Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

cookie won't set


Guest

Recommended Posts

Hi,

 

I am using tep_snapshot-20030513 and can't get cookies working on the remote server. They work fine on my local machine and previous snapshots work well on the remote server.

 

If I try and force cookie use, I am directed to the page to turn cookies on in the browser but of course they are on.

 

Is there a problem with that specific snapshot that anyone is aware of?

 

thanks,

jeff

Link to comment
Share on other sites

Hi,

 

Yes that did provide a temporary fix for me...but of course there's something wrong somewhere.

 

I am using a domain.com.au domain to run the catalog on and I am finding that the $current_domain variable is returning as "com.au" It's ignoring the first component. I wonder if this problem occurs when the domain is in only 2 segments??

 

cheers,

jeff

Link to comment
Share on other sites

OK, first the variable $current_domain is being set by the function tep_get_top_level_domain which is defined in general.php in the function folder. This is why you only see the top level domain name of com.au. The function sees the rest as a subdomain

 

According to php.net

 

To make the cookie available on all subdomains of example.com then you'd set it to '.example.com'. The . is not required but makes it compatible with more browsers. Setting it to www.example.com will make the cookie only available in the www subdomain. Refer to tail matching in the spec for details.

 

As the code is currently written, the cookie is not including the . Therefore it is not available for your subdomain. If you change the following in application_top.php

 

if (SESSION_FORCE_COOKIE_USE == 'True') {

   tep_setcookie('cookie_test', 'please_accept_for_session', time()+60*60*24*30, '/', $current_domain);

to

if (SESSION_FORCE_COOKIE_USE == 'True') {

   tep_setcookie('cookie_test', 'please_accept_for_session', time()+60*60*24*30, '/', '.'.$current_domain);

 

This will add the . and cookie will be available for subdomain and also will be be compatiable with more browsers.

 

Please note that there may be some issues with adding this dot See the following.

http://www.oscommerce.com/forums/viewtopic.php...posal&start=160

Link to comment
Share on other sites

Hi Bob,

 

Thanks for that reply.

 

In my situation (and others who have international domain names), using that workaround would cause $current_domain to be '.com.au' then wouldn't it?

 

cheers,

jeff

Link to comment
Share on other sites

Yes that would be correct. And the cookie would be available to all (what I would call) subdomains of com.au according to php.net. I do not know of all the security and functionality problems this might have on your site.

 

In my case, no one else can implement a subdomain. In your case, it looks like it could be a potential problem. That is why I think hard coding your url still might be the best solution until the developers think of a way to address the issue.

Link to comment
Share on other sites

Replace the tep_get_top_level_domain function in catalog/includes/functions/general.php with the following code and your problem will be resolved.

 

  function tep_get_top_level_domain($url) {

   if (strpos($url, '://')) {

     $url = parse_url($url);

     $url = $url['host'];

   }



   $domain_array = explode('.', $url);

   $domain_size = sizeof($domain_array);



   if ($domain_size > 1) {

     $domain = '';

     for ($i = 1; $i <= $domain_size; $i++) {

       $domain .= '.' . $domain_array[$i];

     }

     if (is_numeric($domain)) {

       return false;

     } else {

       return $domain;

     }

   } else {

     return false;

   }

 }

The current code does not account for the extra country codes which is what is causing the problem.

"Great spirits have always found violent opposition from mediocre minds. The latter cannot understand it when a man does not thoughtlessly submit to hereditary prejudices but honestly and courageously uses his intelligence." - A. Einstein

Link to comment
Share on other sites

Thanks Daemonj,

 

That looks like the code that will do it. Shouldn't that be part of the standard osCommerce installation?

 

cheers,

jeff

Link to comment
Share on other sites

That looks like the code that will do it. Shouldn't that be part of the standard osCommerce installation?

Probably. :)

 

As soon as I hear the results from sokkerbob that my changes work, I will provide them to the team for possible inclusion.

 

Many thanks also. I am going to test to see if it solves issues of having site on a subdomain. Right now I have to get some sleep

 

Thanks again

Please let me know how it works out.

 

If it helps any, edit your includes/application_top.php file and search for tep_get_top_level_domain. The first result should be:

  $http_domain = tep_get_top_level_domain(HTTP_SERVER);

after that add:

  echo "http_domain is: $http_domainn";

and it will appear at the top of the browser.

"Great spirits have always found violent opposition from mediocre minds. The latter cannot understand it when a man does not thoughtlessly submit to hereditary prejudices but honestly and courageously uses his intelligence." - A. Einstein

Link to comment
Share on other sites

Sorry for delay in reporting back.

 

First, I installed per direction but displayed URL at top of page was

.mydomain.com

 

I thought it should be

 

subdomain.mydomain.com

 

Second, I had some issues with being able to login, but I suspect it had something to do with my SSL stuff and other mods I have added. I have a big list of "honey dos" I need to get done so can't do much for a few days

 

I plan on doing clean install of cart when next release comes out on another subdomain and I will test this before I muck it up to much.

 

Again thanks

Link to comment
Share on other sites

No, the subdomain should not appear.

 

That is the purpose of the function is to remove the subdomain and get the top domain.

 

So if your site is secure.domain.co.uk, then the top level domain should be domain.co.uk.

"Great spirits have always found violent opposition from mediocre minds. The latter cannot understand it when a man does not thoughtlessly submit to hereditary prejudices but honestly and courageously uses his intelligence." - A. Einstein

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...