WebGUI - Shipping address saved in my profile from another user - Content Management System Website - CMS - Open Source Content Management System Website - Website System - Content Management System (CMS) | Open Source Content Management Software | Application Framework | WebGUI - Content Management System Website | CMS | WebGUI | Open Source Content Management System Website

learn Install use design develop admin promote

community support
wiki
forums
report a bug
request features
get karma
calendar
bazaar
webgui tv
stats
roadmap
book

View All Tickets

Shipping address saved in my profile from another user (#3967)

Issue

I went through the checkout process as another user (I have an admin account). Then when I was going back through the checkout screen as myself I had their shipping information as the Shipping Address. I could change it of course, but I'm not sure why I would have their shipping info in my cart checkout.

Solution Summary

Comments

colink 7/21/2008 11:56 am	Shipping addresses, among other things, is tied to a sessionId. This is stored on a cookie in your browser. If you log in as a different user, using the same browser, then information from the last time you logged in (not matter as who) will be used. Closing as not a bug, but really, really confusing for users and developers.
susanb 7/21/2008 12:30 pm	To my mind, this is a security bug. Think of a shared computing environment (e.g. Library, or school computer lab) . There should at least be an opt-in choice to save that information to the cookie. One thing I know is that users do not close their browser windows when they get up from a general use computer( my office is in a University Library). --Susan On Jul 21, 2008, at 9:56 AM, wrote: > > colink has posted to one of your subscriptions > http://www.plainblack.com/bugs/tracker/shipping-address-saved-in-my-profile-from-another-user/1 > Shipping addresses, among other things, is tied to a sessionId. > This is stored on a cookie in your browser. > > If you log in as a different user, using the same browser, then > information from the last time you logged in (not matter as who) > will be used. > > Closing as not a bug, but really, really confusing for users and > developers. > > > > Unsubscribe > > > > -- > > Plain Black, makers of WebGUI > http://plainblack.com
perlmonkey2 7/21/2008 12:35 pm	Was this done from the same browser and same machine? I can't replicate from two seperate browsers.
Vrby 7/21/2008 1:37 pm	Per Perlmonkey's request... same browser same machine.
perlmonkey2 8/4/2008 3:54 pm	Closed per the boss as this is how authent works for now.

Details

Ticket Status	Closed
Rating
Submitted By	Vrby
Date Submitted	2008-07-21
Assigned To	unassigned
Date Assigned	2009-07-04
Assigned By
Severity	Minor (annoying, but not harmful)
What's the bug in?	WebGUI Beta
WebGUI / WRE Version	7.5.17
URL	bugs/tracker/shipping-address-saved-in-my-profile-from-another-user

Keywords

Ticket History

about us privacy