Every Click Starts a New Session

[darp]

When I have cookies disabled in the browser every link invokes a new session. In the URL the first product I click will show http://localhost/catalog/product_info.php?products_id=224&osCsid=3dv8et48ola7b2bi9faqdq3af31lm67f and the next http://localhost/catalog/product_info.php?products_id=49&osCsid=ijvvegf42ouro3gefedhp49qrjqt8rd3

 

To work properly they should be the same osCsid. Right?

 

I can't log in or keep anything in the shopping cart etc.

 

Everything seems to work well if I have cookies enabled.

 

I have looked around and can't find anybody that has had a similar problem. I have no idea where to look in the code. Is it a configure.php problem?

[Guest]

Dan,

 

OSC requires browser cookies to be enabled in order to function. You can not retain and OSCID if the cookies are off.

 

 

Chris

[darp]

Thanks for the reply.

 

I thought there were a few options.

 

So I guess it makes sense to set force cookies to true.

[♥kymation]

Sorry Chris, but that's wrong. I have several sites that retain SID with no cookies. There would be no point to the SID if this didn't work.

 

Check your settings in your configure.php files. Is the session stored in the database? What are your settings in Admin > Configuration >Sessions?

 

Regards

Jim

[darp]

Here are my session settings.

 

Session Directory /tmp

Force Cookie Use False

Check SSL Session ID False

Check User Agent False

Check IP Address False

Prevent Spider Sessions False

Recreate Session False

 

I guess I could use force cookies, but if things are supposed to work without cookies and they don't, that could mean that there is something fundamentally wrong.

[darp]

As to your other question, yes the sessions are stored in the db.

 

That is this setting here -> define('STORE_SESSIONS', 'mysql'); in configure.php. Right?

[♥kymation]

Session Directory tmp

Force Cookie Use False

Check SSL Session ID False

Check User Agent False

Check IP Address False

Prevent Spider Sessions True

Recreate Session True

 

Create a directory in your store's root named tmp and give it write permissions.

 

Regards

Jim

[darp]

I just checked in phpMyAdmin and every click is registered as a new session in the db.

 

I have done a few mods on the site like dynamenus etc and just to make sure that I had not messed anything up with a typo I downloaded and fresh copy of OSC, moved the configure files into the includes and I got the same problem.

 

Could this be a server or php issue?

[♥kymation]

It could be related to server settings. Did you make all of the changes? is there anything in the tmp directory?

 

Regards

Jim

[darp]

sorry we are posting over top of each other.

 

Yes I put a tmp directory in /catalog and in /htdocs with wide open permissions; In Admin > Configuration >Sessions I tried both /tmp and tmp. I still get the same results. Each directory is empty, but all these new sessions keep piling up in the sessions table of the db.

[Guest]

My apologies Dan, I just read some more on this topic and found that Jim is correct. Sorry about that.

 

 

 

Chris

[♥kymation]

Do any of those mods you have done modify the URL (URL rewriter/"SEO" URLs)?

 

Regards

Jim

[darp]

I just downloaded a fresh copy of OSC and placed it into the root directory. The only thing that I copied into it was the configure.php files so there were no mods or typos, but I got the same results -> works with cookies/ nothing works with cookies disabled.

[♥kymation]

Very odd -- usually the tmp directory setting fixes the problem. Look at the URLs on a page -- do they have the same SID as the address bar?

 

Regards

Jim

[darp]

Very odd -- usually the tmp directory setting fixes the problem. Look at the URLs on a page -- do they have the same SID as the address bar?

 

Regards

Jim

 

Not exactly sure what you mean, but when I click on an item I get something like http://localhost/catalog/product_info.php?products_id=224&osCsid=kf04ke177k36suhm4mp4331eff769a46 in the address bar, but if I hover my cursor over any item on that page it displays (down in the lower left corner using Firefox ) a very different osCsid. If I right click on the item to see its properties ( again using FF ) the osCsid is not the same as the one in the address bar. It is the same as the one that shows in the lower left corner of the browser.

 

If I click on that item that osCsid shows up in the address bar, and it is replaced on all the links by yet another one... and so it goes.

 

Each click on a link is registered as a new session in the db.

[♥kymation]

Still very odd. Sometimes localhost is a problem, so try changing that to 127.0.0.1 in your configure.php. Also, if you have

define('DIR_FS_CATALOG', dirname($HTTP_SERVER_VARS['SCRIPT_FILENAME']) . '/');

Try changing that to the actual path to your root.

 

Regards

Jim

[darp]

Thanks for all your help Jim, but still no joy.

 

I think this has got to be an Apache or PHP thing. I just again replaced my slightly modded catalog with a fresh, virgin download and tried all of your suggestions on it. I got the exact same negative results, which tells me;

 

1) The problem is in the configuration files, as those are the only files that the two catalogs had in common ( besides images, and I don't think the problem can reside with them ), or

 

2) it is Apache or PHP settings. I am running PHP5 and Apache 2.

 

Are there any special settings that might be relevant? Are there any special modules that need to be installed?

[♥kymation]

osCommerce should work out of the box, provided that all of the configuration settings are correct. I've gone through everything that I know, but there could be some other change that I'm just unfamiliar with. It could also be a setting in PHP or Apache as you mentioned. Sorry I can't be more help.

