Oxfordeye Posted November 5, 2003 Posted November 5, 2003 Can somebody please tell me if there is a simple fix for this problem! Patrick
Oxfordeye Posted November 5, 2003 Author Posted November 5, 2003 Found this: http://www.oscommerce.com/forums/index.php?showtopic=41451&hl :( Dosn't look good! How about if I ad AOL to my SID Killer agents. This will mean no SID's will be generated and I suppose cookies are automaticly on? Would this work? Don't code so any help :D
Oxfordeye Posted November 5, 2003 Author Posted November 5, 2003 OK I?ve added AOL to my SID killer agents (lower case, aol) so if somebody wants to see if they can create an account at: www.uk-gift-shop.co.uk it would be a great help as I?m sure we all want an answer to the ?AOL? problem. Patrick
Oxfordeye Posted November 5, 2003 Author Posted November 5, 2003 Anybody! Remember if your using AOL please try to set up an account as many of us are losing trade because of this problem. :(
Guest Posted November 5, 2003 Posted November 5, 2003 I run a php forum (phpBB2). The solution that I used was to tell members not to use AOL's browser. They have been able to login by using Internet Explorer or Netscape.
Oxfordeye Posted November 6, 2003 Author Posted November 6, 2003 I changed this in phpBB (remember I don't code this is a hack from the phpBB Forum) ================================== Appox line 294 (this was at about 250 on my version) // Do not check IP assuming equivalence, if IPv4 we'll check only first 24 // bits ... I've been told (by vHiker) this should alleviate problems with // load balanced et al proxies while retaining some reliance on IP security. // $ip_check_s = substr($userdata['session_ip'], 0, 6); $ip_check_u = substr($user_ip, 0, 6); ================================== Change to.... // Do not check IP assuming equivalence, if IPv4 we'll check only first 24 // bits ... I've been told (by vHiker) this should alleviate problems with // load balanced et al proxies while retaining some reliance on IP security. // $ip_check_s = substr($userdata['session_ip'], 0, 4); $ip_check_u = substr($user_ip, 0, 4); ================================== Would something like this work with osCommerce? Patrick
breadboy Posted November 6, 2003 Posted November 6, 2003 Hey I am having this problem too at: http://www.basketsbymyra.com/index.php. I first noticed the problem when logging in on a dialup laptop through the aol browser. internet explorer worked fine on the same browser -- yikes. any ideas? thanks
Oxfordeye Posted November 7, 2003 Author Posted November 7, 2003 I think many of us have been waiting for an answer to this for a too long! Is there a fix or not? If the phpBB team can figure something out the? I know the above fix is only a temporary one and that the newer version of phpBB has got around this problem. The real worry from the point of osCommerce is that more randomly allocated IP addresses seem to be the way things are going so this problem could get worse! Please keep this thread going by commenting and we may at least get a partial answer. But a fix is what we?re all looking for here. Hey Christmas is coming so this is very important. :(
Guest Posted November 7, 2003 Posted November 7, 2003 Before you can get a fix, you need to define the problem more narrowly. Why can't AOL access the site? Is it all AOL users? Is it all osCommerce stores? Did you set your Session settings as Melinda recommended in the link you posted? Did you kill the SIDs for AOL users? Or an AOL search engine? If the latter, fine. However, if you are killing the SID for AOL users, then they aren't going to be able to use a shopping cart or other session functions (like login). FORCE_COOKIE_USE will kill SIDs and turn on cookies; SID killers do *not* turn on cookies; they just remove SIDs. Hth, Matt
Oxfordeye Posted November 7, 2003 Author Posted November 7, 2003 I think it?s just the way that the AOL browser generates random IP addresses from click to click that?s the problem!
Guest Posted November 8, 2003 Posted November 8, 2003 I think it?s just the way that the AOL browser generates random IP addresses from click to click that?s the problem!Unless you are using an older version, osCommerce doesn't check IP address unless you tell it to do so (under admin > Configure > Sessions > Check IP Address). You may want to look elsewhere. Hth, Matt
ashlyn Posted November 8, 2003 Posted November 8, 2003 I've just turned off the IP log and block robots option in admin/customers. Hoping that does the trick. Can anyone let me know if you have had luck with that?? Thanks ------------------------------------------------------- I used to be insane, but now I'm just nuts ;)
Oxfordeye Posted November 8, 2003 Author Posted November 8, 2003 I'm running 2.2 MS1 and can't find any of the above. Help!! :blink:
maxrisc Posted January 4, 2004 Posted January 4, 2004 Just got a basic resolution for this problem... In Sessions under the Admin Control Panel turn off "Check IP Address" AOL uses round robin procedures on proxy servers so your replies will not necessarily come from the same server every transmission. If you want to be able to track IP usage then simply set up something like AWSTATS as it is much better for tracking statistics. AWSTATS Homepage We were losing as much as 85% of our sales due to this bug in AOL proxies. HTH, Dave
spectr17 Posted January 4, 2004 Posted January 4, 2004 Same problem here. Gonna try the fix posted by maxrisc and see. Our new settings are: Session Directory - /tmp Force Cookie Use - True Check SSL Session ID - True Check User Agent - False Check IP Address - False Prevent Spider Sessions - True Recreate Session - True ~spectr17
Goanna Posted January 4, 2004 Posted January 4, 2004 I tried logging into both my stores using AOL and I had no problems. I am running OSC 2.2 MS2 .
fiat707 Posted January 6, 2004 Posted January 6, 2004 Billy, What are your session settings (in Admin)? Thanks KF
Guest Posted January 10, 2004 Posted January 10, 2004 I tried logging into both my stores using AOL and I had no problems. I am running OSC 2.2 MS2 . May you please tell us the settings you are using? Just used the AOL browser and it doesnt keep you logged in no matter what settings i use. Im losing at least 75% of customers due to this AOL thing.
Guest Posted June 28, 2005 Posted June 28, 2005 I'm running 2.2 MS1 too. I do not have the following option Force Cookie Use - True Check SSL Session ID - True Check User Agent - False Check IP Address - False Prevent Spider Sessions - True Recreate Session - True What should I do?
Recommended Posts
Archived
This topic is now archived and is closed to further replies.