hyp0r Posted January 19, 2004 Share Posted January 19, 2004 I'm wondering if there is an easy workaround for this problem. My site has more than just the store, everything that's not the store isn't running inside of the oscommerce interface. When I go to another part of my site, and then click on a link back to the store, the session is lost, my cart is empty, and I have to log in again. How do I fix this? Link to comment Share on other sites More sharing options...
♥MYC267 Posted January 19, 2004 Share Posted January 19, 2004 It's because you need to ensure the users session ID is being passed around in the URL when navigating around the site. Dan Link to comment Share on other sites More sharing options...
hyp0r Posted January 19, 2004 Author Share Posted January 19, 2004 It is not possible to store that information in a cookie or something? Is there a contrib that will do this for me? I want people to be able to leave the site and come back and still have the site know who they are. Link to comment Share on other sites More sharing options...
mattice Posted January 19, 2004 Share Posted January 19, 2004 The session times out after a while. If people registered on your osC site the software WILL remember them. "Politics is the art of preventing people from taking part in affairs which properly concern them" Link to comment Share on other sites More sharing options...
Guest Posted January 19, 2004 Share Posted January 19, 2004 admin > Configuration > Sessions > Force Cookie Use: set to true. Note: session will still time out (after 20 minutes?), but you will be able to go to an outside link and come back within that period. Hth, Matt Link to comment Share on other sites More sharing options...
hyp0r Posted January 19, 2004 Author Share Posted January 19, 2004 I'm getting this error: We have detected that your browser does not support cookies, or has set cookies to be disabled. To continue shopping online, we encourage you to enable cookies on your browser. But I have cookies on, in IE my level is set to medium, no custom settings. Link to comment Share on other sites More sharing options...
sneakyimp Posted January 19, 2004 Share Posted January 19, 2004 I too am very curious about this...i am using a Macromedia Flash application that allows users to customize greeting cards with their own custom text and I am being forced to pass the session id to my flash applications and EXPLICITLY add the session id to every link. fyi, hyp0r, osCommerce stores the session ID for your session in a variable $osCsid. If you'd like to make sure your variables are available when you move to the other parts of your site, you are going to have to pass this information along to the other parts of your application and then add the osCsid arg to every link that returns to your catalog/store. In my case, i pass the osCsid to my flash application (i will spare everyone the mechanical details) and any links back into the store i add an argument to the end of the URL like this: mypage.php?osCsid=<put the session id here> this seems to work for me, HOWEVER, the session ID is there in plain sight...i understand that this is a bit of a security risk as users my EMAIL this url to a friend or it might stick around in the browser's history, etc. does anyone know a way to enable URL rewriting? my PHP install sets the default session id name to PHPSESSID or something similar. I have been trying to get my head around how PHP behaves when rewriting URLS and i'm having trouble figuring it out because it seems to be a bit erratic. I also understand that using URL rewriting is not such a good idea on a high performance site as it will cause a performance hit if you're rewriting every relative link in your site. any brilliant sagely types out there want to clue us in? FlashMOG - make multiplayer games in Flash/PHP! Link to comment Share on other sites More sharing options...
hyp0r Posted January 19, 2004 Author Share Posted January 19, 2004 The session times out after a while.If people registered on your osC site the software WILL remember them. The session doesn't time out after a while, it times out instantly, as soon as the osCid is not part of the URL, why is the osCid not being stored in a cookie. I tried the force cookie setting, but it claimed that I didn't have cookies turned on, even though I do. Maybe somewhere along the line I messed something up and it's not setting the cookie properly. Link to comment Share on other sites More sharing options...
