Steve-Dee-Designs
/
woocommerce
mirror of https://github.com/woocommerce/woocommerce.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Prevent conflict with multiple logged in users 

Previous code would delete the session of previously logged in user in the rare case that multiple users would be logged in on the same browser. Added check to see if there is user account exists with the old_session_key and if not then the old session is from a guest user which can be deleted from database during logging in. Also returned old_session_key as optional parameter to prevent issues.
This commit is contained in:
Tatu 2019-07-12 22:53:01 +03:00 committed by GitHub
parent c52e7bd75a
commit d9254cedb2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
includes/class-wc-session-handler.php
View File

@ -239,7 +239,7 @@ class WC_Session_Handler extends WC_Session {
*
* @param int $old_session_key session ID before user logs in.
*/
public function save_data( $old_session_key ) {
public function save_data( $old_session_key = 0 ) {
// Dirty if something changed - prevents saving nothing new.
if ( $this->_dirty && $this->has_session() ) {
global $wpdb;
@ -256,7 +256,7 @@ class WC_Session_Handler extends WC_Session {
wp_cache_set( $this->get_cache_prefix() . $this->_customer_id, $this->_data, WC_SESSION_CACHE_GROUP, $this->_session_expiration - time() );
$this->_dirty = false;
if ( get_current_user_id() != $old_session_key ) {
if ( get_current_user_id() != $old_session_key && !is_object( get_user_by( 'id', $old_session_key ) ) ) {
$this->delete_session( $old_session_key );
}
}