Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Sessions issue


Guest

Recommended Posts

I'm trying to keep the sessions active outside of OSC directory. So far, I've changed configuration.php so that sessions details are stored in the database.

 

I'm not trying to work out what I need to do to keep that sessions active on pages outside of OSC...

 

I think I'll have to use application_top.php, as this reads and sets session variables and strings?

Link to comment
Share on other sites

I know i'm close. In one of my pages on the website, outside of OSC, I've require application_top. The sessions are kicking in, as a new entry is being added to the table every time I refresh.

 

Now ever, I recieve a page error

 

Warning: main(includes/configure.php): failed to open stream: No such file or directory in /home/dengate/public_html/catalog/includes/application_top.php on line 29

Fatal error: main(): Failed opening required 'includes/configure.php' (include_path='.:/php/includes:/usr/share/php') in /home/dengate/public_html/catalog/includes/application_top.php on line 29

 

SO I've I go into application_top.php and configure.php and change some of the paths to absolute paths, I should be a lot closer

 

Pointers anyone?

Link to comment
Share on other sites

hmmm ok, in amplitcation top, I've changed the call to configure.php to be the absolute url

 

// include server parameters
require('http://dengate.amplifeyesolutions.com/catalog/includes/configure.php');

 

but this gives me the error

 

Warning: main(http://dengate.amplifeyesolutions.com/catalog/includes/configure.php): failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden in /home/dengate/public_html/catalog/includes/application_top.php on line 29

Fatal error: main(): Failed opening required 'http://dengate.amplifeyesolutions.com/catalog/includes/configure.php' (include_path='.:/php/includes:/usr/share/php') in /home/dengate/public_html/catalog/includes/application_top.php on line 29

 

I'm CHMOD to 777 to test, but no effect, any idea's guys?

Link to comment
Share on other sites

ok, I've managed to remove all error messages, so at least I have a page to look at

 

If I login in as a user in OSC, and copy "index.php?osCsid=4dd7ede74e5e115555db21c8c107167c", and paste this into the url of the page I go to, outside of OSC< the session is active still and everything works.

 

So how to I tweak the link so that It does this automattically ?

Link to comment
Share on other sites

ok, so quick back track of what I've done so far

 

First, I've changed

 

  define('USE_PCONNECT', 'false');
 define('STORE_SESSIONS', '');

 

to this

 

  define('USE_PCONNECT', 'true');
 define('STORE_SESSIONS', 'mysql');

 

Secondly, on the page I want to keep the sessions active on, outside of OSC, I've added

 

// check if sessions are supported, otherwise use the php3 compatible session class
 if (!function_exists('session_start')) {
   define('PHP_SESSION_NAME', 'osCsid');
   define('PHP_SESSION_PATH', $cookie_path);
   define('PHP_SESSION_DOMAIN', $cookie_domain);
   define('PHP_SESSION_SAVE_PATH', SESSION_WRITE_DIRECTORY);

   include('http://dengate.amplifeyesolutions.com/catalog/includes/classes/sessions.php');
 }

// define how the session functions will be used
 //require('http://dengate.amplifeyesolutions.com/catalog/includes/functions/sessions.php');

// set the session name and save path
 tep_session_name('osCsid');
 tep_session_save_path(SESSION_WRITE_DIRECTORY);

// set the session cookie parameters
  if (function_exists('session_set_cookie_params')) {
   session_set_cookie_params(0, $cookie_path, $cookie_domain);
 } elseif (function_exists('ini_set')) {
   ini_set('session.cookie_lifetime', '0');
   ini_set('session.cookie_path', $cookie_path);
   ini_set('session.cookie_domain', $cookie_domain);
 }

// set the session ID if it exists
  if (isset($HTTP_POST_VARS[tep_session_name()])) {
    tep_session_id($HTTP_POST_VARS[tep_session_name()]);
  } elseif ( ($request_type == 'SSL') && isset($HTTP_GET_VARS[tep_session_name()]) ) {
    tep_session_id($HTTP_GET_VARS[tep_session_name()]);
  }

