View Issue Details

IDProjectCategoryView StatusLast Update
0001441OXID eShop (all versions)1.05. Userspublic2009-11-13 10:50
Reporterandreas_bobek 
PrioritynormalSeveritymajorReproducibilityalways
Status closedResolutionwon't fix 
Product Version4.1.5 revision 21618 
Target VersionFixed in Version 
Summary0001441: User and history data are deleted if he orders two times without registering
DescriptionSteps for reproduction:
(1) User submits an order without registering in the checkout process.
(2) In admin make remarks in his history.
(3) Place a second order with the same user data.
(4) A new user will be created in the database, the first one will be deleted incl. his history (oxremarks).


TagsNo tags attached.
Theme
BrowserAll
PHP Version5.2.6
Database Version5.0.33

Relationships

has duplicate 0003091 closeddainius.bigelis user without registration loses all assigned usergroups if he orders a second time 
has duplicate 0005741 acknowledged Save oxcustnr in oxorder 
related to 0002701 resolvedmindaugas.rimgaila Same voucher can be used several times if user comes to shop "without registration" 

Activities

dainius.bigelis

2009-11-09 10:51

reporter   ~0002016

Reminder sent to: andreas_bobek

Hi,

Such behavior is planned because security reasons. Otherwise some information from such user accounts can be leaked in some special cases.

Best regards,
Dainius Bigelis

andreas_bobek

2009-11-10 10:10

reporter   ~0002021

Hi,

sorry, but deleting *our* data (remarks that we input for our customers in the admin) is not a solution for a security problem: It's a very bad workaround at best. We are loosing user data (our remarks for that user) regularly and that's bad for our business. Please provide a solution for this problem.

Regards,
Andreas.

dainius.bigelis

2009-11-11 16:11

reporter   ~0002042

Last edited: 2009-11-11 16:14

Reminder sent to: andreas_bobek

Discussion about best solution for this case started in OXID dev-general forums. As soon the better solution will be offered for solving this issue, we'll consider it for implementation.
Thread in dev-general forum about this topic:
http://article.gmane.org/gmane.comp.php.oxid.general/299

Best regards,

dainius.bigelis

2009-11-13 10:50

reporter   ~0002067

Reminder sent to: andreas_bobek

Hi,

Discussion in dev-general forum got some other point of view:
can we keep information about "unregistered" users in DB at all. So we will investigate this case, and when we'll have answers to this topic - it would be clear how to handle remarks inserted for users.
So this entry is closed here.

Best regards,