Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Sessions crossover?


Roguesheep

Recommended Posts

Hi, my client recently decided to change provider.

After we moved the site we experience a very nasty problem: customers ordering products sometimes (actually quite often) are not required to login but are presented information of another customer in the checkout process. Needless to say this sure makes the customers very nervous, not to mention the owner.. :-(

Sadly enough, I cannot reproduce this strange behaviour in the checkout.

 

No settings concerning sessions have been altered while moving the site.

 

Could a reduced number of 'max connections' in mysql be the culprit? This used to be 4000, now we are down to 500...

 

Furthermore: no session files are created in the designated directory even though a customer (guest) is online. The sessions table however does contain multiple (24 at the moment) entries. Is this 'normal' behaviour?

 

Did I mis a post while searching the forum?

 

Any light, directions where to search for the cause or where to start debugging are very appreciated.

 

Thanx in advance for any help,

Pascal

Link to comment
Share on other sites

sorry wrong post :-"

Forum search

Contributions search

Documentation search (note: docs being adapted for MS3, may be different for MS2)

3 tips for better forum searching

 

Want to post? Read this first:

osCommerce for dummies

Topic name etiquette

 

Basics:

Basics for design

Right syntax to use near '-20, 20'

Cannot re-assign $this

Parse error

Link to comment
Share on other sites

There are often 2 causes for the symptoms you describe:

 

1 - using file based sessions on a shared server

2 - people arriving at you site using links with ?oscid= appended

 

Solutions:

1 - edit includes/configure.php -> edit the following line so it appears like this:

define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'

 

2 - ensure that "Prevent spider sessions" is set to true in admin -> sessions (and possibly enable "Recreate session" also) - the former will stop search engines creating links with sessions but you'll have to wait for the existing one to expire.

 

There are many previous posts about these problems in the forum if you want to read more information.

 

HTH,

Tom

Link to comment
Share on other sites

Tom,

 

thanks for the tips. Unfortunately all settings are configured as you specified.

I guess I'll have to dive deeper into the search results.

 

More tips are still appriciated though :)

 

Pascal

Link to comment
Share on other sites

are there any parts of your site listed in search engines with sessionIDs appended already?

 

could you post your catalog/includes/configure.php WITHOUT DB USER NAME AND PWD?

Link to comment
Share on other sites

It appears the problem is solved. (the customer forgot to report this)

Probably a temporarily installed cache-ing extension was the cause >_<

 

@skylla: the site does show up in Google with osCsid in the url, but this never got me into anothers account.

 

Anyway, thanks for the help. :thumbsup:

 

Pascal

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...