Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Mysterious items appearing in shopping cart


ddp

Recommended Posts

Here is what it happening. My /catalog folder is set as my homepage and on any given day items seem to appear in the shopping cart without being ordered.

A few days ago about 20 items appeared in the cart. At first I thought it was my assistant testing the site but when I asked her about it she said she had not added the items. I cleared the cart and then the next day a few more items appeared.

Now today an item appeared in the shopping cart that is listed as out of stock in the catalog. Since out of stock items do not appear on the site it seems to me like something is amiss.

 

This happens when I am not logged on to my account.

I am using Firefox.

 

Any help is appreciated.

Backup before making changes. Backup before making changes! Backup before making changes!!

 

You did do a backup? eh?

Link to comment
Share on other sites

Here is what it happening. My /catalog folder is set as my homepage and on any given day items seem to appear in the shopping cart without being ordered.

A few days ago about 20 items appeared in the cart. At first I thought it was my assistant testing the site but when I asked her about it she said she had not added the items. I cleared the cart and then the next day a few more items appeared.

Now today an item appeared in the shopping cart that is listed as out of stock in the catalog. Since out of stock items do not appear on the site it seems to me like something is amiss.

 

This happens when I am not logged on to my account.

I am using Firefox.

 

Any help is appreciated.

Michael,

 

Where do you store your sessions?

 

ed

Link to comment
Share on other sites

Michael,

 

Where do you store your sessions?

 

ed

 

Ed

 

Thanks for replying.

 

My sessions are stored at:

define('STORE_SESSIONS', 'mysql'); in my catalog/includes/sonfigure.php file.

 

Funny thing though this problem does not seem to happen consistantly. Today for instance nothing weird in the cart.

 

Mike

Backup before making changes. Backup before making changes! Backup before making changes!!

 

You did do a backup? eh?

Link to comment
Share on other sites

Is the session id always appearing in the address bar?

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

Yes

 

like:

http://www.deepdownproductions.com/store/n...06c379badb4e5c3

 

osCsid=6b90543cfb343764106c379badb4e5c3

Then you've most likely got a problem with the cookie domain settings in catalog/includes/configure.php

 

define('HTTP_COOKIE_DOMAIN', '');

define('HTTPS_COOKIE_DOMAIN', '');

 

and people are coming into the store with identical session ids, after following some link which includes the session id. Therefore osC thinks they're all the same customer.

 

those lines need to be like:

 

define('HTTP_COOKIE_DOMAIN', 'www.deepdownproductions.com');

define('HTTPS_COOKIE_DOMAIN', 'www.deepdownproductions.com');

 

with no http://

 

The session id should disappear from the address bar after just a few clicks (after the cookie is set).

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

Is any of this documented anywhere? I know I have similar issues with sessions and I'm sure it's my configuration in configure.php. I've searched and search the forums for a good explanation of ALL the variables in configure.php and haven't found anything useful. I think I once found the actual documentation for configure.php but it didn't get into any details like the above.

 

My production store is working fine. The Session Id does not show up in the URL (at least not when I am at the site). But when I am in my test environment, the session id does show up. I have the same configure.php files with the exception that the domain names are different and the database is different - but that's it. The session settings in both are:

 

define('HTTP_COOKIE_DOMAIN', '');

define('HTTPS_COOKIE_DOMAIN', '');

 

So for starters, that scares me since my test environment is not behaving the same as my production environment (let's call my test environment my QA environment since that is where I put changes in right before putting them into production). But the other issue I have is that in my QA environment, I get the duplicate session id error on some pages:

 

 

1062 - Duplicate entry '1ae235248ec28fe987dcaf65f1a469ec' for key 1

 

I did just try making the suggestion change of:

 

define('HTTP_COOKIE_DOMAIN', 'www.deepdownproductions.com');

define('HTTPS_COOKIE_DOMAIN', 'www.deepdownproductions.com');

 

But the problem continued. Anyone have ideas/thoughts?

Link to comment
Share on other sites

It's been documented in thousands of posts here.

 

The site is definitely not setting cookies.

 

You'd better post your configure.php file (without the database details). Also check for an extra configure.php file in catalog/includes/local.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

It's been documented in thousands of posts here.

 

The site is definitely not setting cookies.

 

You'd better post your configure.php file (without the database details). Also check for an extra configure.php file in catalog/includes/local.

 

Thanks - I've been looking like crazy but haven't really found that documentation (searching +configure.php +documentation and other similar strings).

