Hi, I recently discovered there was a major bug in the create order in the 'Order' application. To reproduce the buy, please do as following:
Login to the admin side and select 2 different party in the 'party' application in 2 different browser windows and proceed to create a order for, say party A, in window A. Now when you are in the last screen to confirm/create order, just stop there and do not press the submit button. Now, in window 2, for party B, proceed just aas above and stop in the last page before submitting the order. Now, select the window 1 and press the submit order button for party A. This should have create a order for party A, with the items contained in shopping cart of party A, but you will probably see that the shipping address associate with the order is that of party B. In substance, if one tries to create orders simultaneoulsy in the 'order' application, ofbiz may throw un-expected results. And this is not just a bug, but a huge security issue too. Please do let me know if it happens for others too, in which case i will open a JIRA issue for the same. Thanks, Rohit -- View this message in context: http://www.nabble.com/Major-Bug-in-create-order-in-%22order%22-application-tp21911192p21911192.html Sent from the OFBiz - Dev mailing list archive at Nabble.com.
