Clearing cookie after checkout by Guest - causes errors

[zusu]

Hi,

After checkout by guest there is cookie cleared (for security reason).

line 84 in OrderConfirmationController.php
self::$cookie->logout();

Then we are losing information about currency, lang etc.

So, it causes errors in other scripts which needs this information ie. block bestsellers.

Effect is that there is no product name, description and price is 0.


I changed line 84:

self::$cookie->myLogout();

There is "safe logout" and only identification information are cleared.
Now it's ok, but security key stays and is it ok for security reasons?

Engine 1.4.0.17 - FINAL


Tom.

[outlet.ee]

I was wondering too why it switched back to the default language after submitting order.

If it is not safe to keep the cookie, why there was no cookie clearing in previous versions then?

It works for me as well now. Would somebody with a programming knowledge like to confirm if this is ok security-wise?

[mouse1]

Thank you so much gyus! Even though you didn't actually solve your problem, you gave me a great hint to sort my problem. I was testing my shop (1.4.0.17) and when I performed a guest checkout I always encountered missing footer and right side CMS panel at the order confirmation page (only there, all other pages were ok). I changed my OrderConfirmationController.php as zusu advised above and it works perfect now. I would also like to know if this can cause some security issues. It seems to be working fine with me. Thanks again!