Hello Friends,
Can anyone tell me what is the reason for including clear text database username, name and password in the cart object?
(along with the logged in user's salted password)
using VirtueMart 3.6.10 10211
test: print_r($this->cart);
for example at the end of /web/components/com_virtuemart/views/cart/tmpl/default_pricelist.php
Thank you,
It is in the db object. You do a debug output.
@fmarton
This is not the user password, but the DB password.
Like I said, it is the database name, database username and database password,
Additionally, there is also the user's name, e-mail address and salted password there, please see attachment.
I know I'm debugging. But that's not an answer to why it should be in the cart. :)
It would be nice to know if there is a good reason for that.
Thank you all!
If you get Joomla user, you get the password in all cases, not only in Virtuemart.
The password is encoded.
If you mean that this is a problem, then check with Joomla team. Virtuemart only use Joomla user, it not set it.