Jump to content



Photo
* * * * * 2 votes

1062 Duplicate Entry Error Fix


This topic has been archived. This means that you cannot reply to this topic.
50 replies to this topic

#1   jpweber

jpweber

    Occupy HLN

  • Members
  • 1,262 posts

Posted 15 July 2006 - 19:24

Hi all. I've researched this to the hilt, and I want to post a fix to the error I've been getting all along, which I've finally put an end to. It's the ol' 1062 Duplicate Entry error, and I have a fix for all. Everybody seems to get these, eventually, but very few people post about 'em in here.

The Problem -- Duplicate Entry 1062 Errors:
I kept having a duplicate error report for sessions. It is a problem with sessions. I was having this error everytime I selected create_account, or wishlist_help.

The Fix:
1) Go to your phpmyadmin, and select the sessions table

2) Select sesskey

3) Click edit

4) It's probably set at the OSC default, which is varchar(32). This is a mistake! Change the type to INT, the length/values should stay at 32.

5) Scroll all the way across to where you see extras and select AUTOINCREMENT from the drop down box.

6) Hit save button

All 1062 Duplicate Enty errors will not be resolved. You won't get 'em again!


If I am correct, OsCommerce creates sessions id for every visit to your website, in case a visitor has cookies disabled. Somehow during configuration, the sessions table probably wasn't configured to autoincrement. This was a simple fix that you wouldn't even need to change any of the values for your test runs. Just fix the sesskey and you're good to go!

J
Jason

Simple 1-2-3 Intructions on how to get, install and configure SSL

The Google Sandbox explained

Simple to follow instructions on how to change the look of your OSC

How To Make A Horrible OSC Website

my toolbox: All things WordPress-related - All things Adobe-related - PHP Designer 2007 - Codecanyon Junkie - Crimson Editor - Winmerge - phpMyAdmin - WS_FTP

my installed contributions:  Category Banners, File Upload feature-.77, Header Tags, Sort_Product_Attributes_1, XSellv2.3, Price Break 1.11.2, wishlist 3.5, rollover_category_images_v1.2, Short_Description_v2.1, UPSXML_v1_2_3, quickbooks qbi_v2_10, allprods v4.4, Mouseover-effect for image-buttons 1.0, Ultimate_SEO, AAP 1.41, Auto Select State Value, Fast Easy Checkout,  Dynamic SiteMap v2.0, Image Magic, Links Manager 1.14, Featured Products, Customer Testimonials, Article Manager, FAQ System, and I'm sure more ...

#2   enigma1

enigma1
  • Members
  • 8,206 posts

Posted 16 July 2006 - 00:54

the session key is alphanumeric and it should be generated by not following a specific pattern. By changing it to an integer with the autoincrement attribute you allow others to predict easily sessions of customers and even manufacture session cookies. Not a good thing.

#3   sharplab

sharplab
  • Members
  • 182 posts

Posted 21 July 2006 - 15:52

the session key is alphanumeric and it should be generated by not following a specific pattern. By changing it to an integer with the autoincrement attribute you allow others to predict easily sessions of customers and even manufacture session cookies. Not a good thing.


Had SIMILIAR PROBLEM!

Thanka!

#4   jpweber

jpweber

    Occupy HLN

  • Members
  • 1,262 posts

Posted 21 July 2006 - 15:58

Okay, I hear what you're trying to say .... but then why did all my problems go away when I switched the sesskey to INT? I researched it, and many people felt the same way. All I know is that all my problems ... duplicate entry 1062 errors, etc., all disappeared.

J
Jason

Simple 1-2-3 Intructions on how to get, install and configure SSL

The Google Sandbox explained

Simple to follow instructions on how to change the look of your OSC

How To Make A Horrible OSC Website

my toolbox: All things WordPress-related - All things Adobe-related - PHP Designer 2007 - Codecanyon Junkie - Crimson Editor - Winmerge - phpMyAdmin - WS_FTP

my installed contributions:  Category Banners, File Upload feature-.77, Header Tags, Sort_Product_Attributes_1, XSellv2.3, Price Break 1.11.2, wishlist 3.5, rollover_category_images_v1.2, Short_Description_v2.1, UPSXML_v1_2_3, quickbooks qbi_v2_10, allprods v4.4, Mouseover-effect for image-buttons 1.0, Ultimate_SEO, AAP 1.41, Auto Select State Value, Fast Easy Checkout,  Dynamic SiteMap v2.0, Image Magic, Links Manager 1.14, Featured Products, Customer Testimonials, Article Manager, FAQ System, and I'm sure more ...

