Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Any way of changing session value to custom value?


Guest

Recommended Posts

Throwing this idea out as I can't get it to work!!

 

I want a session value something like amazon use, e.g. (111-222-333), and not just a long string of numbers and letters. I have got to the point of the session id being stored in the cookie or placed in the URL when cookies are not set, and the cart works when adding stuff to it. The only problem I am having is that the session id gets reset when logging in via a secure page. It's driving me crazy.

 

Has anyone else attempted to change the this before?

 

On a side note, someone with more time than I have should really go through OSC and purge out the tons of detritus in it. For example, is anyone still running PHP3?!! If you're running PHP > 4 you can delete classes/sessions.php for starters.

Link to comment
Share on other sites

If you're running PHP > 4 you can delete classes/sessions.php for starters.

 

Really?.... then you would know how to use PHP string functions to manipulate the session id - which BTW is generated in that file :P

 

Our next release will have cleaned out much of the 'detritus'.

 

Seriously though, go to php.net and study up on string functions. You will find what you need :D

 

Matti

Link to comment
Share on other sites

Throwing this idea out as I can't get it to work!!

 

I want a session value something like amazon use, e.g. (111-222-333), and not just a long string of numbers and letters.  I have got to the point of the session id being stored in the cookie or placed in the URL when cookies are not set, and the cart works when adding stuff to it.  The only problem I am having is that the session id gets reset when logging in via a secure page.  It's driving me crazy.

 

Has anyone else attempted to change the this before?

 

You could spend a couple weeks playing with the session id (which is a php function and not an intrinsic part of osC) or you could fix your ssl set-up. You'd most likely fail with the first option, it's your choice though.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

You could spend a couple weeks playing with the session id (which is a php function and not an intrinsic part of osC) or you could fix your ssl set-up. You'd most likely fail with the first option, it's your choice though.

 

Well, I got it to work. Not sure about the security side of it yet. It was actually nothing to do with sessions.php, but more application_top. Just out of interest, do these lines ever do something, 'cos I could never get either statement to return true?:

 

if (isset($HTTP_POST_VARS[tep_session_name()])) {

tep_session_id($HTTP_POST_VARS[tep_session_name()]);

} elseif ( ($request_type == 'SSL') && isset($HTTP_GET_VARS[tep_session_name()]) ) {

tep_session_id($HTTP_GET_VARS[tep_session_name()]);

}

 

Is using GET_VARS on a NONSSL page a really bad idea then?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...