 

Here's my configure.php file. I do NOT have one in catalog/includes/local - it's empty. I guess after my original installation of OSC, I've been tweaking the configure.php file

 

define('HTTP_SERVER', 'http://www.mydomain.com/');

define('HTTPS_SERVER', 'https://www.mydomain.com/');

define('ENABLE_SSL', true);

define('HTTP_COOKIE_DOMAIN', 'www.mydomain.com/');

define('HTTPS_COOKIE_DOMAIN', 'www.mydomain.com/');

define('HTTP_COOKIE_PATH', '');

define('HTTPS_COOKIE_PATH', '');

define('DIR_WS_HTTP_CATALOG', '');

define('DIR_WS_HTTPS_CATALOG', '');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

 

define('DIR_FS_CATALOG', '/var/www/html/mydomain/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

 

In addition, I have the follow session values set in the admin/configuration/session area:

 

 

FORCE COOKIE USE = false

CHECK SSL SESSION_ID=true

CHECK USER AGENT=true

CHECK IP ADDRESS=false

PREVENT SPIDER SESSIONS=true

RECREATE SESSION =true

Link to comment
Share on other sites

I don't get it.

 

define('HTTP_COOKIE_PATH', '');

define('HTTPS_COOKIE_PATH', '');

define('DIR_WS_HTTP_CATALOG', '');

define('DIR_WS_HTTPS_CATALOG', '');

 

Do people think these definitions are created just for fun?

 

They're the path to the location of the osC base location, where index.php is found.

 

So they can be:

 

If the store is in root...

 

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', '/');

 

If the store is in catalog...

 

define('HTTP_COOKIE_PATH', '/catalog/');

define('HTTPS_COOKIE_PATH', '/catalog/');

define('DIR_WS_HTTP_CATALOG', '/catalog/');

define('DIR_WS_HTTPS_CATALOG', ''/catalog/');

 

and so on...

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

I don't get it.

 

define('HTTP_COOKIE_PATH', '');

define('HTTPS_COOKIE_PATH', '');

define('DIR_WS_HTTP_CATALOG', '');

define('DIR_WS_HTTPS_CATALOG', '');

 

Do people think these definitions are created just for fun?

 

 

Well, I always like to keep a sense of humour about all this stuff so I enjoyed your comment "Do people think these definitions are created just for fun?"

 

But understand two things. First, you mention this stuff is documented but I have been unable to find it. And the effort to find it has been there. Second, my configure.php file was not something that I manually created but instead the result of running the webinstallation of OSC and then performing tweaks as needed (my production site has been up and running for 4 months now so I don't recall specifics of why I made these changes).

 

That said, the way I had it made somewhat sense and here's why.

 

My HTTP_SERVER definition is defined as follows: "define('HTTP_SERVER', 'http://www.mydomain.com/');"

 

Notice the last '/' at end of domain name! Since that '/' is there, there was no need to put in the '/' at the end of HTTP_COOKIE_PATH, etc.

 

So I tried your suggestion the first time and that's how I figured this out - my URLs ended up having two "//" after the domain name.

 

But I cleaned it up to have define('HTTP_SERVER', 'http://www.mydomain.com') and then added the '/' as you suggested for COOKIE_PATH, etc and it works good now. Scarey part is that is NOT how my production site is - guess I will have to try to change it tonight. When I use my production site, the session id does not show up on the URL. But when I examine my logs, I do notice that some customers do have the session_id on the URL (not sure if it's because they have cookies turned off or because of my configuration).

 

So where can I really get documentation on configure.php? These little things kill a site and I am trying to set this up the right way.

Link to comment
Share on other sites

Then you've most likely got a problem with the cookie domain settings in catalog/includes/configure.php

 

define('HTTP_COOKIE_DOMAIN', '');

define('HTTPS_COOKIE_DOMAIN', '');

 

and people are coming into the store with identical session ids, after following some link which includes the session id. Therefore osC thinks they're all the same customer.

 

those lines need to be like:

 

define('HTTP_COOKIE_DOMAIN', 'www.deepdownproductions.com');

define('HTTPS_COOKIE_DOMAIN', 'www.deepdownproductions.com');

 

with no http://

 

The session id should disappear from the address bar after just a few clicks (after the cookie is set).

 

Alan

 

Thanks for your help. I fixed the url and now the session ids are dissappearing.

 

I think I figured out where the other users are picking up the session ids from. I had made some static pages that have session ids associated with them and people were picking up on those links.

Backup before making changes. Backup before making changes! Backup before making changes!!

 

You did do a backup? eh?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...