Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

Register Globals Easy - Issues

Robbogeordie
 Share

Recommended Posts

Robbogeordie

Robbogeordie

Posted
Posted

I have some issues since I also installed the Register Globals Easy to Oscommerce 2.2 -MS2 with 051112, 051113 and 060817 security updates/patches.

Environment - PHP Version 5.2.4 Mysql 5 Register Globals off by .htaccess

When I clear cache and go to the site I get the following error message - (This error goes away after the first click . We have force cookies set to true - if this is set to false the warning does not show.) :

 

Warning: extract() [function.extract]: First argument should be an array in /home/xxxxxx/public_html/includes/application_top.php on line 224

Code in application top file:

// Register Globals MOD - http://www.magic-seo-url.com

if (!ini_get("register_globals")) {

if (version_compare(phpversion(), "4.1.0", "<") === true) {

if (isset($HTTP_SESSION_VARS)) $_SESSION &= $HTTP_SESSION_VARS;

}

extract($_SESSION, EXTR_SKIP); //*****Line 224*****

}

 

We also lose the permanent cart - When we log off with some items in the cart and clear the cache and cookies and log back in again the cart is empty.

 

Does anyone have any ideas/suggestions.

 

As a side note,some of my contributions that didn't work with the other Register Globals patch do work with this one,so it would be good to get these issues ironed out.

Thanks,

Chris

Guest

Guest

Posted
Posted

I have just had to install a Register Globals patch as my host just moved me over to a much faster server. Downside is that this more of a corporate server and is what I needed but register globals is turned off - bugger.

 

So this contribution looked just right for me. The only problem I appear to have is the oe listed below when you are editing a product. I get this message.

 

-------------------------------------------

Session not registered - You cant access this page directly

Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in Unknown on line 0

-------------------------------------------

 

As far as I understand the session.bug_compat_warn to off settings is for the php.ini file which I do not have access to.

 

Hope someone can help.

 

Thanks

Dennisra

Dennisra

Posted
Posted

I also have this problem with this contribution installed:

We also lose the permanent cart - When we log off with some items in the cart and clear the cache and cookies and log back in again the cart is empty.

Does anyone have any ideas/suggestions.

Chris

 

This is not good.

My Environment - PHP Version 4.3 Mysql MySQL 4.1.21, Register Globals off in php.ini

 

"Does anyone have any ideas/suggestions." Is there an echo in here?

Dennisra

Dennisra

Posted
Posted (edited)

After checking, I lose the permanent cart no matter what I do. Once I close the browser it's gone.

 

Help!

Edited by Dennisra
Dennisra

Dennisra

Posted
Posted

Items are added to cart. The cart is actually saved however on returing to the store osCommerce does not "find" or recognize the old cart. It shows an empty cart after logging in.

 

Some debug information that hopefully will help solve this problem:

COOKIE INFO:

Array ( [cookie_test] => please_accept_for_session [Referrer] => [osCsid] => 54c014f6926b06b0d0b4d04c15e6a0bd )

 

This is with one item in the cart and logged in:

SESSION INFO:

Array ( [cart] => shoppingcart Object ( [contents] => Array ( [3469] => Array ( [qty] => 1 ) ) [total] => 0 [weight] => 0 [cartID] => 49983 [content_type] => ) [language] => english [languages_id] => 1 [currency] => USD [navigation] => navigationhistory Object ( [path] => Array ( [0] => Array (

kymation

♥kymation

Posted
Posted
<snip>

Warning: extract() [function.extract]: First argument should be an array in /home/xxxxxx/public_html/includes/application_top.php on line 224

A quick fix for that -- replace line 224 with this:

if (is_array ($_SESSION) ) extract ($_SESSION, EXTR_SKIP);

 

A better fix would be to not force cookies. This always causes problems. If you do, the session information is always stored in a cookie. This means that destroying the cookie, either by manually deleting it or by having your browser set to delete all cookies, will also destroy the session. If the server no longer has any session information it has no way to find your cart.

 

And please read the forum rules. Bumping is not allowed. It will also make it much less likely for anyone to answer your question.

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

Dennisra

Dennisra

Posted
Posted

Jim:

 

Thanks for trying!