 

Regards

Jim

[darp]

Here is a copy of my configuration file. Does anyone see a problem?

 

define('HTTP_SERVER', 'http://127.0.0.1');

define('HTTPS_SERVER', 'https://127.0.0.1');

define('ENABLE_SSL', false);

define('HTTP_COOKIE_DOMAIN', '');

define('HTTPS_COOKIE_DOMAIN', 'http://127.0.0.1');

define('HTTP_COOKIE_PATH', '/catalog/');

define('HTTPS_COOKIE_PATH', '/catalog/');

define('DIR_WS_HTTP_CATALOG', '/catalog/');

define('DIR_WS_HTTPS_CATALOG', '/catalog/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', dirname($HTTP_SERVER_VARS['SCRIPT_FILENAME']) . '/');

//define('DIR_FS_CATALOG', '/htdocs/catalog/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

define('DB_SERVER', '127.0.0.1');

define('DB_SERVER_USERNAME', 'xxxx');

define('DB_SERVER_PASSWORD', 'xxxx');

define('DB_DATABASE', 'xxxx');

define('USE_PCONNECT', 'false');

define('STORE_SESSIONS', 'mysql');

[Collines]

define('HTTP_SERVER', 'http://127.0.0.1');

define('HTTPS_SERVER', 'http://127.0.0.1');

define('ENABLE_SSL', false);

define('HTTP_COOKIE_DOMAIN', '');

define('HTTPS_COOKIE_DOMAIN', '');

define('HTTP_COOKIE_PATH', '/catalog/');

define('HTTPS_COOKIE_PATH', '/catalog/');

define('DIR_WS_HTTP_CATALOG', '/catalog/');

define('DIR_WS_HTTPS_CATALOG', '/catalog/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', dirname($HTTP_SERVER_VARS['SCRIPT_FILENAME']) . '/');

//define('DIR_FS_CATALOG', '/htdocs/catalog/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

[darp]

Just for the record I did get the OSC to store the sessions in the tmp directory. When I was experimenting with the tmp directories and permissions previously I had failed to change define('STORE_SESSIONS', 'mysql') to define('STORE_SESSIONS', ' '). D'oh! I should of thought of that.

 

However, I have the same problem. When cookies are disabled, the tmp directory fills up with session files with every click just as the mysql session table did.

[gbetous]

Just for the record I did get the OSC to store the sessions in the tmp directory. When I was experimenting with the tmp directories and permissions previously I had failed to change define('STORE_SESSIONS', 'mysql') to define('STORE_SESSIONS', ' '). D'oh! I should of thought of that.

 

However, I have the same problem. When cookies are disabled, the tmp directory fills up with session files with every click just as the mysql session table did.

 

Hi !

 

I have exactly the same problem : every click starts a new session. It happens both in catalog (I can't put anything in my shopping cart), and in admin (I can't log in, each log redirects me in logging page).

 

I have tried mysql session storage and /tmp session storage, and nothing helps : my database or my /tmp fills with session.

 

Even if I don't see any links, I have to say that I copied the entire site from another server (the goal is to switch the server), and dumped the database. As I can navigate in the site, and as I can see all the products, I think the copy itself were good.

 

Everything works fine in the other server, so that's not a browser problem.

 

Maybe a PHP installation problem ?

Here is the session part of phpinfo() output :

 

Session Support enabled

Registered save handlers files user memcache sqlite

Registered serializer handlers php php_binary wddx

 

Directive Local Value Master Value

session.auto_start Off Off

session.bug_compat_42 Off Off

session.bug_compat_warn Off Off

session.cache_expire 180 180

session.cache_limiter nocache nocache

session.cookie_domain no value no value

session.cookie_httponly Off Off

session.cookie_lifetime 0 0

session.cookie_path / /

session.cookie_secure Off Off

session.entropy_file no value no value

session.entropy_length 0 0

session.gc_divisor 1000 1000

session.gc_maxlifetime 1440 1440

session.gc_probability 1 1

session.hash_bits_per_character 5 5

session.hash_function 0 0

session.name PHPSESSID PHPSESSID

session.referer_check no value no value

session.save_handler files files

session.save_path /var/lib/php5 /var/lib/php5

session.serialize_handler php php

session.use_cookies On On

session.use_only_cookies On On

session.use_trans_sid 0 0

 

 

If you have any suggestions...

 

Thank you very much,

 

Regards

[gbetous]

Juste to precise, cookies are enabled in all my tests (I didn't see the subtitle of this thread, so this might not be exactly the same problem).

[gbetous]

Ok, I corrected it... but I don't have the exact answer.

 

I installed a new version (from scratch), and eveything worked fine in this new install. I just took the 2 configure.php files in the new install, and put them in my original (and not working) install. I just modified some path to reflect the path differences... and everything works fine !

 

As far as I can see, the differences between the two versions of configure.php are about site path and application path.

 

In the non working version I have HTTP_SERVER like "http://www.domain.com/user/www/" and DIR_WS_HTTP_CATALOG is "catalog/"

In the working version I have HTTP_SERVER like "http://www.domain.com/" and DIR_WS_HTTP_CATALOG is "user/www/catalog/"

 

That's something about that...

 

Anyway, it works now !