Posted by tumblingmug on May 14, 2010 at 8:47am
Jump to:
| Project: | e-Commerce |
| Version: | 5.x-4.x-dev |
| Component: | ec_cart |
| Category: | bug report |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Issue Summary
After updating to version 5.x-1.7 customers loose their cart items during the payment process. I use logintoboggan to avoid interruption by waiting for opt-in. Immediatly after login e-commerce's cart that was filled before is empty. I come from version 5.x-1.1 and here it works as expected for me. I want to update because of security issues in older versions.
What can I do to to come around this?
Comments
#1
LT now uses core's login finalization code, which includes a
sess_regenerate()call to avoid session fixation attacks. i'm guessing that you'll experience the same problem even if you disable LT and try it with just core's standard login procedure.so this is probably something that e-commerce actually needs to deal with.