How is this even possible?!

Hey all

I have the scenario where by i have an anonymous checkout on a shop, but
somtimes i tihnk if there are concurrent users (lets say users A and
B), user A gets there results they would expect on the review page, but
user B gets user A’s details?!?!

How can this even be happening as in the controller code im using the
session[:order_id] to identify shopping baskets and the like. I have
just moved to AR sessions from PStore, is there some issue with AR
sessions comparitivly to PStore?

Is the @your_order var somhow becomming populated with somone elses
details before the view is rendered? i really cant see how this is
happening. Any help would be a godsend!!!

The code in my controller…

def review
begin
@your_order = Order.find(session[:order_id])
@contents = @your_order.items
rescue
flash[:notice] = ‘Unfortunatly all the data required to enable you
to checkout was unobtainable.’
redirect_to(’/store/basket’)
end
if @your_order
@subtotal = @your_order.item_total(session[:currency].to_i)
@billing_address =
CustomerAddress.find(@your_order.order_billing_address)
if @your_order.seperate_shipping_address == true
@delivery_address =
CustomerAddress.find(@your_order.order_shipping_address)
else
@delivery_address = @billing_address
end
end
end

Tim P. wrote:

I have the scenario where by i have an anonymous checkout on a shop, but
somtimes i tihnk if there are concurrent users (lets say users A and
B), user A gets there results they would expect on the review page, but
user B gets user A’s details?!?!

How can this even be happening as in the controller code im using the
session[:order_id] to identify shopping baskets and the like. I have
just moved to AR sessions from PStore, is there some issue with AR
sessions comparitivly to PStore?

Can you post the code that creates the Basket object in the first place
and assigns its ID to the session variable? Maybe there’s something in
there.

Chris

Hi!

On Nov 9, 2006, at 1:59 AM, Tim P. wrote:

Hey all

I have the scenario where by i have an anonymous checkout on a
shop, but
somtimes i tihnk if there are concurrent users (lets say users A and
B), user A gets there results they would expect on the review page,
but
user B gets user A’s details?!?!

How are you testing this fact? Are you just opening two browser

windows on your own computer and logging into two accounts? If so
then that is your problem right there. The twop sessions would step
on each other. If this isn’t the case then ignore what i said.

Cheers-
– Ezra Z.
– Lead Rails Evangelist
[email protected]
– Engine Y., Serious Rails Hosting
– (866) 518-YARD (9273)

if your session is defined globally then you may get this problem

Hey guys

Thanks for your replys. Its not that, its like it might get populated
with someone elses data tottaly, that was nothing to do with me!

Ive tracked the problem and i think its somthing to do with the session
not carrying the order_id in the session correctly. or for some reason
its bombing out.

I’ll keep diggin to see what i can find

Cheers

Tim

Bala Murugan wrote:

if your session is defined globally then you may get this problem

When you say globally what particularly do you mean?

Cheers

Tim

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs