Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Sessions Problems?


bigdeals

Recommended Posts

Hello everyone,

 

I am having some frustrating problems with my site at http://www.storeitwell.com/

 

The problem seems to occur when I go back and forth from SSL pages and non-SSL pages. I am not sure where the problem lies but it seems to be related to sessions?

 

If I try to use the included AIM Auth.net checkout option it works perfectly if I enter all the correct information, ie correct address, credit card number, CVV and date. However, if anything is entered incorrectly, I get re-routed back to the login screen. Feel free to try it out and see what I mean. Enter any fake credit card number, date and CVV and you'll see that it takes you back to the login screen and you also lose the fact that you have already logged in. However, if you leave the SSL page them go back to my account or checkout, it remembers who you were and you can try to checkout again. For some reason the SSL pages seem to lose your login info if there are any problems checking out.

 

I hope this makes sense. I've tried to post info as best I could. Could it be related to the application_top code?

 

I do have a couple mods installed:

Simple Template System (STS)

Ultimate SEO

All Products

 

I am very much looking forward to figuring this out and I look forward to any assistance,

 

Thank you everyone!

Kelley

Link to comment
Share on other sites

The SSL side doesn't seem to be making a cookie with the session ID in it.

 

Try these for your cookie settings in your /includes/configure.php file:

 

  define('HTTP_COOKIE_DOMAIN', '.storeitwell.com');
 define('HTTPS_COOKIE_DOMAIN', '.enterprise.acenet-inc.net');
 define('HTTP_COOKIE_PATH', '/');
 define('HTTPS_COOKIE_PATH', '/');

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Can You explain How will a cookie created for one url http url be used as a cookie of another URL.

 

I am missing something or is there some additional fix that needs to be applied so that oscid is passed to SSL pages.

 

 

Your explanation will be highly appreciated.

 

Satish

Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site.

 

Check My About US For who am I and what My company does.

Link to comment
Share on other sites

You end up with two cookies with the same seesion ID in it.

 

One for the HTTP side/URL, and another for the HTTPS side/URL.

 

Don't ask me HOW it works, but this isn't the first time I've suggested cookie settings like this for shared SSL and it worked.

:blush:

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

I am having the same issue and it seems to have started a few days ago. Nothing has changed on the server that should affect this. It is happening to all instances of OSC on the server.

 

From the comment above can i expect to see two cookies on the client? I am only seeing one.

Link to comment
Share on other sites

Well, I'm not absolutely certain it is actually 2 cookies.

:blush:

 

I use the Webdeveloper plugin in Firefox to view the cookie info.

 

When on an HTTP page the cookie has an HTTP URL and when on an HTTPS page it has an HTTPS URL, so I've always assumed they were unique entities.

 

I've never actually when to the temporary Internet files folder to see if there really are two cookies.

 

If you are having problems post (or PM me) your cookie domain and path settings and I'll take a peek.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

I just saw you posted these in another thread:

 

define('HTTP_COOKIE_DOMAIN', '.site.com');
define('HTTPS_COOKIE_DOMAIN', '.site.net/~user/');
define('HTTP_COOKIE_PATH', '/');
define('HTTPS_COOKIE_PATH', '/');

 

Try this for the HTTPS_COOKIE_DOMAIN

 

define('HTTPS_COOKIE_DOMAIN', '.site.net');

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

I have read all the posts associated to this problem and i am still stumped. It seems the cookies are being created.

 

Everything looks good and i am still seeing the same problem.

 

1. I am using shared SSL

 

2. Config settings

 

define('HTTP_SERVER', 'http://site.com');

define('HTTPS_SERVER', 'https://site1.net/~hydroha');

 

define('HTTP_COOKIE_DOMAIN', '.site.com');

define('HTTPS_COOKIE_DOMAIN', '.site1.net');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

 

define('STORE_SESSIONS', 'mysql');

 

3 Cookie information (http).

 

http://site.com/catalog/index.php/c...ac54e7e3a8c8027

1 cookie

Name osCsid

Value c11ca2ac2b11864c1ac54e7e3a8c8027

Host .site.com

Path /

Secure No

Expires At End Of Session

 

4. Cookie information (https)

 

https://site1.net/~hydroha/catalog/l...ac54e7e3a8c8027

1 cookie

Name osCsid

Value c11ca2ac2b11864c1ac54e7e3a8c8027

Host .site1.net

Path /

Secure No

Expires At End Of Session

 

Any help would be appreciated.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...