charge you 5-10 credits. :grin:

Yes, like during the big hack episode when I was asking about things related to it.

Oh well.

Termalert which version are you using?


I don't have any plans to move until they drag me screaming off my legacy server.

Have just had no luck with a diy upgrade to 4x. God love the people here but

no one could get me through it and CS-Cart's personal instruction set suffered

from presupposed knowledge and translation.

Besides, I prefer Statistics to Google Analytics coz I can't get GA running…lol

Amazing 10+ days later and the CS Cart owners/or staff have not made a response…

I understand your upgrade feelings I am still on 2.24 so actually you are far more advanced than I am…


If 2.2.4 has all you need then why bother upgrading. The only problem I have

and so will you is that a lot of servers won't be running older versions of php

into the future. 3.0.6 just won't run on php 5.4 so I am sitting on what they call

a legacy machine.

I rather feel that termalert's question deserved an answer from the CS Cart team.

Did you contact them directly? What was the outcome?

6 months and not a peep from the boys…lol

[quote name='termalert' timestamp='1432954128' post='216388']

6 months and not a peep from the boys…lol


Here, let me show you my shocked face

Just checked my logs this morning and my 'supposed' secret admin name is STILL being sent to CS-Cart.

The license number fair enough but WHY our admin name ?


Nice website you have there remoteone.

You might want to disentangle the link in your profile.

The two separate website addresses have merged into one.


Guess what. Our admin names are still being sent to CS-Cart.

What is the point of us changing our admin name and keeping it secret

when it's still being sent to the same mob that was hacked and caused a security


Termalert how do we check if our admin names are still beings sent?

If you look at logs via your store admin, you will see a large entry at the time you logged in.

You will see your admin name in there.

Your cart will send this block of info, I guess, to let CS-Cart know that your license number

is only being used on one server ( if you only have a single store license ).

There are also blocks of info sent if you are using the TWIGMO trial.

[quote name='Traveler' timestamp='1434015011' post='218363']

Termalert how do we check if our admin names are still beings sent?


Please try to check in Administration → Logs → Requests