bradyswenson Posted October 22, 2007 Share Posted October 22, 2007 Hello all, I've never posted a question in the forums because I've always been able to find answers without needing to. But this is a strange problem that seems to have just cropped up, one of those ghost in the machine things, because I have not edited a character of code for quite some time before this started happening. A couple days ago I noticed that my shopping cart is no longer holding information. It took me a while but I then realized that the shopping cart works when logged in. I use the Firefox Web Dev tool bar to look at the cookies being set and realized that osCsid is not being set upon visiting the site. After logging in the a session is started and osCsid is set. Does this behavior raise any red flags for anyone? I just need a direction to start on so I can get this figured out. The site in question is twohandsworldshop.com. Thanks so much, Brady Link to comment Share on other sites More sharing options...
bradyswenson Posted October 22, 2007 Author Share Posted October 22, 2007 I have one more piece of perhaps useful information... the osCsid is set upon a visit to login.php or create_account.php, but not before then. This is probably a simple issue or setting that was changed on accident somehow, like I said this was a working shop a few days ago and I haven't edited any code, I even tried a backup copy... what am I missing? I am using SEO Urls and here are my session config settings: Session Directory /tmp Force Cookie Use False Check SSL Session ID False Check User Agent False Check IP Address False Prevent Spider Sessions True Recreate Session True (tried this one on and off to no avail) Link to comment Share on other sites More sharing options...
bradyswenson Posted October 23, 2007 Author Share Posted October 23, 2007 So, I'm spamming my own thread here but I'm sure you all understand how an osC problem can consume you. Ok, so, I'm thinking the answer lies in how osC is treating sessions for https vs http, seeing as the session (and the osCsid cookie that makes the cart maintain state) finally gets set when the user visits login.php. Does that ring any bells? Any help, advice, malformed thoughts, incomplete brainstorms, pointless drivel... anything really would be very much appreciated! :) Brady Link to comment Share on other sites More sharing options...
bradyswenson Posted October 23, 2007 Author Share Posted October 23, 2007 Yes indeed, I turned off the SSL and the osCsid is never being set now... so why will osC only set osCsid when connecting via https? Link to comment Share on other sites More sharing options...
bradyswenson Posted October 23, 2007 Author Share Posted October 23, 2007 Welcome to the fifth post of my ongoing blog of this problem... I've been through the forums and I've seen that a lot of people have had problems with shared certs going from https to http and losing the session. This is a bizzare problem because my session is not being set until a page is visited using https. Once the session is set, though, I can go back to http without a problem. I'm using a full cert, of course, so the domain never changes. Here's my config.php: define('HTTP_SERVER', 'http://twohandsworldshop.com'); define('HTTPS_SERVER', 'https://twohandsworldshop.com'); define('ENABLE_SSL', true); define('HTTP_COOKIE_DOMAIN', 'twohandsworlshop.com'); define('HTTPS_COOKIE_DOMAIN', 'twohandsworldshop.com'); For the time being, until I get this solved, or one of you tells me I'm an idiot and this problem is trivially simple to fix and to figure out, I've used the .htaccess file to redirect all requests to https so that sales can continue. But I'd much rather not keep the site like this for obvious performance reasons (, HTTPS performance for web applications has been documented by the industry to be up to 5 times slower with regard to transaction response times, and have up to 1/5 the system throughput... source.). So, please, still let me know what you think! Like I said in the original post, I have no clue what brought the behavior on. I'm confounded. Link to comment Share on other sites More sharing options...
meschu Posted July 25, 2008 Share Posted July 25, 2008 Welcome to the fifth post of my ongoing blog of this problem... I've been through the forums and I've seen that a lot of people have had problems with shared certs going from https to http and losing the session. This is a bizzare problem because my session is not being set until a page is visited using https. Once the session is set, though, I can go back to http without a problem. I'm using a full cert, of course, so the domain never changes. Here's my config.php: define('HTTP_SERVER', 'http://twohandsworldshop.com'); define('HTTPS_SERVER', 'https://twohandsworldshop.com'); define('ENABLE_SSL', true); define('HTTP_COOKIE_DOMAIN', 'twohandsworlshop.com'); define('HTTPS_COOKIE_DOMAIN', 'twohandsworldshop.com'); For the time being, until I get this solved, or one of you tells me I'm an idiot and this problem is trivially simple to fix and to figure out, I've used the .htaccess file to redirect all requests to https so that sales can continue. But I'd much rather not keep the site like this for obvious performance reasons (, HTTPS performance for web applications has been documented by the industry to be up to 5 times slower with regard to transaction response times, and have up to 1/5 the system throughput... source.). So, please, still let me know what you think! Like I said in the original post, I have no clue what brought the behavior on. I'm confounded. I see this post now...years later and wonder if you ever found a resolution. I am having a very similar issue with the osCsid cookie not being set. Other cookies are set, but for some reason, this one is not. Ugh.... Link to comment Share on other sites More sharing options...
dmh357 Posted July 25, 2008 Share Posted July 25, 2008 I see this post now...years later and wonder if you ever found a resolution. I am having a very similar issue with the osCsid cookie not being set. Other cookies are set, but for some reason, this one is not. Ugh.... ditto Link to comment Share on other sites More sharing options...
Vexiphne Posted December 30, 2008 Share Posted December 30, 2008 define('HTTP_COOKIE_DOMAIN', 'twohandsworlshop.com'); that's a typo there. But I ran into this issue awhile back and it had to do with the expire date set on my cookies. I have an autologon contrib added in and if i didn't format the expire date just right, it would totally bork the entire cookie setting. But only on Firefox & Safari windows and not Safari Mac. Strange, I know. Link to comment Share on other sites More sharing options...
therealjblizzle Posted April 28, 2009 Share Posted April 28, 2009 Yeah, I seem to also be having similar problems, except no cookies are being set and even though the session id appears to be keeping up with the user, some contributions I'm using are not able to read the session ID even with cookies being forced (though when i force cookies it doesn't seem to do anything. I am also using the web developer tools addon for firefox and it isn't showing any cookie from my store =( ) Has any of this been resolved? -J Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.