-- HikaShop version -- : 2.6.4
-- Joomla version -- : 3.6.4
-- PHP version -- : 5.6.25
-- Browser(s) name and version -- : Any
I have this situation:
User 1 is logged in Chrome with a cart with 5 products.
User 2 is logged in Safari with no cart.
In the two browsers I have cleared all browser caches, cookies, etc.
Now:
1. I access the cart through the user control panel.
I get the cart both in the content area and in a cart module.
Then I copy the URL of this browser session.
2. I paste the User 1 URL in Safari where user 2 is logged.
3. In Safari I see a message informing I can't view the information,
But in the Hikashop Cart Module now I can see the cart items of User 1.
Then, if I press checkout the content area also adquires the cart items of User 1.
And I can proceed to pay them.
–––––
This makes me thing anyone guessing cart URLS with try and retry ids can view carts from anonyomus clients.
Am I wrong?
Is there something I forgot to setup?
–––––
-- Víctor
HIKASHOP ESSENTIAL 60€The basic version. With the main features for a little shop.
HIKAMARKETAdd-on Create a multivendor platform. Enable many vendors on your website.
HIKASERIALAdd-on Sale e-tickets, vouchers, gift certificates, serial numbers and more!
MARKETPLACEPlugins, modules and other kinds of integrations for HikaShop
