View Issue Details

IDProjectCategoryView StatusLast Update
0006268OXID eShop (all versions)1.03. Basket, checkout processpublic2015-11-26 16:22
Reportermichael_keiluweit Assigned To 
Status closedResolutionduplicate 
Product Version4.9.6 / 5.2.6 
Summary0006268: Basket of last user is recoverable if the browser session hasn't changed
DescriptionCurrently the shop stores the basket content in the browser session (besides the db).
If a customer put something in the basket and logging out without purchasing it, the basket will stay, until the browser session is closed.
But if another user makes a login, with the same browser session, he gets the basket from user 1.
Steps To Reproduce1. create 2 accounts
2. login with user 1
3. put something in the basket
4. logout
5. login with user 2
6. have a look at the basket, you have the item from user 1 in it
Additional InformationA workaround is possible by overloading the method oxcmp_user::_afterLogout by adding the line $this->getSession()->delBasket();
So the basket will be deleted from the browser session after a logout, but stays in the database, therefore it is recoverable for the user who created it)
TagsNo tags attached.
ThemeNot defined
BrowserNot defined
PHP VersionNot defined
Database VersionNot defined


duplicate of 0005771 resolvedHR Previous users cart details are shown to another user 



2015-11-23 11:40

reporter   ~0011314

Maybe this is a duplicate of 0005771?


2015-11-24 09:38

administrator   ~0011319

As Martin mentioned, sound like a duplicate of 0005771?


2015-11-26 16:22

reporter   ~0011337

See 0005771