Noodles Posted June 21, 2004 Posted June 21, 2004 Hi, I've done a bit of a search on the forums, but haven't come up with anything. Is it possible to get rid of the osCsid parameter in the URL whilest keeping the functionallity of the site? I tried to turn it off by setting $add_session_id to false by default in the tep_href_link function, but then I couldn't add anything to my cart Can anyone help? Thanks
AlanR Posted June 21, 2004 Posted June 21, 2004 It should go away by itself after a few clicks provided you've got your config file set up correctly. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)
Noodles Posted June 21, 2004 Author Posted June 21, 2004 and how would one go about setting up their config file properly? Is there a special variable I need to be setting? I'm just wanting to start using mod_rewrite for the urls instead of .php?productID=29&osCsid=2098123019823091823 e.g. product29.html
Noodles Posted June 22, 2004 Author Posted June 22, 2004 Nevermind, I got it, had to fix my cookie domain
billybrag Posted June 22, 2004 Posted June 22, 2004 what do you fix for this ? "because it'll hurt more"- the greatest film of all time?
211655 Posted June 22, 2004 Posted June 22, 2004 MIke: first of all you shouldnt use them at all. these are your session ids. what happens that when someone come sto the store, they get a sesison id oscid, etc.... if you want ur site to be search engine friendly take them out. why? because for example a google spider(googlebot - who crawls ur site to have u listed), when comes to the site and u have set up this way that everyone gets a sesison id, then this spider will get too. and when it will link ur site in google, it will get www.ursite.com?oscid=blablab..... now when some one clicks, they wont get anywhere as session expires.... do this> go to admin>configuration>session first thingis the directory.default is tmp. if not then remember the name... go to ur site via ftp or locally and make that tmp folder writeable, executable (set permission to 777) - then make all of the options set to false except prevent spider....(make that one true and recreate session....) hope it helps. 211655 SEO Optimization Export Orders into CSV file
billybrag Posted June 22, 2004 Posted June 22, 2004 i have tried all that you have suggested but am still seeind the oscid blahblah crap :( edit - this is what i have the settings as "because it'll hurt more"- the greatest film of all time?
derryadrian Posted June 22, 2004 Posted June 22, 2004 can't we just add tep_hide_session() function? :huh: [.:2s1000s12:.] "Did I had the dream, or did the dream had me?"
billybrag Posted June 22, 2004 Posted June 22, 2004 how though? where? can you divulge? "because it'll hurt more"- the greatest film of all time?
derryadrian Posted June 22, 2004 Posted June 22, 2004 This is a sample: echo '<a href=' . tep_href_link(FILENAME_ADVANCED_SEARCH_RESULT,'keywords=' . $CriteriaWith . '&search_in_description=1', 'NONSSL', true, false),'>' . $produck_info[1] . '</a>' . tep_hide_session_id(); I use that in my own code, and so far work fine. I try that based on this following code from advanced_search.php <td width="100%" valign="top"><?php echo tep_draw_form('advanced_search', tep_href_link(FILENAME_ADVANCED_SEARCH_RESULT, '', 'NONSSL', False), 'get', 'onSubmit="return check_form(this);"') . tep_hide_session_id(); ?><table border="0" width="100%" cellspacing="0" cellpadding="0"> Is this meet what you need? This function just hide the session but not really get rid the session. What will happened if we lost the session, a broken cart for sure... :huh: [.:2s1000s12:.] "Did I had the dream, or did the dream had me?"
billybrag Posted June 24, 2004 Posted June 24, 2004 so are you saying that i have to change it in loads of files? "because it'll hurt more"- the greatest film of all time?
RObW Posted June 24, 2004 Posted June 24, 2004 Hi billybrag, The osCsid only appears if a cookie cannot be set - so check your cookie paths in the /includes/configure.php file carefully - if these are not correct then you will not set cookiw and osC will pass the session ID in the URL instead. If you want to ensure that cookies are ALWAYS used (i.e. force users to turn on cookie support to use your store) then you can set the Force Cookie use setting to true. If you are using a shared secure server then you will not escape the passing of the osCsid in the URL when moving from SSL to NON-SSL and vice versa - this is becuase the cookie domains are different and cannot be read one from another. The lines you want to check in /includes/configure.php are: define('HTTP_COOKIE_DOMAIN', 'yourhost.com'); define('HTTPS_COOKIE_DOMAIN', 'yourhost.com'); define('HTTP_COOKIE_PATH', '/catalog/'); define('HTTPS_COOKIE_PATH', '/catalog/'); See also the Install Guide Hope this helps. Cheers Rob
billybrag Posted June 24, 2004 Posted June 24, 2004 this is what mine are set at, is this correct? define('HTTP_COOKIE_DOMAIN', 'www.sharpsbooks.co.uk'); define('HTTPS_COOKIE_DOMAIN', ''); define('HTTP_COOKIE_PATH', 'www.sharpsbooks.co.uk'); define('HTTPS_COOKIE_PATH', ''); "because it'll hurt more"- the greatest film of all time?
