discomonkey Posted January 9, 2005 Posted January 9, 2005 Hey os people, My cart is emptying when switching over to SSL mode. for example, you go to my site, add a couple of things to the cart, and when you go to checkout, you switch from non ssl to ssl and you are at the log in screen, and the cart is empty at that point. If you go and re add the items and checkout, its fine. I'm guessing my items are somehow not transferring between the different sessions, although I'm not entirely sure how oscommerce handles its session data. I had to put in a hack to fix another problem in my application_top to flush the ob buffer, but I don't think that has anything to do with what I'm dealin' with. Any ideas??
Guest Posted January 9, 2005 Posted January 9, 2005 Hey os people, My cart is emptying when switching over to SSL mode. for example, you go to my site, add a couple of things to the cart, and when you go to checkout, you switch from non ssl to ssl and you are at the log in screen, and the cart is empty at that point. If you go and re add the items and checkout, its fine. I'm guessing my items are somehow not transferring between the different sessions, although I'm not entirely sure how oscommerce handles its session data. I had to put in a hack to fix another problem in my application_top to flush the ob buffer, but I don't think that has anything to do with what I'm dealin' with. Any ideas?? <{POST_SNAPBACK}> This is a stab in the dark, but what are your sessions settings?
discomonkey Posted January 9, 2005 Author Posted January 9, 2005 I'm on shared hosting Session Director is set to /tmp Force Cookie use is TRUE the 3 Check settings are set to FALSE Prevent Spider Sessions are set to TRUE Recreate Session is set to FALSE where you asking for these? Site is here: http://www.martinadesigns.com/ I don't know if its non ssl -> ssl because when you make the switch to ssl the first time, it doesn't work, but when you make the switch the 2nd time in the same session, it does work.
Guest Posted January 9, 2005 Posted January 9, 2005 I'm on shared hosting Session Director is set to /tmp Force Cookie use is TRUE the 3 Check settings are set to FALSE Prevent Spider Sessions are set to TRUE Recreate Session is set to FALSE where you asking for these? Site is here: http://www.martinadesigns.com/ I don't know if its non ssl -> ssl because when you make the switch to ssl the first time, it doesn't work, but when you make the switch the 2nd time in the same session, it does work. <{POST_SNAPBACK}> Try changing Force Cookie Use to False and see what happens. Also, check the cookie domain names and paths in the catalog/includes/configure.php file.
discomonkey Posted January 10, 2005 Author Posted January 10, 2005 ok when Iturn off force cookie use, it works! define('HTTP_COOKIE_DOMAIN', 'www.martinadesigns.com'); define('HTTPS_COOKIE_DOMAIN', 'martinadesigns.com'); define('HTTP_COOKIE_PATH', ''); define('HTTPS_COOKIE_PATH', ''); those are my paths. what could the problem be then?? I do want to force cookie use for search engine crawling purposes... I'm really not sure what other benefits from it would be other then a cleaner looking url box. what should I do next??
stevel Posted January 10, 2005 Posted January 10, 2005 Set HTTP_COOKIE_DOMAIN to 'martinadesigns.com'. Then you can use Force Cookie Use. It will cause exactly the behavior you noted when the HTTP_COOKIE_DOMAIN and HTTPS_COOKIE_DOMAIN definitions are different. Also, make sure that these DOMAIN definitions match the domain of your _SERVER defines. Steve Contributions: Country-State Selector Login Page a la Amazon Protection of Configuration Updated spiders.txt Embed Links with SID in Description
discomonkey Posted January 10, 2005 Author Posted January 10, 2005 yep, now the force cookies work as well. Thanks a bunch!
Guest Posted January 10, 2005 Posted January 10, 2005 Set HTTP_COOKIE_DOMAIN to 'martinadesigns.com'. Then you can use Force Cookie Use. It will cause exactly the behavior you noted when the HTTP_COOKIE_DOMAIN and HTTPS_COOKIE_DOMAIN definitions are different. Also, make sure that these DOMAIN definitions match the domain of your _SERVER defines. <{POST_SNAPBACK}> Steve, One quick question. I forced cookies a few days ago and immediately found that I was getting payment notices from Authorize.net but no orders were being recorded. I set force cookies back to false and all was well again. I've got www in both the http and the https cookie domains. Do you think if I took the www out of both it would work if I forced cookies again? I could try it real fast and see, but thought it might be less stressful just to ask first.
stevel Posted January 10, 2005 Posted January 10, 2005 I have no experience using authorize.net, but I can tell you that if your COOKIE_DOMAIN settings are incorrect, you can lose the session context. Steve Contributions: Country-State Selector Login Page a la Amazon Protection of Configuration Updated spiders.txt Embed Links with SID in Description
Guest Posted January 10, 2005 Posted January 10, 2005 with cookie domains to work properly you need two periods, use www.martindesigns.com to match your http cookie domain
stevel Posted January 10, 2005 Posted January 10, 2005 Sorry, that's just not true, as my own store proves. Steve Contributions: Country-State Selector Login Page a la Amazon Protection of Configuration Updated spiders.txt Embed Links with SID in Description
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.