Yes I can understand that it's unbelievable. If you want to experience it you can make me a favor.
Website link to a product: http://www.mompala.it/prodotti?product_id=37 You can login: User: [email protected] Password: pofmario And it works. If you add this string after the URL: &utm_source=emailcampaign6&utm_medium=phpList&utm_content=HTMLemail&utm_campaign=Newsletter+dell%27Azienda+Agricola+Mompal%C3%A0+-+01+-+Offerta+del+Mese+-+Composta+di+Pesche and try again to login, nothings happen, and all session vars are unavailable. Complete link: http://www.mompala.it/prodotti?product_id=37&utm_source=emailcampaign6&utm_medium=phpList&utm_content=HTMLemail&utm_campaign=Newsletter+dell%27Azienda+Agricola+Mompal%C3%A0+-+01+-+Offerta+del+Mese+-+Composta+di+Pesche A crazy thing is that adding the same string to another application there is the same problem. If you want to order some organic products do it!! Il giorno mercoledì 28 ottobre 2015 22:05:57 UTC+1, Niphlod ha scritto: > > halt. > > Given you "receiver controller" being > def index(): > session.testmycart = 1 > return dict(s=session) > > > Only two things can happen if no login is required: > > a) either a user is coming back to the site (and the session isn't yet > expired) and he gets > > s = {'testmycart' : 1, 'previous_session_related_values' : 'bar'} > > b) he is coming back with an expired session (the same thing happens if he > was never on the site) and he gets > > s = {'testmycart' : 1} > > > This will DEFINITELY happen in the same way if the user goes to > http://host/a/c/f or > http://host/a/c/f?utm_source=campaing&utm_campaign=baz > > > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
