samyak Posted April 14, 2007 Posted April 14, 2007 hello all, Could you please tell me how i can remove the osCsid from the URL of my oscommerce site. Isnt there a way in which sessions can be stored without adding this Id in the URL? Thank you. Samyak
lostndazed Posted April 14, 2007 Posted April 14, 2007 Hi Samyak, You could try researching some of these contributions to see which best meets your needs. http://www.oscommerce.com/community?contri...mp;category=all There's the Ultimate SEO URLs contribution (search for it). Good luck.
lostndazed Posted April 14, 2007 Posted April 14, 2007 By the way, be sure admin/configuration/Sessions/prevent spider sessions set to true
samyak Posted April 14, 2007 Author Posted April 14, 2007 let me explain my situation/problem a little more. I completed one oscommerce site and uploaded it to the server. I use paypal for the payment. So when the user goes to paypal site for payment, the 'return to merchant' button brings him back to the checkout_process.php page. bus since paypal doesn't send back the osCsid in the URL, on this page, the user is assumed as not logged and is redirected to login page. So Even thought the user has successfully made the payment, the orders are not ssaved! How do I solve this problem? Please help
Guest Posted April 14, 2007 Posted April 14, 2007 hello all, Could you please tell me how i can remove the osCsid from the URL of my oscommerce site. Isnt there a way in which sessions can be stored without adding this Id in the URL? Thank you. Samyak the oscsid should go away after a couple of clicks as long as the session cookie works. This problem indicates your configure.php file is not setup correctly. So when the user goes to paypal site for payment, the 'return to merchant' button brings him back to the checkout_process.php page. bus since paypal doesn't send back the osCsid in the URL, on this page, the user is assumed as not logged and is redirected to login page. paypal does not decide the url to return to. The osc paypal module does. And the osc stock one includes the session with the url. Same happens with every payment module where the gateway supports return/error urls like paypal does. So this is not normal and happened because you did changes to your store. What changes have you done there?
samyak Posted April 14, 2007 Author Posted April 14, 2007 the oscsid should go away after a couple of clicks as long as the session cookie works. This problem indicates your configure.php file is not setup correctly. The osCsid never goes away in my site.Can you tell me what errors in configure can result in this? paypal does not decide the url to return to. The osc paypal module does. And the osc stock one includes the session with the url. I agree. Bu tI have not made any changes to the paypal module. I can see that the osc includes the session with the URL it sends as return URL to paypal. but paypal just strips out that info. It returns to the page wihtout any osCsid in query strings. all it has in query string is "merchant_return_link=Return+to+Merchant"
Guest Posted April 14, 2007 Posted April 14, 2007 you need to identify which paypal module it is. Is it from a contribution? If so you should ask in the contribution thread. But the stock paypal module returns the oscsid. And for the configure.php you should set properly the lines that include the word cookie. Like cookie path and cookie domain. There are many threads which explain how to set them up like this one which talks about ssl setup http://www.oscommerce.com/forums/index.php?showtopic=151162
samyak Posted April 15, 2007 Author Posted April 15, 2007 you need to identify which paypal module it is. Is it from a contribution? If so you should ask in the contribution thread. But the stock paypal module returns the oscsid. I am using the standard paypal module that comes with oscommerce project. I can see that osc sends its osCsid in the return_url, but in the page sent back from paypal, this id is not returned!!!
Guest Posted April 15, 2007 Posted April 15, 2007 am using the standard paypal module that comes with oscommerce project. I can see that osc sends its osCsid in the return_url, but in the page sent back from paypal, this id is not returned!!! maybe with your store because it does with mine. So start looking the customizations you did!!!
samyak Posted April 15, 2007 Author Posted April 15, 2007 maybe with your store because it does with mine. So start looking the customizations you did!!! You mean paypal returns to the page http://mysite.com/.../checkout_pro...3853936d4cec1c3 or something like that? But the problem is I have not changed anything in the paymanet module at all. i have not even changed anything on the chekot process or the return page.
Guest Posted April 15, 2007 Posted April 15, 2007 You mean paypal returns to the page http://mysite.com/.../checkout_pro...3853936d4cec1c3 or something like that? yes its how it returns. Now I assume you go through the osc checkout procedure. This code from the paypal module is what builds the return and error urls: $process_button_string = tep_draw_hidden_field('cmd', '_xclick') . tep_draw_hidden_field('business', MODULE_PAYMENT_PAYPAL_ID) . tep_draw_hidden_field('item_name', STORE_NAME) . tep_draw_hidden_field('amount', number_format(($order->info['total'] - $order->info['shipping_cost']) * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency))) . tep_draw_hidden_field('shipping', number_format($order->info['shipping_cost'] * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency))) . tep_draw_hidden_field('currency_code', $my_currency) . tep_draw_hidden_field('return', tep_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL')) . tep_draw_hidden_field('cancel_return', tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL')); see the "return" and "cancel return". The tep_href_link function appends the oscsid to the url. Paypal from its end cannot decide what to strip or how to intrpret the urls. So it simply uses them to do a redirect back to the merchant.
samyak Posted April 15, 2007 Author Posted April 15, 2007 see the "return" and "cancel return". The tep_href_link function appends the oscsid to the url. Paypal from its end cannot decide what to strip or how to interpret the urls. So it simply uses them to do a redirect back to the merchant. Yes I understand that. I have the exact same code. But paypal redirects me to following page http://localhost/klickdc/checkout_process.php?merchant_return_link=Return+to+Merchant I dont understand how this can happen.
