yuck_fou Posted July 27, 2006 Share Posted July 27, 2006 Hello all, This is probably a silly quetion :D When I go to my shop and click on a language (english or finnish) I get this long hyperlinks in the address bar of the browser: http://www.trendypeople.fi/shop/index.php?...3be835cffa3f14d http://www.trendypeople.fi/shop/index.php?...3be835cffa3f14d Instead of: http://www.trendypeople.fi/shop/index.php?language=en http://www.trendypeople.fi/shop/index.php?language=fi This only happens on the first language flag click and then after this it uses the small hyperlinks. Please could somebody explain this and let me know if there is a problem/fault and how to fix it? Thanks. Link to comment Share on other sites More sharing options...
skylla Posted July 27, 2006 Share Posted July 27, 2006 do you mean the session id appended to the URLs? session IDs are generated when cookies cannot be set/disabled- or at least that's how I understand it. see http://www.oscommerce.info/kb/osCommerce/D...plementations/4 for some background info on session IDs in future releases of osC. session_id is the current osc_id. Link to comment Share on other sites More sharing options...
yuck_fou Posted July 27, 2006 Author Share Posted July 27, 2006 do you mean the session id appended to the URLs? session IDs are generated when cookies cannot be set/disabled- or at least that's how I understand it. see http://www.oscommerce.info/kb/osCommerce/D...plementations/4 for some background info on session IDs in future releases of osC. session_id is the current osc_id. Cheers skylla, that hit the nail on the head! :thumbsup: I've enabled forced cookie usage and recreate session in the admin section of my cart and seems to be ok now. Not sure how this will affect customers with cookies disabled...any ideas?? Thanks again. ;) Link to comment Share on other sites More sharing options...
skylla Posted July 27, 2006 Share Posted July 27, 2006 just disable cookies in your browser and see what happens. You should be directed to a page asking customers to enable cookies. but hey, is there any reason why you enforce cookie use? there's nothing wrong with sessionIDs appended to URLs as long as you don't post them and set 'disable sessions for spiders' to 'true'. the only reason i can think of why one might enforcing cookie use is when you're sharing SSL or when you're loosing sessionIDs due to bad links. Link to comment Share on other sites More sharing options...
yuck_fou Posted July 27, 2006 Author Share Posted July 27, 2006 just disable cookies in your browser and see what happens. You should be directed to a page asking customers to enable cookies. but hey, is there any reason why you enforce cookie use? there's nothing wrong with sessionIDs appended to URLs as long as you don't post them and set 'disable sessions for spiders' to 'true'. the only reason i can think of why one might enforcing cookie use is when you're sharing SSL or when you're loosing sessionIDs due to bad links. Yes you are right...I disabled the cookies and I get that notice. Could you be so kind and tell me what are the best options? I mean the ones what you are using for your shop? :D If I just use recreate session, I'm back to the long hyperlink. I'm not sure if this is meant to be :) Thanks! Link to comment Share on other sites More sharing options...
yuck_fou Posted July 27, 2006 Author Share Posted July 27, 2006 Basically is this the best option for the sessions menu? Session Directory /tmp Force Cookie Use False Check SSL Session ID False Check User Agent False Check IP Address False Prevent Spider Sessions False Recreate Session True Link to comment Share on other sites More sharing options...
skylla Posted July 27, 2006 Share Posted July 27, 2006 Set everything to false except 'Prevent Spider Sessions' which should be set to 'true'. And again, there's nothing wrong with 'the long hyperlinks'! if it's there it's meant to be. But never post URLs with session_IDs appended. Have spiders already crawled your site when spider sessions was set to true you might want to install a script to strip sessionIDs from URLs (and new ones will be generated if neccesary). Have you checked search engines if they've stored the sessionID too? Also make sure that when on a shared server you store sessions in the db. Link to comment Share on other sites More sharing options...
skylla Posted July 27, 2006 Share Posted July 27, 2006 oh, and you should also fetch the latest spiders.txt from the contribution section! Link to comment Share on other sites More sharing options...
yuck_fou Posted July 27, 2006 Author Share Posted July 27, 2006 oh, and you should also fetch the latest spiders.txt from the contribution section! Hey skylla, you've been great with your help! Thanks for this. One more question...if I Prevent Spider Sessions does this mean that google,etc will not crawl my shop? Or does this latest spiders list you mentioned help this? Link to comment Share on other sites More sharing options...