#5   enigma1

enigma1
  • Members
  • 8,206 posts

Posted 21 July 2006 - 17:23

Okay, I hear what you're trying to say .... but then why did all my problems go away when I switched the sesskey to INT? I researched it, and many people felt the same way. All I know is that all my problems ... duplicate entry 1062 errors, etc., all disappeared.

J

maybe you should check your sessions table with phpmyadmin to see what's going on.

And one other thing. Even if you add an extra auto-increment column to get around it (and that will work) you basically try to hide a problem instead of troubleshooting it. The tep_session_start should generate a unique session via the core php functions. Theoretically and with the default oscommerce there is no issue. So something is going on with your store that causes it.

#6   jpweber

jpweber

    Occupy HLN

  • Members
  • 1,262 posts

Posted 21 July 2006 - 17:33

Okay, thanks .. I'll look into it and see what I can figure out,

J
Jason

Simple 1-2-3 Intructions on how to get, install and configure SSL

The Google Sandbox explained

Simple to follow instructions on how to change the look of your OSC

How To Make A Horrible OSC Website

my toolbox: All things WordPress-related - All things Adobe-related - PHP Designer 2007 - Codecanyon Junkie - Crimson Editor - Winmerge - phpMyAdmin - WS_FTP

my installed contributions:  Category Banners, File Upload feature-.77, Header Tags, Sort_Product_Attributes_1, XSellv2.3, Price Break 1.11.2, wishlist 3.5, rollover_category_images_v1.2, Short_Description_v2.1, UPSXML_v1_2_3, quickbooks qbi_v2_10, allprods v4.4, Mouseover-effect for image-buttons 1.0, Ultimate_SEO, AAP 1.41, Auto Select State Value, Fast Easy Checkout,  Dynamic SiteMap v2.0, Image Magic, Links Manager 1.14, Featured Products, Customer Testimonials, Article Manager, FAQ System, and I'm sure more ...

#7   jackrabbit

jackrabbit
  • Members
  • 181 posts

Posted 02 August 2006 - 19:47

Okay, thanks .. I'll look into it and see what I can figure out,

J


Did you find out anything? I am having a similar issue and it's a little frustrating as I'm sure you know.

;-j

#8   jpweber

jpweber

    Occupy HLN

  • Members
  • 1,262 posts

Posted 02 August 2006 - 19:53

Did you find out anything? I am having a similar issue and it's a little frustrating as I'm sure you know.

;-j



You can truncate table sessions when there are no customers online, but really ... the more I've researched, the more I've come up with the fact that you should just go into your phpmyadmin, and change the value of your sesskey in the sessions table to INT, not VarChar. You can always change it back. Just try it; I bet your problems go away.

Go into phpmyadmin and edit the sesskey. Set it to int(32) and set it to auto-increment. Problems solved, and no more problems arise. Worked for me (and several others). Let me know,

J
Jason

Simple 1-2-3 Intructions on how to get, install and configure SSL

The Google Sandbox explained

Simple to follow instructions on how to change the look of your OSC

How To Make A Horrible OSC Website

my toolbox: All things WordPress-related - All things Adobe-related - PHP Designer 2007 - Codecanyon Junkie - Crimson Editor - Winmerge - phpMyAdmin - WS_FTP

my installed contributions:  Category Banners, File Upload feature-.77, Header Tags, Sort_Product_Attributes_1, XSellv2.3, Price Break 1.11.2, wishlist 3.5, rollover_category_images_v1.2, Short_Description_v2.1, UPSXML_v1_2_3, quickbooks qbi_v2_10, allprods v4.4, Mouseover-effect for image-buttons 1.0, Ultimate_SEO, AAP 1.41, Auto Select State Value, Fast Easy Checkout,  Dynamic SiteMap v2.0, Image Magic, Links Manager 1.14, Featured Products, Customer Testimonials, Article Manager, FAQ System, and I'm sure more ...

