search

osCommerce / oscommerce2

osCommerce Online Merchant v2.x
http://www.oscommerce.com
MIT License
281 stars 222 forks source link

Missing Session name #641

Open Gergely opened 5 years ago

Gergely commented 5 years ago

https://github.com/osCommerce/oscommerce2/blob/de0e97d15d43ac6a9a6cfb2847134a82a0148f2b/catalog/includes/OSC/Sites/Admin/Admin.php#L64

case A:

  1. Open a browser
  2. jump in shop side
  3. open a new browser tab
  4. jump into admin side
  5. work paralell with both side in the same browser ISSUE: admin side will use the same session id as store and after every shop activity will be destroy active login on admin site.

case B:

  1. Open a browser
  2. jump into admin side
  3. open a new browser tab
  4. jump into shop side
  5. work paralell with both side in the same browser No session mixing