Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

Repeatedly Asked to Login / Cart Contents Emptied

Spiffshine

By Spiffshine
in General Support

Recommended Posts

Spiffshine

Spiffshine

Posted
Posted

My store has worked fine for many months, but today it started to exhibit some very weird behavior: 1) When I login to my account and click a category to begin shopping, it asks me to login again. I cannot navigate anywhere in the store. 2) While shopping (without being logged in) I can add items to my cart and view the contents, but when I checkout, I am asked to login. After login, my cart is empty. The cart contents never reappear.

 

In Topic 170513 regarding the same (or similar) problem, AlanR's Post #6 suggests that it may be a cookie definition problem, but I think I have that set right (no "http://") - please see below.

 

I have to following defined in configure.php:

 

  define('HTTP_SERVER', 'http://www.mydomain.com');
 define('HTTPS_SERVER', 'https://www.mydomain.com');
 define('ENABLE_SSL', true);
 define('HTTP_COOKIE_DOMAIN', 'www.mydomain.com');
 define('HTTPS_COOKIE_DOMAIN', 'www.mydomain.com');
 define('HTTP_COOKIE_PATH', '/store/');
 define('HTTPS_COOKIE_PATH', '/store/');
 define('DIR_WS_HTTP_CATALOG', '/store/');
 define('DIR_WS_HTTPS_CATALOG', '/store/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
 define('DIR_FS_CATALOG', '/home/.sites/81/site18/web/store/');
 define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
 define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

// define our database connection
 define('DB_SERVER', 'localhost');
 define('DB_SERVER_USERNAME', '*************');
 define('DB_SERVER_PASSWORD', '********');
 define('DB_DATABASE', '*************');
 define('USE_PCONNECT', 'false');
 define('STORE_SESSIONS', 'mysql');to 'mysql'

 

In Topic 170547, Vger's Post #5 suggests that another similar issue may be caused by an SSL definition problem, but my SSL cert was in fact issued to www.mydomain.com, so that should be fine as well.

 

In response to dahui's Post #4 (same thread), I tried changing just the cookie paths as follows:

define('HTTP_COOKIE_PATH', '/');
 define('HTTPS_COOKIE_PATH', '/');

but it didn't work. The login problem continued...

 

I changed both the cookie paths and dir_ws_includes as follows:

define('HTTP_COOKIE_PATH', '/');
 define('HTTPS_COOKIE_PATH', '/');
 define('DIR_WS_INCLUDES', '/store/includes/');

and I tried just changing the dir_ws_includes:

define('HTTP_COOKIE_PATH', '/store/');
 define('HTTPS_COOKIE_PATH', '/store/');
 define('DIR_WS_INCLUDES', '/store/includes/');

but both tries broke the site! I got the following errors:

 

Warning: main(/store/includes/filenames.php): failed to open stream: No such file or directory in /home/.sites/81/site18/web/store/includes/application_top.php on line 53

 

Fatal error: main(): Failed opening required '/store/includes/filenames.php' (include_path='.:/usr/local/bin/pear') in /home/.sites/81/site18/web/store/includes/application_top.php on line 53

 

Does anyone have another suggestion I might try?

 

I am confused why the site would have worked for so long, then suddenly quit. The fact that the problem has just recently started happening to a lot of people makes me very nervous. Could there be a security issue within osCommerce?

Guest

Guest

Posted
Posted

whats this last line in the configure file?

 

define('STORE_SESSIONS', 'mysql');to 'mysql'

 

remove the

to 'mysql'

Spiffshine

Spiffshine

Posted
  • Author
Posted
whats this last line in the configure file?...

 

My bad, that was my fault in copying the code. The last line actually reads:

 

define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'

AlanR

AlanR

Posted
Posted

Well, the advice to change to:

 

define('DIR_WS_INCLUDES', '/store/includes/');

 

was just plain wrong.

 

it should be

 

define('DIR_WS_INCLUDES', 'includes/'); as you originally had it.

 

You can work your way through the way the paths are concatenated

 

define('HTTP_SERVER', 'http://www.mydomain.com');

+

define('DIR_WS_HTTP_CATALOG', '/store/');

+

define('DIR_WS_INCLUDES', 'includes/');

 

= http://www.mydomain.com/store/includes/

 

I'm a little suspicious of the . in this:

 

define('DIR_FS_CATALOG', '/home/.sites/81/site18/web/store/');

 

In your admin section go to server info and way down towards the bottom of that phpInfo

 

you'll find the file system root path.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Spiffshine

Spiffshine

Posted
  • Author
Posted
I'm a little suspicious of the . in this:

 

define('DIR_FS_CATALOG', '/home/.sites/81/site18/web/store/');

 

Actually, that's exactly it. There is a . in there (old Cobalt server structure).

 

I did notice this, however:

The "My Account" (login), "Create an Account" and "Checkout" links all have a link to a url starting with https:// while the "Cart Contents" link points to an http:// URL.

 

Could this be the problem? And if so... might you know how I can fix it?

Spiffshine

Spiffshine

Posted
  • Author
Posted

Hmmm... I'm pretty sure that is the problem now. If I log in and make sure to only "click around" in areas that have an https:// link , I remain logged in. As soon as I click a link that goes back to http:// I lose my login.

 

Now, that's no good since both the Cart Contents and the entire Store are not on secure pages. But how do I fix it?

Guest

Guest

Posted
Posted

do us all a favor and post the exact configure.php (without the database connection info) with the url listed.

Spiffshine

Spiffshine

Posted
  • Author
Posted
do us all a favor and post the exact configure.php (without the database connection info) with the url listed.

 

Site in Question

 

<?php
/*
 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com

 Copyright (c) 2003 osCommerce

 Released under the GNU General Public License
*/

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
 define('HTTP_SERVER', 'http://www.domain.com'); // eg, http://localhost - should not be empty for productive servers
 define('HTTPS_SERVER', 'https://www.domain.com'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', true); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', 'www.domain.com');
 define('HTTPS_COOKIE_DOMAIN', 'www.domain.com');
 define('HTTP_COOKIE_PATH', '/store/');
 define('HTTPS_COOKIE_PATH', '/store/');
 define('DIR_WS_HTTP_CATALOG', '/store/');
 define('DIR_WS_HTTPS_CATALOG', '/store/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
 define('DIR_FS_CATALOG', '/home/***/web/store/');
 define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
 define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

// define our database connection
 define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers
 define('DB_SERVER_USERNAME', '***');
 define('DB_SERVER_PASSWORD', '***');
 define('DB_DATABASE', '***');
 define('USE_PCONNECT', 'false'); // use persistent connections?
 define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'
?>

Spiffshine

Spiffshine

Posted
  • Author
Posted 
  define('HTTP_SERVER', 'http://www.39centballoon.com'); // eg, http://localhost - should not be empty for productive servers
 define('HTTPS_SERVER', 'https://www.39centballoon.com'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', true); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', 'www.39centballoon.com');
 define('HTTPS_COOKIE_DOMAIN', 'www.39centballoon.com');

Spiffshine

Spiffshine

Posted
  • Author
Posted

I tested the site from home after leaving work last night, and everything worked fine. I could not replicate the problem. I remained logged in despite visiting unsecure pages. (Both systems running IE 6.0)

 

I am pulling my hair out...

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...