// start the session
 $session_started = false;
 if (SESSION_FORCE_COOKIE_USE == 'True') {
   tep_setcookie('cookie_test', 'please_accept_for_session', time()+60*60*24*30, $cookie_path, $cookie_domain);

   if (isset($HTTP_COOKIE_VARS['cookie_test'])) {
     tep_session_start();
     $session_started = true;
   }
 } elseif (SESSION_BLOCK_SPIDERS == 'True') {
   $user_agent = strtolower(getenv('HTTP_USER_AGENT'));
   $spider_flag = false;

   if (tep_not_null($user_agent)) {
     $spiders = file(DIR_WS_INCLUDES . 'spiders.txt');

     for ($i=0, $n=sizeof($spiders); $i<$n; $i++) {
       if (tep_not_null($spiders[$i])) {
         if (is_integer(strpos($user_agent, trim($spiders[$i])))) {
           $spider_flag = true;
           break;
         }
       }
     }
   }

   if ($spider_flag == false) {
     tep_session_start();
     $session_started = true;
   }
 } else {
   tep_session_start();
   $session_started = true;
 }

// set SID once, even if empty
 $SID = (defined('SID') ? SID : '');

// verify the ssl_session_id if the feature is enabled
 if ( ($request_type == 'SSL') && (SESSION_CHECK_SSL_SESSION_ID == 'True') && (ENABLE_SSL == true) && ($session_started == true) ) {
   $ssl_session_id = getenv('SSL_SESSION_ID');
   if (!tep_session_is_registered('SSL_SESSION_ID')) {
     $SESSION_SSL_ID = $ssl_session_id;
     tep_session_register('SESSION_SSL_ID');
   }

   if ($SESSION_SSL_ID != $ssl_session_id) {
     tep_session_destroy();
     tep_redirect(tep_href_link(FILENAME_SSL_CHECK));
   }
 }

// verify the browser user agent if the feature is enabled
 if (SESSION_CHECK_USER_AGENT == 'True') {
   $http_user_agent = getenv('HTTP_USER_AGENT');
   if (!tep_session_is_registered('SESSION_USER_AGENT')) {
     $SESSION_USER_AGENT = $http_user_agent;
     tep_session_register('SESSION_USER_AGENT');
   }

   if ($SESSION_USER_AGENT != $http_user_agent) {
     tep_session_destroy();
     tep_redirect(tep_href_link(FILENAME_LOGIN));
   }
 }

// verify the IP address if the feature is enabled
 if (SESSION_CHECK_IP_ADDRESS == 'True') {
   $ip_address = tep_get_ip_address();
   if (!tep_session_is_registered('SESSION_IP_ADDRESS')) {
     $SESSION_IP_ADDRESS = $ip_address;
     tep_session_register('SESSION_IP_ADDRESS');
   }

   if ($SESSION_IP_ADDRESS != $ip_address) {
     tep_session_destroy();
     tep_redirect(tep_href_link(FILENAME_LOGIN));
   }
 }

// create the shopping cart & fix the cart if necesary
 if (tep_session_is_registered('cart') && is_object($cart)) {
   if (PHP_VERSION < 4) {
     $broken_cart = $cart;
     $cart = new shoppingCart;
     $cart->unserialize($broken_cart);
   }
 } else {
   tep_session_register('cart');
   $cart = new shoppingCart;
 }

 

 

also, on this page, I've added the following code, just so I can confirm that the session is active.

 

  if (tep_session_is_registered('customer_id')) { 
 
 ?><a href="<?php echo tep_href_link(FILENAME_LOGOFF, '', 'SSL'); ?>"><?php echo HEADER_TITLE_LOGOFF; ?></a>
 
 <? } ?>

 

So when leaving OSC, I need a link that keeps the session active when I jump.

 

For example, when I log in, the url is set to " /catalog/index.php?osCsid=4dd7ede74e5e115555db21c8c107167c "

 

When I click X link to go somewhere else, outside of OSC, this url changes, to simply http://www.mywebsite.com/

 

If I add " index.php?osCsid=4dd7ede74e5e115555db21c8c107167c " then I can have the session active on that page

 

But how do I do it automatically/dynamically ?

Link to comment
Share on other sites

Hi Dan,

 

Didn't realise it was you, and your excellent amplifyeye website. First of all you should not have use_pconnect set to 'true'. Persistent connections to the database are not a good idea, and will not help you in what you are trying to do. Similarly, hardcoding session ids will not work with a live site.

 

To integrate your site with osCommerce this is the best way.

 

Take a page like conditions.php in the root of osCommerce, select 'Save As' and save it under another name. Remove the call to includes/languages close to the top of that file e.g.

 

require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONDITIONS);

 

(then you won't need to add it to includes/filenames).

