KennethS Posted June 22, 2004 Posted June 22, 2004 Hello, Ive came across a problem mentioned a few times on the board but not really stomped out yet. Since this is probably a configuration problem I just assumed to put it here. As a Visitor a person can add items to their cart. At the login screen they still have these contents. After logging in the cart contents completely dissapear. I have a cheap free SSL Cert installed, it's only about 93% compatable with most browsers but my main buyers are not going to be computer savy, and Im betting 99.9% of them will be using IE which supports the Cert. If anyone needs any information or code I will be more than happy to post it. Thanks, KennethS Kenneth S -------------- Customer "Are you a real programmer?" Me "No, but I did stay at a Holiday Inn Express last night"
KennethS Posted June 22, 2004 Author Posted June 22, 2004 Here is my configure.php just in case that helps. <?php /* osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2003 osCommerce Released under the GNU General Public License */ // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://domain.com'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://domain.com'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'domain.com'); define('HTTPS_COOKIE_DOMAIN', 'domain.com'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); define('DIR_WS_HTTP_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', '/'); if(defined('ADMIN')){ define('DIR_WS_IMAGES', '../../images/'); define('DIR_WS_INCLUDES', '../../includes/'); }else if(defined('IN_PHPBB')){ define('DIR_WS_IMAGES', '../images/'); define('DIR_WS_INCLUDES', '../includes/'); }else{ define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_INCLUDES', 'includes/'); } define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/'); define('DIR_FS_CATALOG', '/home/adirectory/domain.com/html/'); define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/'); // define our database connection define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers define('DB_SERVER_USERNAME', '*******'); define('DB_SERVER_PASSWORD', '*******'); define('DB_DATABASE', '*******'); define('USE_PCONNECT', 'false'); // use persistent connections? define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql' ?> Kenneth S -------------- Customer "Are you a real programmer?" Me "No, but I did stay at a Holiday Inn Express last night"
mattice Posted June 22, 2004 Posted June 22, 2004 Have you tried switching ENABLE_SSL to false and see if the problem exists there too? And try adding a . (dot) in front of the cookie domain settings. HTH Mattice "Politics is the art of preventing people from taking part in affairs which properly concern them"
KennethS Posted June 22, 2004 Author Posted June 22, 2004 Hello, I just tried adding the (dot) in front of the cookie http and https domain and I dont see that it did anything really, and it didnt fix the site. When I did view the cookie through my browser it showed up as / ./ though which was different than the other cookies obtained from various places (google, admin on other sites, this board). I then disabled SSL and cart contents were still removed if signing up for a new account, or logging into an old one. If anymore info is needed feel free to ask, Im really stumped on this one and Ive seen other posts from people with the same problem it seems. Thanks, KennethS Kenneth S -------------- Customer "Are you a real programmer?" Me "No, but I did stay at a Holiday Inn Express last night"
KennethS Posted June 24, 2004 Author Posted June 24, 2004 Just to keep this topic open for people searching the forums for a resolution Ill continue adding what Ive done to try to repair it. Ive now used a fresh login.php file hopeing that would fix it. It did not however. Still struggling with this one. Kenneth S -------------- Customer "Are you a real programmer?" Me "No, but I did stay at a Holiday Inn Express last night"
Guest Posted June 25, 2004 Posted June 25, 2004 i seem to have the a similiar problem... http://acostamotorsports.com/catalog/index.php i loss the cart....or it doesnt even sign in when checking out. how big of a problem is this? im acually doing this for a client and i have only a couple of days left.. i was wondering if i need to start working on building a new site... thanks in advance,,
KennethS Posted June 25, 2004 Author Posted June 25, 2004 The problem is not a dire one, but just think of it this way. Someone comes to the site, browses, adds a few things to the cart, then decides "Wow i think Ill buy this stuff" *Click* *Click* Registers. *Boom* Cart contents are gone, they get pissed and leave. You just lost a sale. Rinse and Repeat this 100 times a month and you just lost yourself a lot of money. As an update in trying to fix this problem, Ive dumped all of the session information in the sql database and it did not fix the problem either. I have however changed to file based sessions (On a VPS so it should be safe) and the cart contents work perfectly. Any other takes on the possible security problems that may arise or fixes would be helpful. Thanks, KennethS ZDP Media Group, Inc. Kenneth S -------------- Customer "Are you a real programmer?" Me "No, but I did stay at a Holiday Inn Express last night"
Guest Posted June 25, 2004 Posted June 25, 2004 i changed it to file based sessions and it seems to work now... thanks.. im scared to play with it but now i need to make sure the ssl is working.. for some reason i havent really got how to set it up.. any advice thanks!!
KennethS Posted June 25, 2004 Author Posted June 25, 2004 The oscommerce part of setting up SSL are in: /catalog/includes/configure.php /admin/includes/configure.php anywhere it mentions HTTPS or SSL. Kenneth S -------------- Customer "Are you a real programmer?" Me "No, but I did stay at a Holiday Inn Express last night"
Guest Posted June 25, 2004 Posted June 25, 2004 well i tried to change it but it still doesnt work i might be doing something wrong.. check it out.. <?php /* osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright © 2003 osCommerce Released under the GNU General Public License */ // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://acostamotorsports.com'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://acostamotorsports.com'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', '/acostamotorsports.com'); define('HTTPS_COOKIE_DOMAIN', '/catalog/'); define('HTTP_COOKIE_PATH', '/catalog/'); define('HTTPS_COOKIE_PATH', '/catalog/'); define('DIR_WS_HTTP_CATALOG', '/catalog/'); define('DIR_WS_HTTPS_CATALOG', '/catalog/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); //Added for BTS1.0 define('DIR_WS_TEMPLATES', 'templates/'); define('DIR_WS_CONTENT', DIR_WS_TEMPLATES . 'content/'); define('DIR_WS_JAVASCRIPT', DIR_WS_INCLUDES . 'javascript/'); //End BTS1.0 define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/'); define('DIR_FS_CATALOG', 'D:/hshome/acostara/acostamotorsports.com/catalog/'); define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');
Geotex Posted June 25, 2004 Posted June 25, 2004 define('HTTP_SERVER', 'http://acostamotorsports.com'); // eg, http://localhost - should not be empty for productive serversdefine('HTTPS_SERVER', 'https://acostamotorsports.com'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', '/acostamotorsports.com'); define('HTTPS_COOKIE_DOMAIN', '/catalog/'); Should be define('HTTP_COOKIE_DOMAIN', 'acostamotorsports.com'); define('HTTPS_COOKIE_DOMAIN', 'acostamotorsports.com'); HTH GEOTEX from Houston, TX (George)
Recommended Posts
Archived
This topic is now archived and is closed to further replies.