After updating to version 5.x-1.7 customers loose their cart items during the payment process. I use logintoboggan to avoid interruption by waiting for opt-in. Immediatly after login e-commerce's cart that was filled before is empty. I come from version 5.x-1.1 and here it works as expected for me. I want to update because of security issues in older versions.
What can I do to to come around this?

Comments

hunmonk’s picture

hunmonk CreditAttribution: hunmonk commented
Project: LoginToboggan » e-Commerce
Version: 5.x-1.7 » 5.x-4.x-dev
Component: Code » ec_cart

LT now uses core's login finalization code, which includes a sess_regenerate() call to avoid session fixation attacks. i'm guessing that you'll experience the same problem even if you disable LT and try it with just core's standard login procedure.

so this is probably something that e-commerce actually needs to deal with.