 

Where you see this:

 

$breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_CONDITIONS));

 

change it to:

 

$breadcrumb->add('newpage.php', tep_href_link(FILENAME_NEWPAGE));

 

Now, further on down the page, where you see this:

 

<tr>

<td class="main"><?php echo TEXT_INFORMATION; ?></td>

</tr>

 

change it to:

 

<tr>

<td class="main"><?php include('newpage.html'); ?></td>

</tr>

 

newpage.html and newpage.php would be the name of one of your existing pages, which would be called into a php page of the same name, and the session id will be preserved.

 

You can strip out the calls to the header, footer, left and right columns from the root level php page, so that all that is left is the <head> section, a single table, and the include to the html page.

 

Hope this helps - Vger

Link to comment
Share on other sites

You are making it harder than it should be!

 

First, if your cookie settings are correct in includes/configure.php the osCsid will be saved to cookie.

 

Next, make sure that your cookie settings look like this:

...
define('HTTP_COOKIE_DOMAIN', '.yourdomain.com');
...
define('HTTP_COOKIE_PATH', '/');

The first setting, HTTP_COOKIE_DOMAIN, sets the scope of the cookie and the other one defines the directory in which it will be valid.

 

The settings above will make the cookie information valid for all of yourdomain.com and also every directory above the public document root.

 

OK...now that you've changed the cookie scope and path "global" to your website how do you get the information back out? Simple :)

 

On each page request one of the first things that happens is the $_GLOBAL variable is populated for that user. This includes the $_COOKIE global variable and will contain everything that you need!

 

Here is how I would implement it on external osC sites:

 

First, use this code at the top of the external PHP page:

if ( isset($_COOKIE['osCsid']) && !empty($_COOKIE['osCsid']) ){
$osCsid = $_COOKIE['osCsid'];
output_add_rewrite_var('osCsid', $osCsid);
} else {
ob_start('ob_gzhandler');
}

This code will add the osCsid to every link on the page AUTOMATICALLY and will not require you to hard code anything. If there is no cookie (for example they don't accept cookies on their browser) it simply starts the output buffer and compresses it (which is a good thing).

 

Next, at the bottom of the external PHP script use this code as the last bit of code on the page and after everything needs to be output (i.e. - the ending body and html tags):

ob_flush();
flush();

All done!

Link to comment
Share on other sites

For Vger,

 

Not the big Dan, thats Dan Mitchell, I'm little Dan who is also connected to Amplifeye in various ways ;)

 

I've seen this advice so many times now, and still, I just can't work out how it works ??? aaarrgghhhh!! sorry

Link to comment
Share on other sites

You are making it harder than it should be!

 

First, if your cookie settings are correct in includes/configure.php the osCsid will be saved to cookie.

 

Next, make sure that your cookie settings look like this:

...
define('HTTP_COOKIE_DOMAIN', '.yourdomain.com');
...
define('HTTP_COOKIE_PATH', '/');

The first setting, HTTP_COOKIE_DOMAIN, sets the scope of the cookie and the other one defines the directory in which it will be valid.

 

The settings above will make the cookie information valid for all of yourdomain.com and also every directory above the public document root.

 

OK...now that you've changed the cookie scope and path "global" to your website how do you get the information back out?  Simple :)

 

On each page request one of the first things that happens is the $_GLOBAL variable is populated for that user.  This includes the $_COOKIE global variable and will contain everything that you need!

 

Here is how I would implement it on external osC sites:

 

First, use this code at the top of the external PHP page:

if ( isset($_COOKIE['osCsid']) && !empty($_COOKIE['osCsid']) ){
$osCsid = $_COOKIE['osCsid'];
output_add_rewrite_var('osCsid', $osCsid);
} else {
ob_start('ob_gzhandler');
}

This code will add the osCsid to every link on the page AUTOMATICALLY and will not require you to hard code anything.  If there is no cookie (for example they don't accept cookies on their browser) it simply starts the output buffer and compresses it (which is a good thing).

 

Next, at the bottom of the external PHP script use this code as the last bit of code on the page and after everything needs to be output (i.e. - the ending body and html tags):

ob_flush();
flush();

All done!

 

 

THATS THE WAY TO DO IT!!!

