Guest Posted July 16, 2005 Share Posted July 16, 2005 Throwing this idea out as I can't get it to work!! I want a session value something like amazon use, e.g. (111-222-333), and not just a long string of numbers and letters. I have got to the point of the session id being stored in the cookie or placed in the URL when cookies are not set, and the cart works when adding stuff to it. The only problem I am having is that the session id gets reset when logging in via a secure page. It's driving me crazy. Has anyone else attempted to change the this before? On a side note, someone with more time than I have should really go through OSC and purge out the tons of detritus in it. For example, is anyone still running PHP3?!! If you're running PHP > 4 you can delete classes/sessions.php for starters. Link to comment Share on other sites More sharing options...
Guest Posted July 17, 2005 Share Posted July 17, 2005 If you're running PHP > 4 you can delete classes/sessions.php for starters. <{POST_SNAPBACK}> Really?.... then you would know how to use PHP string functions to manipulate the session id - which BTW is generated in that file :P Our next release will have cleaned out much of the 'detritus'. Seriously though, go to php.net and study up on string functions. You will find what you need :D Matti Link to comment Share on other sites More sharing options...
AlanR Posted July 17, 2005 Share Posted July 17, 2005 Throwing this idea out as I can't get it to work!! I want a session value something like amazon use, e.g. (111-222-333), and not just a long string of numbers and letters. I have got to the point of the session id being stored in the cookie or placed in the URL when cookies are not set, and the cart works when adding stuff to it. The only problem I am having is that the session id gets reset when logging in via a secure page. It's driving me crazy. Has anyone else attempted to change the this before? <{POST_SNAPBACK}> You could spend a couple weeks playing with the session id (which is a php function and not an intrinsic part of osC) or you could fix your ssl set-up. You'd most likely fail with the first option, it's your choice though. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management) Link to comment Share on other sites More sharing options...
Guest Posted July 17, 2005 Share Posted July 17, 2005 You could spend a couple weeks playing with the session id (which is a php function and not an intrinsic part of osC) or you could fix your ssl set-up. You'd most likely fail with the first option, it's your choice though. <{POST_SNAPBACK}> Well, I got it to work. Not sure about the security side of it yet. It was actually nothing to do with sessions.php, but more application_top. Just out of interest, do these lines ever do something, 'cos I could never get either statement to return true?: if (isset($HTTP_POST_VARS[tep_session_name()])) { tep_session_id($HTTP_POST_VARS[tep_session_name()]); } elseif ( ($request_type == 'SSL') && isset($HTTP_GET_VARS[tep_session_name()]) ) { tep_session_id($HTTP_GET_VARS[tep_session_name()]); } Is using GET_VARS on a NONSSL page a really bad idea then? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.