GraphicsGuy Posted June 24, 2004 Posted June 24, 2004 I found this of interest in the Knowledge Base: Disabling Sessions Sessions should be disabled for search engine spiders to prevent session ID's from being indexed which could cause a potential security and privacy issue when multiple customers share the same session ID that the search engine spider has indexed. Sessions for search engine spiders can be disabled at the following section on the osCommerce Administration Tool: osCommerce 2.2 Milestone 2 Administration Tool -> Configuration -> Sessions -> Prevent Spider Session osCommerce 2.2 Milestone 3 Administration Tool -> Configuration -> Services -> Sessions -> Block Search Engine Spiders If the above configuration parameters are set to True, search engine spiders existing in osCommerce/includes/spiders.txt will not be given a session ID. The following contribution can be used for osCommerce 2.2 Milestone 1 and earlier versions which provides similar functionality: SID Killer Rule #1: Without exception, backup your database and files before making any changes to your files or database. Rule #2: Make sure there are no exceptions to Rule #1.
billybrag Posted June 24, 2004 Posted June 24, 2004 cheers mike, i have this setting already set up though# any other ideas? "because it'll hurt more"- the greatest film of all time?
GraphicsGuy Posted June 24, 2004 Posted June 24, 2004 Beyond that I'm not sure. But I wonder if anyone can confirm if that is effectively working on the bots. Since it is only supposed ot block sessions for spiders, there is no way to be sure until it has been set long enough for some of the major ones to crawl it and index it in their search engine. If it is working, you might still see session ids, but known spiders wouldn't start a session hence eliminating the main problem with session ids in urls. Rule #1: Without exception, backup your database and files before making any changes to your files or database. Rule #2: Make sure there are no exceptions to Rule #1.
RObW Posted June 24, 2004 Posted June 24, 2004 Mike, No, it should look like this in your case: ?define('HTTP_COOKIE_DOMAIN', 'www.sharpsbooks.co.uk');?define('HTTPS_COOKIE_DOMAIN', ''); ?define('HTTP_COOKIE_PATH', '/'); ?define('HTTPS_COOKIE_PATH', ''); You do not have a secure server defined, so presume you have also set: define('ENABLE_SSL', false); Cheers Rob
Altec Posted June 24, 2004 Posted June 24, 2004 http://www.summitmedia.co.uk/Marketing/index.htm change your settings then go here and whack your domain name on it will give you a report on your site as if a search engine spider would see it Its a spider simulator Its not a computer its a life management system!
GraphicsGuy Posted June 24, 2004 Posted June 24, 2004 http://www.summitmedia.co.uk/Marketing/index.htm change your settings then go here and whack your domain name on it will give you a report on your site as if a search engine spider would see it Its a spider simulator Thanks for that link. It was very enlightening. I ran their report, then checked my logs to get the name of their spider. I added it to spiders.txt and ran the report again. The spider still opened a session and the session id showed in the results. <scratching head> Yikes! </scratching head> Rule #1: Without exception, backup your database and files before making any changes to your files or database. Rule #2: Make sure there are no exceptions to Rule #1.
Altec Posted June 24, 2004 Posted June 24, 2004 I am also using SEO sitemap contribution, makes the bots only see html pages, but when clicked on the return back to your php pages from the search engine, this is an excellent mod for search engines, mysite was getting a score of less than 50% on most pages now all pages have 92-94% looking foward to googles next trip around my site, with over a hundred products that will be over a hundred instant links :D Its not a computer its a life management system!
billybrag Posted June 24, 2004 Posted June 24, 2004 i have the same problem, with that simulator, it stilled showed the oscid's "because it'll hurt more"- the greatest film of all time?
RObW Posted June 24, 2004 Posted June 24, 2004 i have the same problem, with that simulator, it stilled showed the oscid's You have to fix your configure.php first...
billybrag Posted June 24, 2004 Posted June 24, 2004 ;) forgot about that oops "because it'll hurt more"- the greatest film of all time?
billybrag Posted June 24, 2004 Posted June 24, 2004 awesome. thats all. cheers rob "because it'll hurt more"- the greatest film of all time?
GraphicsGuy Posted June 24, 2004 Posted June 24, 2004 Well, my cookie configuration is exactly right, and I have the admin setting to block sessions for known spiders and I added the summit spider to the list. Yet still their spider opens sessions and records the id. Rule #1: Without exception, backup your database and files before making any changes to your files or database. Rule #2: Make sure there are no exceptions to Rule #1.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.