skylla Posted July 27, 2006 Share Posted July 27, 2006 the way it works is as follows: spiders will still come to your shop whether you have sessions enabled or disabled for them or whether their name is in or is not in the spiders.txt. 1) if their name is in the spiders.txt a sessionID will NOT be generated and the spider happilly crawls your shop 2) if their name is not flagged up, than a sessionID is generated and taken home by the spider. However, this should be prevented for reasons explained below. It's therefore important to keep your spiders.txt up-to-date and Steve Lionel has taken the task upon him for regularly updating and uploading the spiders.txt file to the contribution section. Actually, the reason why it's not a good thing to allow a spider to generate and store a sessionID is that, theoretically, the same sessionID could now be carried by multiple customers coming from this search engine link to your store. They will continue with this ID and session data will now become a mixed pool and ultimately cause mayhem. Try and search the osc forum for these two words: sessions+mixed and you'll see what I mean... Link to comment Share on other sites More sharing options...
yuck_fou Posted July 27, 2006 Author Share Posted July 27, 2006 the way it works is as follows: spiders will still come to your shop whether you have sessions enabled or disabled for them or whether their name is in or is not in the spiders.txt. 1) if their name is in the spiders.txt a sessionID will NOT be generated and the spider happilly crawls your shop 2) if their name is not flagged up, than a sessionID is generated and taken home by the spider. However, this should be prevented for reasons explained below. It's therefore important to keep your spiders.txt up-to-date and Steve Lionel has taken the task upon him for regularly updating and uploading the spiders.txt file to the contribution section. Actually, the reason why it's not a good thing to allow a spider to generate and store a sessionID is that, theoretically, the same sessionID could now be carried by multiple customers coming from this search engine link to your store. They will continue with this ID and session data will now become a mixed pool and ultimately cause mayhem. Try and search the osc forum for these two words: sessions+mixed and you'll see what I mean... So in a nutshell Keep your spiders list upto date and enable Prevent Spider Sessions. So google and all the legitimate spiders will work fine? meaning the list is like peerguardian, protowall, an antivirus but an antispider blocklist for oscommerce? Link to comment Share on other sites More sharing options...
skylla Posted July 27, 2006 Share Posted July 27, 2006 So in a nutshell Keep your spiders list upto date and enable Prevent Spider Sessions. So google and all the legitimate spiders will work fine? yep meaning the list is like peerguardian, protowall, an antivirus but an antispider blocklist for oscommerce? well, it doesn't *block* spiders or is *anti*spider. A good descriptive term is janitor or receptionist. It gives putative customers a ticket or tab, which identifies them at the checkout and enables them to pay for what's on their tab. A spider, however, is treated like a reporter/journalist. It won't get a tab as it won't be buying anything but can wander around freely w/o running up a bill and not paying for it. hmm, parable Link to comment Share on other sites More sharing options...
skylla Posted July 27, 2006 Share Posted July 27, 2006 ...but they keep coming over the wall as we speak... http://www.oscommerce.com/forums/index.php?s=&...st&p=904359 Link to comment Share on other sites More sharing options...
yuck_fou Posted July 27, 2006 Author Share Posted July 27, 2006 yep well, it doesn't *block* spiders or is *anti*spider. A good descriptive term is janitor or receptionist. It gives putative customers a ticket or tab, which identifies them at the checkout and enables them to pay for what's on their tab. A spider, however, is treated like a reporter/journalist. It won't get a tab as it won't be buying anything but can wander around freely w/o running up a bill and not paying for it. hmm, parable Scary stuff! I'm glad you told me now and not when I'm asking how this happened. Ok I'm going to update now the spiders list and have only Prevent Spider Sessions to True in the session of my admin. I want to thank you once again skylla for taking the time in explaining to me how this works. Also I hope you get loads of customers to your shop :thumbsup: Good Luck! :) Link to comment Share on other sites More sharing options...
skylla Posted July 28, 2006 Share Posted July 28, 2006 cheers, you too! Link to comment Share on other sites More sharing options...
Prospector Posted August 19, 2006 Share Posted August 19, 2006 cheers, you too! And thanks from the rest of us too!! : :D Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.