Guest Posted June 4, 2003 Posted June 4, 2003 Hello All, I have been live for 3 months and I watched several people get to the checkout (who's online) and when the session id gets pulled up the who's online adds another session to the log. It appears that the same person has 2 sessions going. 1 has the product and the other is the customer after the login process. So what seems to happen is they proced to checkout and the cart says "shopping cart is empty", but when they click on the cart the session returns to the NON-id one and the items appears to be in the cart. When you check the latest visitors in cPanel you can see the progress as they shopped and how the ip address changes (dynamic). The worst part is I CAN'T recreate the problem to fix it. I have static ip's so mine never changes. Any suggestions? I wonder if it's the search engine code that we used ????? Thanks
Daemonj Posted June 4, 2003 Posted June 4, 2003 Do not use search engine safe URL's would be my initial guess. The other is to use cookies, as some dial-up accounts will change a person's IP address for every request they make which kills a session. "Great spirits have always found violent opposition from mediocre minds. The latter cannot understand it when a man does not thoughtlessly submit to hereditary prejudices but honestly and courageously uses his intelligence." - A. Einstein
Guest Posted June 4, 2003 Posted June 4, 2003 Does osComerce have the use cookie function? As much as I looked I have never seen it use them? If so, what do I have to do to enable them? Thanks
Daemonj Posted June 4, 2003 Posted June 4, 2003 Does osComerce have the use cookie function? As much as I looked I have never seen it use them? If so, what do I have to do to enable them? Thanks What version of osC do you have? In some of the recent CVS's and I believe in MS1, in Admin ~ Configuration ~ Sessions there is a Force Cookie Use option that can be set to true. "Great spirits have always found violent opposition from mediocre minds. The latter cannot understand it when a man does not thoughtlessly submit to hereditary prejudices but honestly and courageously uses his intelligence." - A. Einstein
hankfrid Posted June 4, 2003 Posted June 4, 2003 Hey Daemonj; Is the only downside to forcing usage of cookies is that if the customer has their browser set to not accept cookies, then they can't use the site??? Thanks, HankFrid If I build it...they will come. If I don't try to build it.....I will never know!
Daemonj Posted June 4, 2003 Posted June 4, 2003 Hey Daemonj; Is the only downside to forcing usage of cookies is that if the customer has their browser set to not accept cookies, then they can't use the site??? Thanks, HankFrid As far as I know that is correct. For security reasons, it is much better to use cookies and inform your customer's of their need than not use them. As I mentioned above, a lot of ISP's give the user a new IP for every request they make. AOL definitely does (they started the practice) and that is a lot of users. The cookie only stores the user's session id, that way even if their IP is changed by their ISP the user will not lose their session. Without a cookie, the session will get lost because the IP the session is for is no longer there. You will get email's from your customers saying that when they login or try to checkout they are returned to the main page. Let me know if any of the above is unclear or if you would like any additional information. "Great spirits have always found violent opposition from mediocre minds. The latter cannot understand it when a man does not thoughtlessly submit to hereditary prejudices but honestly and courageously uses his intelligence." - A. Einstein
hankfrid Posted June 4, 2003 Posted June 4, 2003 Daemonj; Thanks for the reply. I'll be turning my cookies on tonight, as I know many people visiting my site are on AOL. Thanks again. HankFrid If I build it...they will come. If I don't try to build it.....I will never know!
Daemonj Posted June 4, 2003 Posted June 4, 2003 It is usually a good idea to add a blurb to your Privacy Policy about cookies, what they do, how they are used, and why. "Great spirits have always found violent opposition from mediocre minds. The latter cannot understand it when a man does not thoughtlessly submit to hereditary prejudices but honestly and courageously uses his intelligence." - A. Einstein
Guest Posted June 4, 2003 Posted June 4, 2003 My question still remains, how do you turn them on if the option in not in the admin ~ configuration ~ section? Any ideas?? Will I have to loo in the code? Thanks All
hankfrid Posted June 4, 2003 Posted June 4, 2003 I found the option right where Daemonj said it was and I set it to true. Daemonj; It seems when I turned the "force cookies" on, it's keeping two records for me being on. One as Guest and one as my logon ID. Then I deleted all my cookies and turned off my computer and rebooted. Went back into Admin and Whos Online still showed the two records. I ended up going to phpMyAdmin and deleting the records manually. Any ideas? Snapshot 20030514 Thanks, HankFrid If I build it...they will come. If I don't try to build it.....I will never know!
Daemonj Posted June 4, 2003 Posted June 4, 2003 The who's online, just like a session, cannot detect when a visitor has left the site. Therefore, it is based on a timeout period (usually 20 minutes). As such, when viewing who's online, it may show data for a user up to 20 minutes after the user has actually left your site. That is just the way it works, since the web was designed to be stateless and a browser does not send an indication to a site that it is leaving. I hope that the above makes sense. "Great spirits have always found violent opposition from mediocre minds. The latter cannot understand it when a man does not thoughtlessly submit to hereditary prejudices but honestly and courageously uses his intelligence." - A. Einstein
hankfrid Posted June 5, 2003 Posted June 5, 2003 Daemonj; Thank you again. That explained it to me perfectly! It all makes sense now..........well........this part anyway. Thanks again. HankFrid If I build it...they will come. If I don't try to build it.....I will never know!
Guest Posted June 12, 2003 Posted June 12, 2003 It appears unless you have a snapshot after MS1 the option is not in the conf section. i will wait until MS2 and udate again. Thanks
judgej Posted June 12, 2003 Posted June 12, 2003 My question still remains, how do you turn them on if the option in not in the admin ~ configuration ~ section? Unfortunately the feature is not in MS1. I went through the same process, and ended up merging in code from the latest snapshot. It involved about six files, and data in several tables, so was not easy. If that sounds too daunting and you have the opportunity to go straight for the latest snapshot, you will find the cookies/sessions handling is a lot more versatile and secure. -- JJ
Guest Posted June 13, 2003 Posted June 13, 2003 Thanks J, I was going to wait until MS2 is released and then go through the task of up-grading again. I think i have completed at least 4 of these to date. I checked the workboard and it seems that only 1 task remains for MS2 completion. Anyone have tenative release date? Thanks
Recommended Posts
Archived
This topic is now archived and is closed to further replies.