Here I am trying to get some tickets for a theater, and I noticed an interesting thing. It seems that the website holds no session persistence. In other words it doesn't check to see if the user has stopped trying to order tickets, instead it holds the seats for about 30 minutes. This is kind of stupid because when you back out, your treated as a completely new session, you have no way of trying to get back the seats you had chosen.

Sooo, what does this mean? It means that I can start selecting a bunch of seats and continue selecting a bunch of seats. There appears to be no server-side checks to prevent someone from just booking the entire theater.

Soooooo, what does this mean? I could potentially spam the entire country's theaters (any that use this website as a booking system) and make it impossible for people to book seats through this website.

What do you guys think? Is this a bug or feature?

I am a no-nonsense, ads/marketing-hating person. I use adblockers on the web, modded apps on mobile, disable notifications for almost all the apps, and have the mobile on DND most of the time. I also send most of promotional and marketing emails to spam. the only ads and campaigns that are able to reach me are the forced native campaigns (i.e native ads in the news feed, social media feed, etc)

And I just joined a company whose main product is marketing for social media :/
This is not my first marketing domain company. I interned with video advert company also sometime back when I was a student. The work here in this domain is decent, not much is required since it's a B2B domain and whatever the library provider company couldn't provide, the B2C devs will hack and support on their own.

As a dev, I don't think most people like integrating ads, marketing channels, etc into their software. but being in presence of all the marketing stuff: growth, cohort, funnels audience, campaigns, retention... just ugh