bigdeals Posted July 21, 2008 Posted July 21, 2008 Hello everyone, I am having some frustrating problems with my site at http://www.storeitwell.com/ The problem seems to occur when I go back and forth from SSL pages and non-SSL pages. I am not sure where the problem lies but it seems to be related to sessions? If I try to use the included AIM Auth.net checkout option it works perfectly if I enter all the correct information, ie correct address, credit card number, CVV and date. However, if anything is entered incorrectly, I get re-routed back to the login screen. Feel free to try it out and see what I mean. Enter any fake credit card number, date and CVV and you'll see that it takes you back to the login screen and you also lose the fact that you have already logged in. However, if you leave the SSL page them go back to my account or checkout, it remembers who you were and you can try to checkout again. For some reason the SSL pages seem to lose your login info if there are any problems checking out. I hope this makes sense. I've tried to post info as best I could. Could it be related to the application_top code? I do have a couple mods installed: Simple Template System (STS) Ultimate SEO All Products I am very much looking forward to figuring this out and I look forward to any assistance, Thank you everyone! Kelley
germ Posted July 21, 2008 Posted July 21, 2008 The SSL side doesn't seem to be making a cookie with the session ID in it. Try these for your cookie settings in your /includes/configure.php file: define('HTTP_COOKIE_DOMAIN', '.storeitwell.com'); define('HTTPS_COOKIE_DOMAIN', '.enterprise.acenet-inc.net'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
bigdeals Posted July 21, 2008 Author Posted July 21, 2008 You're the best!!!! Thank you so much for taking the time to look into it. That is exactly what the problem was!
satish Posted July 23, 2008 Posted July 23, 2008 Can You explain How will a cookie created for one url http url be used as a cookie of another URL. I am missing something or is there some additional fix that needs to be applied so that oscid is passed to SSL pages. Your explanation will be highly appreciated. Satish Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site. Check My About US For who am I and what My company does.
germ Posted July 23, 2008 Posted July 23, 2008 You end up with two cookies with the same seesion ID in it. One for the HTTP side/URL, and another for the HTTPS side/URL. Don't ask me HOW it works, but this isn't the first time I've suggested cookie settings like this for shared SSL and it worked. :blush: If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
dmh357 Posted July 25, 2008 Posted July 25, 2008 I am having the same issue and it seems to have started a few days ago. Nothing has changed on the server that should affect this. It is happening to all instances of OSC on the server. From the comment above can i expect to see two cookies on the client? I am only seeing one.
germ Posted July 25, 2008 Posted July 25, 2008 Well, I'm not absolutely certain it is actually 2 cookies. :blush: I use the Webdeveloper plugin in Firefox to view the cookie info. When on an HTTP page the cookie has an HTTP URL and when on an HTTPS page it has an HTTPS URL, so I've always assumed they were unique entities. I've never actually when to the temporary Internet files folder to see if there really are two cookies. If you are having problems post (or PM me) your cookie domain and path settings and I'll take a peek. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
germ Posted July 25, 2008 Posted July 25, 2008 I just saw you posted these in another thread: define('HTTP_COOKIE_DOMAIN', '.site.com'); define('HTTPS_COOKIE_DOMAIN', '.site.net/~user/'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); Try this for the HTTPS_COOKIE_DOMAIN define('HTTPS_COOKIE_DOMAIN', '.site.net'); If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
dmh357 Posted July 25, 2008 Posted July 25, 2008 I looked at the cookie info and it seems that it is not generating a cookie when going to SSL, if i go to the non SSL I do see the cookie info. I did PM you as well.
dmh357 Posted July 25, 2008 Posted July 25, 2008 I have read all the posts associated to this problem and i am still stumped. It seems the cookies are being created. Everything looks good and i am still seeing the same problem. 1. I am using shared SSL 2. Config settings define('HTTP_SERVER', 'http://site.com'); define('HTTPS_SERVER', 'https://site1.net/~hydroha'); define('HTTP_COOKIE_DOMAIN', '.site.com'); define('HTTPS_COOKIE_DOMAIN', '.site1.net'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); define('STORE_SESSIONS', 'mysql'); 3 Cookie information (http). http://site.com/catalog/index.php/c...ac54e7e3a8c8027 1 cookie Name osCsid Value c11ca2ac2b11864c1ac54e7e3a8c8027 Host .site.com Path / Secure No Expires At End Of Session 4. Cookie information (https) https://site1.net/~hydroha/catalog/l...ac54e7e3a8c8027 1 cookie Name osCsid Value c11ca2ac2b11864c1ac54e7e3a8c8027 Host .site1.net Path / Secure No Expires At End Of Session Any help would be appreciated.
satish Posted July 26, 2008 Posted July 26, 2008 https://site1.net/~hydroha/catalog/l...ac54e7e3a8c8027 if URL is having oscid then it means that cookies are not getting created. Satish Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site. Check My About US For who am I and what My company does.
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.