 

Thank You!!! :) Thank You!!! :) Thank You!!! :)

 

One little problem I have now is that inside /catalog/ area I'm using the code

 

<?
 

 if (tep_session_is_registered('customer_id')) { 
 
 ?><a href="<?php echo tep_href_link(FILENAME_ACCOUNT, '', 'SSL'); ?>" class="headerNavigation"><?php echo HEADER_TITLE_ACCOUNT; ?></a>
 <a href="<?php echo tep_href_link(FILENAME_LOGOFF, '', 'SSL'); ?>" class="headerNavigation"><?php echo HEADER_TITLE_LOGOFF; ?></a>
 
 <? }
 else { ?>
  <a href="http://dengate.amplifeyesolutions.com/catalog/account.php">Login</a>
  <?
   } 
   ?>

 

on the page. Works fine all outside OSC< but inside, produces the error below

 

Fatal error: Call to undefined function: tep_session_is_registered() in /home/dengate/public_html/location_bar.php on line 140

 

140 is

if (tep_session_is_registered('customer_id')) {

Link to comment
Share on other sites

There is no need to include any files (such as application_top.php or configure.php) to use the code above. If you do that will only present issues.

 

However, if you are dead set on using the stock osC files for this forget the code offered above and add one line to the top:

chdir("../storedirectory/");

This will set the directory back to the store and all the normal includes will function correctly.

Link to comment
Share on other sites

I'm only using the code I just posted to enable visitors to log out from their accounts, if logged in, I couldn't think of any other way for it to work?

 

the code for location_bar.php is simply

 

<td height="35" class="location-bar-link">
 <table width="290" height="9" border="0" align="center" cellpadding="0" cellspacing="0">
   <tr>
    <? $websiteurl = 'http://dengate.amplifeyesolutions.com/' ?>
     <td width="1"><img src="<? print $websiteurl; ?>imgs/gry-sub-nav/buttons/spacer.gif"></td>
     <td width="1">
       <? if (tep_session_is_registered('customer_id')) { ?>
       <a href="<?php echo tep_href_link(FILENAME_LOGOFF, '', 'SSL'); ?>" class="headerNavigation"><?php echo HEADER_TITLE_LOGOFF; ?></a>
       <? } ?>
     </td>
     <td width="1"><img src="<? print $websiteurl; ?>imgs/gry-sub-nav/buttons/spacer.gif"></td>
     <td width="90"> <a href="<?php echo tep_href_link(FILENAME_ACCOUNT, '', 'SSL'); ?>" class="headerNavigation"><img src="<? print $websiteurl; ?>imgs/gry-sub-nav/buttons/myaccount.gif" border="0"></a> </td>
     <td width="1"><img src="<? print $websiteurl; ?>imgs/gry-sub-nav/buttons/spacer.gif"></td>
     <td width="90"><img src="<? print $websiteurl; ?>imgs/gry-sub-nav/buttons/viewbasket.gif"></td>
     <td width="1"><img src="<? print $websiteurl; ?>imgs/gry-sub-nav/buttons/spacer.gif"></td>
     <td width="90"><img src="<? print $websiteurl; ?>imgs/gry-sub-nav/buttons/wishlist.gif"></td>
     <td width="1"><img src="<? print $websiteurl; ?>imgs/gry-sub-nav/buttons/spacer.gif"></td>
     <td width="90"><a href="<? print $websiteurl; ?>support"><img src="<? print $websiteurl; ?>imgs/gry-sub-nav/buttons/help.gif" border="0"></a></td>
     <td width="1"><img src="<? print $websiteurl; ?>imgs/gry-sub-nav/buttons/spacer.gif"></td>
   </tr>
 </table>
</td>

 

How else could I check for user being 'logged in' and provide them with a logout option ?

Link to comment
Share on other sites

Thats something I could have done with at the beginning, but oh well, hehe

 

Would it be possible to sort the error message inside of OSC, as everything else works as I want to,

 

thanks for all your help guys

Link to comment
Share on other sites

  • 2 years later...

I used the contribution but I have a question that is probably rather simple to answer. The example.php included in that contribution outputs

 

Array

(

[sESSION_SSL_ID] =>

[sESSION_IP_ADDRESS] => 66.74.82.202

[cart] => __PHP_Incomplete_Class Object

(

[__PHP_Incomplete_Class_Name] => shoppingCart

[contents] => Array

(

[28] => Array

(

[qty] => 1

)

 

)

 

[total] => 589.34

[weight] => 5

[cartID] => 61103

[content_type] =>

)

 

[language] => english

[languages_id] => 1

[currency] => USD

[navigation] => __PHP_Incomplete_Class Object

(

[__PHP_Incomplete_Class_Name] => navigationHistory

[path] => Array

(

[0] => Array

(

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...