Ryanna Posted July 11, 2004 Share Posted July 11, 2004 Hi all guys, We've recently installed OScommerce with a lot fo great contribs and works pretty well until recently when we enabled SSL for our site. Our site is http://www.cedarsys.net/ we also have www.cedarpc.com and www.cedarpci.com redirecting to www.cedarsys which is our main and where we host all our files. We recently enabled SSL, got a unique IP and the SSL is set to https://www.cedarsys.net which you can test by going there. Now, for some reason, whenever going from cedarpc.com and cedarpci.com sometimes I get the OSID thing (it seems it got set by the cookie) and ppl get something like: https://www.cedarsys.net/?logoff.php?ocSID=...879429835682345 and the page stays blank until we delete all the ?logoff crap and click enter again. Now... we DO NOT WANT our customers to do that right? So reading in forums here how to get rid of the ocSD in the URL u pretty much have to force the cookies. When i DO force the cookies, I cannot get the catalog from any of my urls site, even the main www.cedarsys.net gives me a blank page (it is happening right now, cookies are forced) until I reload the page and it gives me the catalog fine. Why do I want to keep forced cookies? Because that way NONE of our customers are getting the annoying SID on the URL so the site works, well, kinda works if you reload it. So, if anyone know how to solve this problem.... gettting totally rid of the SID in the URL or making the FORCE cookies not have to reload when I enable it I would be really glad cause I have to work our site very limited. This is my /include/configure.php cookie section define('HTTP_SERVER', 'http://www.cedarsys.net'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://www.cedarsys.net'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'www.cedarsys.net'); define('HTTPS_COOKIE_DOMAIN', 'www.cedarsys.net'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); define('DIR_WS_HTTP_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', '/'); *** I read on another post that there seems to be a bug in application_top.php which when forced cookies are enabled, only starts the session after a reload since the tep_startsession() thing is set after an IF isset to check is the cookie is set or present, which is obviously not set until you reload the page and get the cookie referer or something like that, as I dont understand very well how cookies work ................ so if theres another way of getting TOTALLY rid of the osCID on the URL ... please tell me, thanks *** Link to comment Share on other sites More sharing options...
ozcsys Posted July 11, 2004 Share Posted July 11, 2004 Try this define('HTTP_SERVER', 'http://www.cedarsys.net'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://www.cedarsys.net'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'http://www.cedarsys.net'); define('HTTPS_COOKIE_DOMAIN', 'https://www.cedarsys.net'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); define('DIR_WS_HTTP_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', '/'); The Knowledge Base is a wonderful thing. Do you have a problem? Have you checked out Common Problems? There are many very useful osC Contributions Are you having trouble with a installed contribution? Have you checked out the support thread found Here BACKUP BACKUP BACKUP!!! You did backup, right?? Link to comment Share on other sites More sharing options...
vasttech Posted July 11, 2004 Share Posted July 11, 2004 Your configure.php file is right. Also, turn off force cookies. A couple questions though: 1. How are you redirecting the other sites? To me it looks like you have a redirect pointing to a logoff url or to a url with a session id in it. I would focus more on how you set up the redirects then an issue with osCommerce and cookies and sessions. We have done a bunch of sites where customers have had multiple urls redirecting to one and have never once had a problem. Get your host to park the additional domain names on the cedarsys.net domain. They will automatically go there and no coding involved. 2. How are you storing sessions? At the bottom of the configure.php file there is a line that says: define('STORE_SESSIONS', 'mysql') - make sure it says mysql. osCommerce Knowledge Base osCommerce Documentation Contributions Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.