Guest Posted December 21, 2003 Share Posted December 21, 2003 Hi there. I would like to prevent the osCsid variable being passed, via the url, on to links of my page when a new session is created. I've searched the forum and the contribution database and found nothing, is there any contribution that can help me? The problem is my site isn't just the catalog its also a community, so when the oscSid is passedd via the url on a link pointing to a different part of the site, it kind of messes things up a little :( Thanks in advance! aL Link to comment Share on other sites More sharing options...
Guest Posted December 22, 2003 Share Posted December 22, 2003 Sorry to bump this topic up but I don't want to see it dissapear into the house of the unanswered :( Surely someone must know about the session ids??? :huh: Link to comment Share on other sites More sharing options...
horizon70s Posted December 22, 2003 Share Posted December 22, 2003 What version are you running? Link to comment Share on other sites More sharing options...
Guest Posted December 22, 2003 Share Posted December 22, 2003 and no bumping, not nice to do. Link to comment Share on other sites More sharing options...
Guest Posted December 22, 2003 Share Posted December 22, 2003 What version are you running? I'm running version 2.2 milestone 2 :) thanks for the reply :D and no bumping, not nice to do. I know I'm very sorry its just that it seems that any topic I post it just dissapears and never gets answered :( I know its selfish but it's the only way... withint a matter of days an unanswered post can fade away into page 4/5 and never be viewed :unsure: Sorry... Link to comment Share on other sites More sharing options...
Guest Posted December 23, 2003 Share Posted December 23, 2003 Are you using the BTS mod? I noticed today that this causes the session ID to show, whereas if it isnt installed it remains hidden! Link to comment Share on other sites More sharing options...
Guest Posted January 5, 2004 Share Posted January 5, 2004 Hi there, sorry I haven't replied I've been away on holiday :D (Had a great time!!) I'm not using the BTS mod, or atleast I don't think I am seen as I am not sure what it is.. ? This is a real problem for me as I have outisde links integrated with my store and this session id being sent with them messes them up, and also looks nasty in the browser window.... Thanks for the replies! aL Link to comment Share on other sites More sharing options...
christlabs Posted January 5, 2004 Share Posted January 5, 2004 If you are having problems with cookies not setting, check in the catalog/includes/configure.php file, I had to play with mine for awhile to get it to set the cookies instead of defaulting to the oscsid. I still do have a small issue with the oscsid's instead of using a cookie during checkout as I am using a different domain for the secure server. I see you don't have the BTS module, but even if you did have it the cookies will work once the settings are right in the configure.php file. If you need any help let me know, also check out one of my sites and click around, it should be using the cookie in most cases. http://www.SeniorsLivingHealthy.com Chris Chris Guth Seniors Living Healthy Retail/Wholesale Link to comment Share on other sites More sharing options...
Guest Posted January 5, 2004 Share Posted January 5, 2004 Sorry to bump this topic up but I don't want to see it dissapear into the house of the unanswered :( Surely someone must know about the session ids??? :huh: Not to worry. Not too big of a deal. Just don;t mention bumping when you bump and it is technically not a bump :D I also think that editing you post will also bump you post back up as well. You see, there are ways to bump without actually bumping :D B) Link to comment Share on other sites More sharing options...
Druide Posted January 5, 2004 Share Posted January 5, 2004 the most important one is to NOT to make hardcoded links like: <?php echo '<a href="index.php">'; ?> but use <?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">'; ?> I have the 'not logged' in area working fine again, but when a customer has logged in then the osCid is showing up again :( I did too many changes to find out where this osCid is being added to the URL. So anyone who can give me some information how to find out where the session id is being added to the url will be the KING of 2004 :) I am serious here, i have started at index.php to check all related files that are loaded at that time and i still have no clue were the session id is added. It looks almost like a ghost that leaves his name when he is logged in....LOL All information will be appreciated about this Robert We all need to learn it once, how hard it may seem when you look at it, also you will master it someday ;) Link to comment Share on other sites More sharing options...
fiat707 Posted January 6, 2004 Share Posted January 6, 2004 I had some experience with this one. In order to make SID disappear, you have to set "Forced Cookie use" True. But, if you have shared SSL domain, the "Forced Cookie use" won't work and if set True, it may cause other SSL-related problems. So, for shared SSL domain, the "FCU" has to be set to "false" and then the SID will show up in URL! Now to resolve spider's bombard issue because of the SID in URL, a SID killer contribution can be installed. However, some where in the support forum a post indicates that the "auto-logoff" or "empty cart" issue can be resolved by uninstalling the SID killer! .... How this circulating chain of important issues (login, SSL, SID, cart, etc) is entangling together? Is there someone with a super cool, clear head would kindly sum up a final solution for us? Thanks KF Link to comment Share on other sites More sharing options...
Druide Posted January 6, 2004 Share Posted January 6, 2004 In order to make SID disappear, you have to set "Forced Cookie use" True This is not TRUE, and also NOT a user friendly solution. It's possible that it works for you but it's not the best solution for your online store. I've tried this immediatly after i woke up about having the session id in the url and there was no change. I'll keep hunting next weeks, security is something that i dont take for even... Thanks anyway, i', sure it will work for 'some' people with small shops Robert We all need to learn it once, how hard it may seem when you look at it, also you will master it someday ;) Link to comment Share on other sites More sharing options...
Guest Posted January 6, 2004 Share Posted January 6, 2004 Sorry to bump this topic up but I don't want to see it dissapear into the house of the unanswered :( Surely someone must know about the session ids??? :huh: Not to worry. Not too big of a deal. Just don;t mention bumping when you bump and it is technically not a bump :D I also think that editing you post will also bump you post back up as well. You see, there are ways to bump without actually bumping :D B) Is that so? Matti osCommerce Team Member Link to comment Share on other sites More sharing options...
fiat707 Posted January 7, 2004 Share Posted January 7, 2004 Druide, Thanks for your response. I wonder if you read my statement following the quote you made: "But, if you have shared SSL domain, the "Forced Cookie use" won't work and if set True, it may cause other SSL-related problems." That means even you set FCU to True with a shared SSL domain, the whole thing is not going to work and SID will still show up because the shared SSL domain! Does your store reside with a shared SSL domain? If yes, your FCU should be set to False for the sake of other SSL-related issues. Can anyone further clarify this big damx issue? Thanks KF Link to comment Share on other sites More sharing options...
Guest Posted January 7, 2004 Share Posted January 7, 2004 If you need any help let me know, also check out one of my sites and click around, it should be using the cookie in most cases. http://www.SeniorsLivingHealthy.com Chris I looked at your site (very nice :D) BUT every link had the slhsid=<lots of random numbers here> attatched to it :( It isn't a major problem for me this one, I can bypass the external link problem I'm having, it's just a tad annoying having such ugly and long URL's, and i'd imagine it wouldn't be too healthy if someone linked to the site with one attatched to it, say in another sites 'links' page :S I too had a look around the files and couldn't find where it is being created. :unsure: Thanks for the tip about direct URL's and using the tep_make_link feature, something I've been doing a lot of and isn't very wise... Anyway thanks for the replies, it seems this one is a toughy <_< Link to comment Share on other sites More sharing options...
christlabs Posted January 7, 2004 Share Posted January 7, 2004 If you have cookies enabled on your browser it works fine, I have noticed sometimes the first page before clicking a link will have the sid, after that all the pages wont have it. Chris Guth Seniors Living Healthy Retail/Wholesale Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.