Guest Posted January 19, 2004 Share Posted January 19, 2004 The session times out after a while.If people registered on your osC site the software WILL remember them. The session doesn't time out after a while, it times out instantly, as soon as the osCid is not part of the URL, why is the osCid not being stored in a cookie. I tried the force cookie setting, but it claimed that I didn't have cookies turned on, even though I do. Maybe somewhere along the line I messed something up and it's not setting the cookie properly. Perhaps your cookie settings in your configuration file are incorrect and the cookie is not being set - post that part of your file. Matti Link to comment Share on other sites More sharing options...
hyp0r Posted January 20, 2004 Author Share Posted January 20, 2004 these settings? ? define('HTTP_COOKIE_DOMAIN', 'http://www.mydomain.com');? define('HTTPS_COOKIE_DOMAIN', 'https://www.mydomain.com'); ? define('HTTP_COOKIE_PATH', '/store/'); ? define('HTTPS_COOKIE_PATH', '/store/'); Link to comment Share on other sites More sharing options...
hyp0r Posted January 20, 2004 Author Share Posted January 20, 2004 thanks! After I posted that I tried taking off the "http://" part, didn't work, then I tried taking off the "www." part, and it's working. Thanks for setting me in motion. Link to comment Share on other sites More sharing options...
hyp0r Posted January 20, 2004 Author Share Posted January 20, 2004 uh oh, I think the cookie is not getting set properly, now I can't login to the site, it just keeps throwing me back to the login page when I try. Link to comment Share on other sites More sharing options...
hyp0r Posted January 20, 2004 Author Share Posted January 20, 2004 Ok, ignore the previous post, when I shut down my browser and cleared out my cookies it started working.... I think. Link to comment Share on other sites More sharing options...
Priest Posted March 25, 2004 Share Posted March 25, 2004 Anyone figure this out yet? I am having the same exact problem, and this just started when I added SSL to my site. I have Force Cookies = FALSE And all works fine until users navigate to a "non-catalog" page, such as my mailing list page, and then as soon as they come back it looses the osCsid and they have to re-login, etc. When I tried Force Cookies = TRUE then it stops sending osCsid's in the URLs and I also get the "Cookies not enabled" page when I try to log in. This is driving me crazy!! -priest- Link to comment Share on other sites More sharing options...
sneakyimp Posted March 25, 2004 Share Posted March 25, 2004 i'm not at all sure, but when you say your 'mailing list page', i'm guessing you mean a page that you have developed on your own, entirely independent of oscommerce, no? if so, you may want to consider a couple of things again, i don't know if this will work. option 1) if your file is PHP, add an include to the oscommerce file 'application_top.php' (in the includes folder i believe). this file initiates session stuff for OSC. just including it may not be enough...there may be other stuff you have to do. option 2) make all links to your mailing list page include something like this: // tep_session_id() is a function that returns your session id <A HREF="my_mailinglist_page.php?osCsid=<? echo tep_session_id() ?>">Here's my mailing list</a> and then make SURE that your mailing list retrieves that argument from the GET variables and any links back to OSCOMMERCE also include that argument appended to the end of your URL...this tells OSCOMMERCE which session you're dealing with. 3) if you are using HTML, think about relegating your mailing list to a popup window so that your main browser window keeps the session alive. i hope this helps. oscommerce is very complex....more like oscomplex...harhar FlashMOG - make multiplayer games in Flash/PHP! Link to comment Share on other sites More sharing options...
Priest Posted March 25, 2004 Share Posted March 25, 2004 Yes, my mailing list page (and I have others) is just a plain html page that I have created and then added a link to it in a box on osCommerce catalog page. The thing is, when I disable SSL, I have no problem going from OSC catalog to regular html pages and back and still remaining signed in, keeping products in shopping cart, etc. But, I am switching to authorize.net and so I setup my SSL and when I enable it for OSC... that's when it starts creating osCsid's and then resets then anytime I go to a static html page, signs the user out, empty's the shopping cart, etc. It is just such a hassle because I have my mailing list page, affiliate info page - and these are static html pages. Then I have a 3rd party helpdesk so (when SSL enabled) anytime someone comes/goes from these pages, it resets everything! Aw... things were so much simpler without SSL. Maybe I should just stick with 2CheckOut! :( -priest- Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.