 

I tried both your suggestion: "quick fix" and "not force cookies". In combination and separately. Unfortunately neither worked. Still unable to recall the cart once logged off. Anything else you can think of?

 

A quick fix for that -- replace line 224 with this:
if (is_array ($_SESSION) ) extract ($_SESSION, EXTR_SKIP);

A better fix would be to not force cookies.

Regards

Jim

kymation

♥kymation

Posted
Posted
Jim:

 

Thanks for trying!

 

I tried both your suggestion: "quick fix" and "not force cookies". In combination and separately. Unfortunately neither worked. Still unable to recall the cart once logged off. Anything else you can think of?

The "quick fix" was just to get rid of that error message -- it does nothing for session problems. Do you have sessions stored in the database? The last define in catalog/includes/configure.php should look like this:

  define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

Dennisra

Dennisra

Posted
Posted

Jim:

 

Thank you very much for your response.

 

Yes, I store sessions in the database. I thought that was the most efficient option. Both configure.php files have exactly that:

define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'

 

I thank you for any advice, tips or suggestions you may have.

 

Dennis

 

The "quick fix" was just to get rid of that error message -- it does nothing for session problems. Do you have sessions stored in the database? The last define in catalog/includes/configure.php should look like this:
  define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'

 

Regards

Jim

kymation

♥kymation

Posted
Posted

That eliminates all of the easy fixes. It appears that the Register Globals Easy contribution is failing to set the session variables properly. Unfortunately I don't know of an easy fix for this. The right way to do it would be to define all of those pesky globals, i.e. add 

		  $customer_default_address_id = $_SESSION['customer_default_address_id'];

to checkout_shipping.php. I only know about that one because it bit me recently; I have no way of finding all the rest. Not without countless hours of work, that is. Sorry I'm not being much help here.

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

satish

satish

Posted
Posted

In admin configure there is session create configuration.

 

Like recreate on login.

Chel browser.

Chek IP etc.

 

If any is set to true a new session gets generated and associated so anything related to previous session might get lost.

 

Satish.

Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site.

 

Check My About US For who am I and what My company does.

Dennisra

Dennisra

Posted
Posted

I do appreciate that you took a look at it!

 

 

That eliminates all of the easy fixes. It appears that the Register Globals Easy contribution is failing to set the session variables properly. Unfortunately I don't know of an easy fix for this. The right way to do it would be to define all of those pesky globals, i.e. add 
		  $customer_default_address_id = $_SESSION['customer_default_address_id'];

to checkout_shipping.php. I only know about that one because it bit me recently; I have no way of finding all the rest. Not without countless hours of work, that is. Sorry I'm not being much help here.

 

Regards

Jim

badlhby

badlhby

Posted
Posted

For those of you having issues with this contribution in relation to other contributions I may have come up with a solution. The problem is that when using the tep_session_register function the $_SESSION value is set to null. When this in turn is interrogated with the tep_session_is_registered function it will always return false unless a value has been assigned to it. Instead of setting it to null I have modified it to set it to whatever value exists in the variable at the time of registration. If the variable never had anything set then it would still be null anyway.

 

I have tested this with several contributions including Admin Access Level Accounts 2.2a which started me on this quest in the first place. Everything appears to be working perfectly but that is only on my site. Try it out it may work for you as well.

 

This will work with configure.php - define('STORE_SESSIONS') set to 'mysql' or not. I have tested it both ways.

 

Within /catalog/admin/includes/functions/sessions.php change around line 57 from this:

 

// AGM Register Globals MOD 
 function tep_session_register($variable) {
   global $session_started;
   if ($session_started == true) {
     $_SESSION[$variable] = null;
     return true;
   } else {
     return false;
   }
 }

 

to this:

 

// AGM Register Globals MOD 
 function tep_session_register($variable) {
   global $session_started, $$variable;
   if ($session_started == true) {
     $_SESSION[$variable] = $$variable;
     return true;
   } else {
     return false;
   }
 }

 

And within /catalog/admin/includes/functions/sessions.php change around line 57 from this:

 

// AGM Register Globals MOD
 function tep_session_register($variable) {
   $_SESSION[$variable] = null;
 }

 

to this:

 

// AGM Register Globals MOD
 function tep_session_register($variable) {
   global $$variable;
   $_SESSION[$variable] = $$variable;
 }

 

BTW Great contribution!

