Hi, Minor issue - if ‘Force Cookies Use’ is set to true in admin>configuration>sessions it causes a PHP error in the new PayPal App module ext/modules/payment/paypal/standard_ipn.php.
A statement near the end of the module - tep_session_destroy(); returns an error “Trying to destroy uninitialized session“.
A possible reason for this may be because when ‘Force Cookies Use’ is true, a session isn’t actually started until the second pass through application_top.php (a cookie is set in the first pass, when its presence confirmed in subsequent passes a session is started (I think????)).
The error is probably of no great consequence, however, the statement is presumably there for a reason so should be actioned. There is no reason/excuse for any error to be acceptable, errors can mask other failings.
For the moment, after the include application_top in standard_ipn I have added - if(!isset($_SESSION)) {tep_session_start();}
Equally
if (SESSION_FORCE_COOKIE_USE == 'True') {tep_session_start();} could be used?
the tep_session_destroy(); could be removed (but I think it also (correctly?) destroys the cookie)?
Each of these options seem quite reasonable, but I don’t really know if there may be any hidden side affect?
Are there any opinions/preferences/alternatives (please don’t suggest the obvious “remove Force Cookies Use’” – opinion seems to be equally divided on the “must have/must not have”, I prefer the former).