Hello, i have set up category memberships, so only certain users can see a product category. but if your signed in as a user without that membership (you cant see the category listed on the main page, but), you can still access that category by just changing the number in the address bar - cart.php?target=category&category_id=3. by changing the id=3 to id=2 you can access it with the wrong account. am i doing something wrong?
Hello, i have set up category memberships, so only certain users can see a product category. but if your signed in as a user without that membership (you cant see the category listed on the main page, but), you can still access that category by just changing the number in the address bar - cart.php?target=category&category_id=3. by changing the id=3 to id=2 you can access it with the wrong account. am i doing something wrong?