Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

How to set the Session configuration correctly

Guest

By Guest
in General Support

Recommended Posts

Guest

Guest

Posted
Posted

Hi OSCilators ;-)

 

I have been looking for an understandable document about the adequate configuration of the session part of OSCommerce.

Up to now I am still searching...

Has somebody got some documentation that is a bit more verbose that the standard documentation?

 

My actual settings for "sessions" are:

 

Session Directory /tmp

Force Cookie Use False

Check SSL Session ID False

Check User Agent False

Check IP Address False

Prevent Spider Sessions True

Recreate Session False

With these settings actually on Internet Explorer, Firefox and Opera I always get session ID's even if cookies are allowed to.

;-)

What did I make wrong?

 

I do not want to set to Force Cookie not to chase away my customers who don't like cookies.

What happens exactly if I activate

- Check SSL Session ID?

- Check User Agent?

- Recreate Session?

I have understood that these settings are increasing safety, fine. But is it a hidden drawback?

Is it possible that these settings will lead to more error messages to my customers?

 

I would be happy in somebody could give me a hint can help me find some answers to these questions.

 

Thank you very much

 

Michel Firholz

Guest

Guest

Posted
Posted

if you are getting sessions with the urls after a couple of clicks it means your cookie paths are incorrect. Check your includes\configure.php files

Guest

Guest

Posted
Posted
if you are getting sessions with the urls after a couple of clicks it means your cookie paths are incorrect. Check your includes\configure.php files

 

I can't find a mistake in it:

 

define('HTTP_SERVER', 'http://schirmer-mosel.de'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://mmm809.verio.de/schir1'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'schirmer-mosel.de');

define('HTTPS_COOKIE_DOMAIN', 'mmm809.verio.de/schir1');

define('HTTP_COOKIE_PATH', '/tmp/');

define('HTTPS_COOKIE_PATH', '/tmp/');

define('DIR_WS_HTTP_CATALOG', '/catalog/');

define('DIR_WS_HTTPS_CATALOG', '/catalog/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

There is a path /tmp/ located under "schirmer-mosel.de" and under "schirmer-mosel.de/catalog/"

both remain desperately empty.

Guest

Guest

Posted
Posted

if your osc store is in the catalog then the cookie path should point to the catalog

 

define('HTTP_COOKIE_PATH', '/catalog/');

 

and what's the schir1, is that the secure folder? Your https settings don't seem correct. SERVER and DOMAIN should be of format www.mysite.com or mysite.com for secure non-secure accordingly and the paths should populate the path fields. Anyways once you fix the non-secure part you could do something similar for the secure one. Just populate the paths to include whatever secure folder your store is at.

Guest

Guest

Posted
Posted
if your osc store is in the catalog then the cookie path should point to the catalog

 

define('HTTP_COOKIE_PATH', '/catalog/');

 

and what's the schir1, is that the secure folder? Your https settings don't seem correct. SERVER and DOMAIN should be of format www.mysite.com or mysite.com for secure non-secure accordingly and the paths should populate the path fields. Anyways once you fix the non-secure part you could do something similar for the secure one. Just populate the paths to include whatever secure folder your store is at.

 

Changing the cookies path to /catalog/ did not solve the problem. Unfortunately.

 

The path for the SSL connection is correct, that is the definition if you use it together with a shared SSL proxy.

 

Thank you anyway, and I hope that somebody else would help.

 

Michel Firholz

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...