Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Cookies getting lost


ccharp

Recommended Posts

This is the first time I've used osCommerce. As a php programmer, I've managed to whack my way thru the code in some places and customize the thing for my clients needs. It's set up on a shared server with a shared ssl. I've taken their pre existing website and added osCommerce. The problem that arises is that if a user clicks a link in the site that isn't part of the shopping cart system and then clicks a link to return to the shopping cart their session is lost. This is considered a major problem as my client required that the shopping cart only be visible once the user has logged in. My question is has anyone had this problem before and if so how can it be fixed (without turning every file in the old site into a php file that keeps track of that cookie)? It is possible that I have messed the system up in my code whacking.

 

Anyone trying to help can log in with the folling details:

user = [email protected]

password = atest

 

After you login in you can click the home link and there you will find a link to the 'Products & Services'. If you click on that link, you will be back at the products home, but will no longer be logged in.

 

Here is my config file, just in case it helps:

 

  define('HTTP_SERVER', 'http://www.imageatkatan.com.au'); // eg, http://localhost - should not be empty for productive servers
 define('HTTPS_SERVER', 'https://secure5.ozhosting.com/imageatkatan'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', true); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', 'secure5.ozhosting.com/imageatkatan');
 define('HTTPS_COOKIE_DOMAIN', 'secure5.ozhosting.com/imageatkatan');
 define('HTTP_COOKIE_PATH', '/catalog/');
 define('HTTPS_COOKIE_PATH', '/catalog/');
 define('DIR_WS_HTTP_CATALOG', '/catalog/');
 define('DIR_WS_HTTPS_CATALOG', '/catalog/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
 define('DIR_FS_CATALOG', '/home/imageatkatancomau/public_html/catalog/');
 define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
 define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

// define our database connection
 define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers
 define('DB_SERVER_USERNAME', 'katan_admin');
 define('DB_SERVER_PASSWORD', 'jdewu672q');
 define('DB_DATABASE', 'imageatkatan_com_au');
 define('USE_PCONNECT', 'false'); // use persistent connections?
 define('STORE_SESSIONS', ''); // leave empty '' for default handler or set to 'mysql'

 

Thanks in advance for any help I may recieve!

 

Chris

Link to comment
Share on other sites

in order to keep the session, all links will have to go through the tep_href_link function.

-------------------------------------------------------------------------------------------------------------------------

NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit.

If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.

Link to comment
Share on other sites

in order to keep the session, all links will have to go through the tep_href_link function.

I was afraid of that. Has anyone found a workaround? Also from reading a bunch of posts I've found that having the session ID in the query string poses some security risks. It seems to me that the way osCommerce deals with cookies isn't very slick. Of course I don't want to rewrite their code to suit my needs...I'll continue searching the posts to find my miracle solution. If anyone out there can lend a hand i'd be really grateful.

 

CHris

Link to comment
Share on other sites

  • 2 weeks later...
Hi

I have the same problem you do, and wonder if you have found a workaroud the session problem

 

Someone recently asked me this question, so I thought I'd post my (probably bad) solution to the problem. At least I'm not the only one with this problem, that kinda makes me feel better. If anyone can give me any input on what they think of this work around please don't hesitate to coment.

 

The work around that I found really sucks. I added this php code after every link in the site :

 

<?php if(isset($HTTP_GET_VARS['osCsid'])) { echo "?osCsid=".$HTTP_GET_VARS['osCsid']; } ?>

 

so a link would look like this <a href="somepage.php<?php if(isset($HTTP_GET_VARS['osCsid'])) { echo "?osCsid=".$HTTP_GET_VARS['osCsid']; } ?>">go to some page</a>

 

I believe its a really bad way of doing this but it works, so its good for now...at least until I have the time to come up with a better solution. Or until someone provides me with a better solution..wink wink!

 

Chris

Link to comment
Share on other sites

Hi

so you had to make all files .php?

I work with a portal that is .htm(made in dreamweaver two years ago), and I even had to put the shop on a different server due to a bad server provider.

So I wont get contact with the db from the head in the frames.

Think I might just use a _blank on the link so that I dont need to rewrite all the different pages (53)

 

If anyone have a different solution please post it

 

Thanks for the quick answer

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...