Guest Posted April 15, 2007 Posted April 15, 2007 do you have other modules installed that could affect the urls? Like some SEO? Any differences from the default osc configuration settings about the sessions? persistent connections should be off in your configure.php and sessions stored in the dbase. If you cannot find what causes this and to rule out the server settings, install the stock osc, enable paypal and test it. http://www.oscommerce.com/solutions/downloads And the localhost is an example right?
samyak Posted April 16, 2007 Author Posted April 16, 2007 No. I do not have any other modules installed. I am using the latest version of oscommerce. my sessions are stored in database and persistent connections are off too. I have tried this both in localhost and live server, but its same in both case. I dont understand why paypal wouldn't return the osCsid. Could it be because I have turned SSL off? and the return page is http instead of https?
Guest Posted April 23, 2010 Posted April 23, 2010 The solution to this problem is: Add "tep_draw_hidden_field('rm', 2);" to includes/modules/payments/paypal.php like in the example below: $process_button_string = tep_draw_hidden_field('cmd', '_xclick') . tep_draw_hidden_field('business', MODULE_PAYMENT_PAYPAL_ID) . tep_draw_hidden_field('item_name', STORE_NAME) . tep_draw_hidden_field('amount', number_format(($order->info['total'] - $order->info['shipping_cost']) * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency))) . tep_draw_hidden_field('shipping', number_format($order->info['shipping_cost'] * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency))) . tep_draw_hidden_field('currency_code', $my_currency) . tep_draw_hidden_field('return', tep_href_link(FILENAME_CHECKOUT_PROCESS, 'pm=2', 'SSL')) . tep_draw_hidden_field('cancel_return', tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL')) . tep_draw_hidden_field('rm', 2); (rm stands for request method and 2 stands for POST) Then you will have to make sure that the option "auto return" is disabled in your paypal-account. You can find it in Seller options. (German: Webseite Zahlungsoptionen -> Automatische Rückleitung auf Deaktiviert setzen.)
♥mdtaylorlrim Posted April 23, 2010 Posted April 23, 2010 hello all, Could you please tell me how i can remove the osCsid from the URL of my oscommerce site. Isnt there a way in which sessions can be stored without adding this Id in the URL? Thank you. Samyak A properly configured shop will not see the osCID in URL's after the 2nd or 3rd click. Go to your Administration, Sessions, and be sure your settings are as follows: Session Directory /tmp <-- watch for errors. You may need to use something else here. Force Cookie Use False Check SSL Session ID False Check User Agent False Check IP Address False Prevent Spider Sessions True Recreate Session True Community Bootstrap Edition, Edge Avoid the most asked question. See How to Secure My Site and How do I...?
trier Posted April 24, 2010 Posted April 24, 2010 I often see - "A properly configured shop will not see the osCID in URL's after the 2nd or 3rd click." quoted, but isn't this only true when the client browser is set to accept cookies? If the client browser is set to not accept cookies, won't the osCID will show in every URL?
germ Posted April 24, 2010 Posted April 24, 2010 I often see - "A properly configured shop will not see the osCID in URL's after the 2nd or 3rd click." quoted, but isn't this only true when the client browser is set to accept cookies? If the client browser is set to not accept cookies, won't the osCID will show in every URL? Yes. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
longhorn1999 Posted April 24, 2010 Posted April 24, 2010 A properly configured shop will not see the osCID in URL's after the 2nd or 3rd click. Go to your Administration, Sessions, and be sure your settings are as follows: Session Directory /tmp <-- watch for errors. You may need to use something else here. Force Cookie Use False Check SSL Session ID False Check User Agent False Check IP Address False Prevent Spider Sessions True Recreate Session True Hi Mark, I think that the default setting for 'Check User Agent' is true, and my site seems to be running with that without any osCsid issues, though I do have a problem with people logging in to write a review being redirected to the home page. Could you elaborate on why 'Check User Agent' should be false? Is that standard practice for most everyone now? Thanks
♥mdtaylorlrim Posted April 25, 2010 Posted April 25, 2010 Hi Mark, I think that the default setting for 'Check User Agent' is true, and my site seems to be running with that without any osCsid issues, though I do have a problem with people logging in to write a review being redirected to the home page. Could you elaborate on why 'Check User Agent' should be false? Is that standard practice for most everyone now? Thanks Sorry. Bad wording choice on my part. These are simply settings known to work and provide minimal load on the server. Once a person has a running shop changing ONE setting at a time and analyzing the result is then necessary. If you need user-agent to be on then by all means turn it on. If not, then why add that to the equation? If you have user-agent turned on do you know what it does for you? Perhaps you need it. Others may not. Community Bootstrap Edition, Edge Avoid the most asked question. See How to Secure My Site and How do I...?
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.