[ic] MAGJOR New Account BUG!!!

Mike Heins mikeh@minivend.com
Mon, 30 Oct 2000 14:26:24 -0500


Quoting Chris Jesseman (chris@sitemajic.net):
> Eric,
> 
> The first time I tried the New Account the process was correct, however, when
> I tried to create a 2nd account, I became Ross Cosby... When I tried to
> update my pref's it 'welcome ross' but 'you're not logged in' 
> 
> I can't reproduce it on http://demo.akopia.com/cgi-bin/iccvsrw
> 
> Also, I can't reproduce it on a test default copy of V4.5.6 that I had lying
> around...  What version of IC are you using? your system setup? If you
> install a new construct catalog on the same server does it still cause this
> problem?  -Chris Jesseman
> 
> Go to www.webuildpcs.com or try on your own ic site.  I would try on ours
> becasue we know the problem is here.
> 
> >From the first page, click on the log in button on the top of the site, 
> then click on new account button, then the last person who created an account
> has their info in the fields.  After you screw around for a while on the
> site, or go in with something in your basket - this does not always appear.
> 

This would normally only happen if you have the following sequence of 
events:

    1.  Hard-link to your site that includes a session number (i.e. an
        affiliate clipping and pasting or a sloppy web-page view-source
        edit)

    2.  "WideOpen Yes" in catalog.cfg

    3.  SessionExpire not reached

The answer to the problem is to correct 1 or 2. WideOpen is usually
only needed when you have a split secure/non-secure URL, which is never
recommended. If your catalog requires the user to use cookies then you 
don't need WideOpen when the cookie is valid for both your secure and
non-secure domain.

-- 
Akopia, Inc., 131 Willow Lane, Floor 2, Oxford, OH  45056
phone +1.513.523.7621 fax 7501 <heins@akopia.com>

If you like what you're gettin', keep doin' what you're doin'. -- Hector