Dennisra

Dennisra

Posted
Posted

I was about to make the suggested changes when I noticed that they were all to the admin side. I had a problem loading items into the cart on the catalog side. Aren't there some changes that should be made to the cart side also?

 

For those of you having issues with this contribution in relation to other contributions I may have come up with a solution. The problem is that when using the tep_session_register function the $_SESSION value is set to null. When this in turn is interrogated with the tep_session_is_registered function it will always return false unless a value has been assigned to it. Instead of setting it to null I have modified it to set it to whatever value exists in the variable at the time of registration. If the variable never had anything set then it would still be null anyway.

 

I have tested this with several contributions including Admin Access Level Accounts 2.2a which started me on this quest in the first place. Everything appears to be working perfectly but that is only on my site. Try it out it may work for you as well.

 

This will work with configure.php - define('STORE_SESSIONS') set to 'mysql' or not. I have tested it both ways.

 

Within /catalog/admin/includes/functions/sessions.php change around line 57 from this:

 

// AGM Register Globals MOD 
 function tep_session_register($variable) {
   global $session_started;
   if ($session_started == true) {
     $_SESSION[$variable] = null;
     return true;
   } else {
     return false;
   }
 }

 

to this:

 

// AGM Register Globals MOD 
 function tep_session_register($variable) {
   global $session_started, $variable;
   if ($session_started == true) {
     $_SESSION[$variable] = $variable;
     return true;
   } else {
     return false;
   }
 }

 

And within /catalog/admin/includes/functions/sessions.php change around line 57 from this:

 

// AGM Register Globals MOD
 function tep_session_register($variable) {
   $_SESSION[$variable] = null;
 }

 

to this:

 

// AGM Register Globals MOD
 function tep_session_register($variable) {
   global $variable;
   $_SESSION[$variable] = $variable;
 }

 

BTW Great contribution!

Robbogeordie

Robbogeordie

Posted
  • Author
Posted
For those of you having issues with this contribution in relation to other contributions I may have come up with a solution. The problem is that when using the tep_session_register function the $_SESSION value is set to null. When this in turn is interrogated with the tep_session_is_registered function it will always return false unless a value has been assigned to it. Instead of setting it to null I have modified it to set it to whatever value exists in the variable at the time of registration. If the variable never had anything set then it would still be null anyway.

 

I have tested this with several contributions including Admin Access Level Accounts 2.2a which started me on this quest in the first place. Everything appears to be working perfectly but that is only on my site. Try it out it may work for you as well.

 

This will work with configure.php - define('STORE_SESSIONS') set to 'mysql' or not. I have tested it both ways.

 

Within /catalog/admin/includes/functions/sessions.php change around line 57 from this: NOTE TYPO SHOULD BE catalog/includes/functions/sessions.php

 

// AGM Register Globals MOD 
 function tep_session_register($variable) {
   global $session_started;
   if ($session_started == true) {
     $_SESSION[$variable] = null;
     return true;
   } else {
     return false;
   }
 }

 

to this:

 

// AGM Register Globals MOD 
 function tep_session_register($variable) {
   global $session_started, $$variable;
   if ($session_started == true) {
     $_SESSION[$variable] = $$variable;
     return true;
   } else {
     return false;
   }
 }

 

And within /catalog/admin/includes/functions/sessions.php change around line 57 from this:

 

// AGM Register Globals MOD
 function tep_session_register($variable) {
   $_SESSION[$variable] = null;
 }

 

to this:

 

// AGM Register Globals MOD
 function tep_session_register($variable) {
   global $$variable;
   $_SESSION[$variable] = $$variable;
 }

 

BTW Great contribution!

 

 

Bob your fix works great for saving the Permanent Cart - Thumbs up !

 

I tried :

(kymation @ Mar 14 2008, 11:10 PM) *

A quick fix for that -- replace line 224 with this:

CODE

if (is_array ($_SESSION) ) extract ($_SESSION, EXTR_SKIP);

 

A better fix would be to not force cookies.

Regards

Jim

 

..but I still get a - Warning: Invalid argument error

 

No longer forcing cookies gets rid of the earlier error ...Thanks Jim

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...