Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Long hyperlinks in the address bar?


yuck_fou

Recommended Posts

Hello all, This is probably a silly quetion :D

 

When I go to my shop and click on a language (english or finnish) I get this long hyperlinks in the address bar of the browser:

 

http://www.trendypeople.fi/shop/index.php?...3be835cffa3f14d

 

http://www.trendypeople.fi/shop/index.php?...3be835cffa3f14d

 

Instead of:

 

http://www.trendypeople.fi/shop/index.php?language=en

 

http://www.trendypeople.fi/shop/index.php?language=fi

 

This only happens on the first language flag click and then after this it uses the small hyperlinks.

 

Please could somebody explain this and let me know if there is a problem/fault and how to fix it?

 

Thanks.

Link to comment
Share on other sites

do you mean the session id appended to the URLs? session IDs are generated when cookies cannot be set/disabled- or at least that's how I understand it.

 

see http://www.oscommerce.info/kb/osCommerce/D...plementations/4 for some background info on session IDs in future releases of osC. session_id is the current osc_id.

Link to comment
Share on other sites

do you mean the session id appended to the URLs? session IDs are generated when cookies cannot be set/disabled- or at least that's how I understand it.

 

see http://www.oscommerce.info/kb/osCommerce/D...plementations/4 for some background info on session IDs in future releases of osC. session_id is the current osc_id.

 

Cheers skylla, that hit the nail on the head! :thumbsup:

 

I've enabled forced cookie usage and recreate session in the admin section of my cart and seems to be ok now.

 

Not sure how this will affect customers with cookies disabled...any ideas??

 

Thanks again. ;)

Link to comment
Share on other sites

just disable cookies in your browser and see what happens. You should be directed to a page asking customers to enable cookies.

 

but hey, is there any reason why you enforce cookie use? there's nothing wrong with sessionIDs appended to URLs as long as you don't post them and set 'disable sessions for spiders' to 'true'.

 

the only reason i can think of why one might enforcing cookie use is when you're sharing SSL or when you're loosing sessionIDs due to bad links.

Link to comment
Share on other sites

just disable cookies in your browser and see what happens. You should be directed to a page asking customers to enable cookies.

 

but hey, is there any reason why you enforce cookie use? there's nothing wrong with sessionIDs appended to URLs as long as you don't post them and set 'disable sessions for spiders' to 'true'.

 

the only reason i can think of why one might enforcing cookie use is when you're sharing SSL or when you're loosing sessionIDs due to bad links.

 

Yes you are right...I disabled the cookies and I get that notice. Could you be so kind and tell me what are the best options? I mean the ones what you are using for your shop? :D

 

If I just use recreate session, I'm back to the long hyperlink. I'm not sure if this is meant to be :)

 

Thanks!

Link to comment
Share on other sites

Basically is this the best option for the sessions menu?

 

Session Directory /tmp

Force Cookie Use False

Check SSL Session ID False

Check User Agent False

Check IP Address False

Prevent Spider Sessions False

Recreate Session True

Link to comment
Share on other sites

Set everything to false except 'Prevent Spider Sessions' which should be set to 'true'.

 

 

And again, there's nothing wrong with 'the long hyperlinks'! if it's there it's meant to be. But never post URLs with session_IDs appended.

 

Have spiders already crawled your site when spider sessions was set to true you might want to install a script to strip sessionIDs from URLs (and new ones will be generated if neccesary). Have you checked search engines if they've stored the sessionID too?

 

Also make sure that when on a shared server you store sessions in the db.

Link to comment
Share on other sites

oh, and you should also fetch the latest spiders.txt from the contribution section!

 

Hey skylla, you've been great with your help! Thanks for this.

 

One more question...if I Prevent Spider Sessions does this mean that google,etc will not crawl my shop? Or does this latest spiders list you mentioned help this?

Link to comment
Share on other sites

the way it works is as follows: spiders will still come to your shop whether you have sessions enabled or disabled for them or whether their name is in or is not in the spiders.txt.

 

1) if their name is in the spiders.txt a sessionID will NOT be generated and the spider happilly crawls your shop

 

2) if their name is not flagged up, than a sessionID is generated and taken home by the spider. However, this should be prevented for reasons explained below. It's therefore important to keep your spiders.txt up-to-date and Steve Lionel has taken the task upon him for regularly updating and uploading the spiders.txt file to the contribution section.

 

Actually, the reason why it's not a good thing to allow a spider to generate and store a sessionID is that, theoretically, the same sessionID could now be carried by multiple customers coming from this search engine link to your store. They will continue with this ID and session data will now become a mixed pool and ultimately cause mayhem. Try and search the osc forum for these two words: sessions+mixed and you'll see what I mean...

Link to comment
Share on other sites

the way it works is as follows: spiders will still come to your shop whether you have sessions enabled or disabled for them or whether their name is in or is not in the spiders.txt.

 

1) if their name is in the spiders.txt a sessionID will NOT be generated and the spider happilly crawls your shop

 

2) if their name is not flagged up, than a sessionID is generated and taken home by the spider. However, this should be prevented for reasons explained below. It's therefore important to keep your spiders.txt up-to-date and Steve Lionel has taken the task upon him for regularly updating and uploading the spiders.txt file to the contribution section.

 

Actually, the reason why it's not a good thing to allow a spider to generate and store a sessionID is that, theoretically, the same sessionID could now be carried by multiple customers coming from this search engine link to your store. They will continue with this ID and session data will now become a mixed pool and ultimately cause mayhem. Try and search the osc forum for these two words: sessions+mixed and you'll see what I mean...

 

So in a nutshell Keep your spiders list upto date and enable Prevent Spider Sessions. So google and all the legitimate spiders will work fine? meaning the list is like peerguardian, protowall, an antivirus but an antispider blocklist for oscommerce?

Link to comment
Share on other sites

So in a nutshell Keep your spiders list upto date and enable Prevent Spider Sessions. So google and all the legitimate spiders will work fine?

yep

meaning the list is like peerguardian, protowall, an antivirus but an antispider blocklist for oscommerce?

well, it doesn't *block* spiders or is *anti*spider. A good descriptive term is janitor or receptionist. It gives putative customers a ticket or tab, which identifies them at the checkout and enables them to pay for what's on their tab. A spider, however, is treated like a reporter/journalist. It won't get a tab as it won't be buying anything but can wander around freely w/o running up a bill and not paying for it.

 

hmm, parable

Link to comment
Share on other sites

yep

 

well, it doesn't *block* spiders or is *anti*spider. A good descriptive term is janitor or receptionist. It gives putative customers a ticket or tab, which identifies them at the checkout and enables them to pay for what's on their tab. A spider, however, is treated like a reporter/journalist. It won't get a tab as it won't be buying anything but can wander around freely w/o running up a bill and not paying for it.

 

hmm, parable

 

Scary stuff! I'm glad you told me now and not when I'm asking how this happened.

 

Ok I'm going to update now the spiders list and have only Prevent Spider Sessions to True in the session of my admin.

 

I want to thank you once again skylla for taking the time in explaining to me how this works. Also I hope you get loads of customers to your shop :thumbsup:

 

Good Luck! :)

Link to comment
Share on other sites

  • 4 weeks later...

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...