Cart Clearing on Invalid Login

I’m not sure if this is how CS-Cart is SUPPOSE to work on version 2.0.15. If you are not logged in and add stuff to your cart. Then you try to login and enter and invalid username or password. You get the login error message and then the contents of the cart are cleared! Not good.

I need to remove the code for the invalid login message that is clearing the cart/cookie. Anyone confirm this is an issue on this version and how to resolve it?

Works OK on 2.12

You sure. We have the fix for it.

httpdocs/controllers/customer/checkout.php line 26 - 30 commented out

/code commented out to prevent the shopping from being cleared if customer enters bad login after adding items into shopping cart.

Cart is empty, create it

if (empty($_SESSION[‘cart’])) {



Correction, that isn’t the spot that necessarily clears the cart on an invalid login. We had to comment out line 132 in controllers/common/auth.php

// $auth = array();

What it looks like is if you enter an invalid login, in 2.0.15 when it resets the $auth array, a side effect is that it also resets the cart session variable and effectively clears the cart. I can’t think of any serious side effects of commenting this out. I think all it means is if the machine was already logged in, and then you tried to login under a different account and entered an invalid login, it won’t reset the authentication values and log you out. Which is fine by me.

just tried, keeps the items in the cart


Maybe it is something introduced after 2.0.12?

[quote name=‘Consultant’]Maybe it is something introduced after 2.0.12?[/QUOTE]

Could have been but it does work correctly in 2.1.2 as well.

I don’t know. We are on 2.0 branch, not 2.1. I’d be curious to see what the developers say about this.

Note that $_SESSION[‘auth’] is empty for annonymous users or users who have not logged in yet.