<div dir="ltr">Then the easiest thing to do is to use your own id set $_SESSION['ecommerce_cart_id'].<br><br>-Neil<br><br><div class="gmail_quote">On Fri, Jul 25, 2008 at 5:46 PM, mark burdett <<a href="mailto:mfburdett@gmail.com">mfburdett@gmail.com</a>> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">To clarify, the issue I wrote about isn't related to $_SESSION, it's<br>
modules that store data in a separate table with session id as the key<br>
(as e-commerce does). It seems this may be a flawed data model unless<br>
there is some means for modules to respond to regenerated session ids.<br>
<font color="#888888"><br>
--mark<br>
</font><div class="Ih2E3d"><br>
On Fri, Jul 25, 2008 at 5:09 PM, mark burdett <<a href="mailto:mfburdett@gmail.com">mfburdett@gmail.com</a>> wrote:<br>
</div><div><div></div><div class="Wj3C7c">> I'd also like to know the proper technique for moving session data<br>
> from anonymous to logged in user.<br>
><br>
> This diff <a href="http://cvs.drupal.org/viewvc.py/drupal/drupal/modules/user/user.module?r1=1.745.2.30&r2=1.745.2.31&pathrev=DRUPAL-5" target="_blank">http://cvs.drupal.org/viewvc.py/drupal/drupal/modules/user/user.module?r1=1.745.2.30&r2=1.745.2.31&pathrev=DRUPAL-5</a><br>
> shows how the session is now regenerated after a successful login and<br>
> before the login hook is invoked. This change breaks the ability to<br>
> login and keep the contents of your shopping cart in drupal e-commerce<br>
> 5-3, for example. Maybe pre-login and post-login hooks are needed?<br>
><br>
> --mark<br>
><br>
> On Wed, Jul 23, 2008 at 7:08 AM, Alan Dixon <<a href="mailto:alan.g.dixon@gmail.com">alan.g.dixon@gmail.com</a>> wrote:<br>
>> i'm wondering if your statement:<br>
>><br>
>> "the login event regenerates the session"<br>
>><br>
>> is completely true.<br>
>><br>
>> I don't believe that the php session cookie changes, and I don't see<br>
>> anywhere (or why) drupal would completely remove all $_SESSION info on<br>
>> login.<br>
>><br>
>> I think what does happen is that Drupal's private session stuff as<br>
>> stored in the session table gets cleared out (primarily the user<br>
>> object that gets cached, i'm not sure what else), but you don't need<br>
>> to worry about that do you?<br>
>><br>
>> Put all your pre-login stuff into $_SESSION and then it should still<br>
>> be there after login, I think.<br>
>><br>
>> - Alan<br>
>><br>
>> On Mon, Jul 14, 2008 at 1:37 PM, Joe Murray<br>
>> <<a href="mailto:joe.murray@jmaconsulting.biz">joe.murray@jmaconsulting.biz</a>> wrote:<br>
>>> I have a use case where anonymous users can do a bunch of work, and then at<br>
>>> the end request to save it, which requires logging in (and possibly also<br>
>>> creating an account). The login event regenerates the session, and so far as<br>
>>> I know 5.x does not provide a hook that can be used to copy info from the<br>
>>> old session into the new so that it can be saved in a way that is associated<br>
>>> with the correct uid. I suppose such a hook so would open up lots of<br>
>>> security issues. Still, this is the second time I've confronted this sort of<br>
>>> an issue, and I don't know the correct design pattern to handle it in<br>
>>> Drupal. Comments and suggestions welcome.<br>
>>><br>
>>><br>
>>><br>
>>> Cheers,<br>
>>><br>
>>><br>
>>><br>
>>> Joe Murray, PhD<br>
>>><br>
>>> President, JMA Consulting<br>
>>><br>
>>> @ The Centre for Social Innovation<br>
>>><br>
>>> 215 Spadina Ave, Suite 400, Toronto, Ontario, Canada M5T 2C7<br>
>>><br>
>>> 416.466.1281, (416) 644-0116 (f)<br>
>>><br>
>>> <a href="mailto:joe.murray@jmaconsulting.biz">joe.murray@jmaconsulting.biz</a><br>
>>><br>
>>> Skype: josephpmurray<br>
>>><br>
>>><br>
>><br>
>><br>
>><br>
>> --<br>
>> Alan Dixon, Web Developer<br>
>> <a href="http://alan.g.dixon.googlepages.com/" target="_blank">http://alan.g.dixon.googlepages.com/</a><br>
>><br>
><br>
</div></div></blockquote></div><br></div>