[ic] Logout question

[Sippo Laisaari]

I am building a Finnish web shop, and when done, I contribute the
admin translation to you. (there is a lot of stuff, and might take some time)

Some questions have popped up though - and did not find it from any
documentation.

How to invalidate user session when user presses logout button?
Now it nicely tels that user has logged out, but still all user
information is still there and can be modified pressing Services button.

Also a session must be invalidated after non registered user checkout.
Now the Service button allows to modify the dummy profile. The point is:
Client has no idea whate the dummy userid / password is, but still
the information is there after checkout.

This is also a security matter, you can shop using a public terminal and
after you the next user can see all you stuff if he/she is clever enough
and also could order some extra stuff to you :-(


regards, Sippo Laisaari