#9   jackrabbit

jackrabbit
  • Members
  • 181 posts

Posted 02 August 2006 - 23:30

You can truncate table sessions when there are no customers online, but really ... the more I've researched, the more I've come up with the fact that you should just go into your phpmyadmin, and change the value of your sesskey in the sessions table to INT, not VarChar. You can always change it back. Just try it; I bet your problems go away.

Go into phpmyadmin and edit the sesskey. Set it to int(32) and set it to auto-increment. Problems solved, and no more problems arise. Worked for me (and several others). Let me know,

J

Hey J,
I appreciate your working on a solution to this, but I have to say that Enigma's comment seems quite relevant. Don't you think that, regardless of the results of the fix you propose, you are opening up a potential security risk with it? I have to admit that I don't know enough to be able to say one way or another.

My site is working right now, so I don't feel like I have to put it at risk. My problem is just that when I set products to special I recieve the error once then it goes away until I set another product to special. I would like to know more about troubleshooting this error, but I'm afraid I dont' know where to start.

#10   jpweber

jpweber

    Occupy HLN

  • Members
  • 1,262 posts

Posted 03 August 2006 - 01:34

No, I don't see the security risk. I mean, there are imaginable scenarios in everything we do. I mean, there's a loophole in things where you can physically type in checkout_success.php into your browser and never even enter your credit card information, and your order goes through. I'm sure there are imaginable loopholes. But I'm leaving my sesskey as INT auto incremented becaused based on my research, it's the right thing to do. And it solved all my problems.

J
Jason

Simple 1-2-3 Intructions on how to get, install and configure SSL

The Google Sandbox explained

Simple to follow instructions on how to change the look of your OSC

How To Make A Horrible OSC Website

my toolbox: All things WordPress-related - All things Adobe-related - PHP Designer 2007 - Codecanyon Junkie - Crimson Editor - Winmerge - phpMyAdmin - WS_FTP

my installed contributions:  Category Banners, File Upload feature-.77, Header Tags, Sort_Product_Attributes_1, XSellv2.3, Price Break 1.11.2, wishlist 3.5, rollover_category_images_v1.2, Short_Description_v2.1, UPSXML_v1_2_3, quickbooks qbi_v2_10, allprods v4.4, Mouseover-effect for image-buttons 1.0, Ultimate_SEO, AAP 1.41, Auto Select State Value, Fast Easy Checkout,  Dynamic SiteMap v2.0, Image Magic, Links Manager 1.14, Featured Products, Customer Testimonials, Article Manager, FAQ System, and I'm sure more ...

#11   boxtel

boxtel
  • Members
  • 5,237 posts

Posted 03 August 2006 - 12:37

No, I don't see the security risk. I mean, there are imaginable scenarios in everything we do. I mean, there's a loophole in things where you can physically type in checkout_success.php into your browser and never even enter your credit card information, and your order goes through. I'm sure there are imaginable loopholes. But I'm leaving my sesskey as INT auto incremented becaused based on my research, it's the right thing to do. And it solved all my problems.

J


I totally agree with Mark on this.

First of all, I am not sure those sessions will still function but even if they do it is now so much easier to guess an active session id in use by somebody else.
If I go to your store with cookies disabled and get session id 2345 in my url's then chances are pretty high that if I alter that to 2344 I get the information from the previous customer.

With random session id's (alphanumeric or even plain numeric) that is not such a straightforward issue.

And Mark is correct, you are eliminating symptoms not the root cause. if you get duplicate entries then your table is either not cleared, you are generating session id's like wildfire and thus increasing the chances of session id collision or for some other reason you are trying to insert the same session id (instead of updating the existing one).
Treasurer MFC

#12   jpweber

jpweber

    Occupy HLN

  • Members
  • 1,262 posts

Posted 03 August 2006 - 14:23

Well, I have read SO many articles that say sessions should be INT and auto incremented .... data analysts, programmers, etc. ....

But there's no doubt, even before I added a contribution, I was getting 1062 duplicate error messages. And that's on a clean installation of OSC. I had to constantly truncate the sessions table. So *something* had to be fixed. Through my research, that was my fix. With my customer base, it's highly unlikely that an end-user is going to know how to alter his session -- and even if he does know (which he won't, because I don't even know how to do it), I'm still doubtful he'll get the information from a previous session. As for now, my OSC, 6 contributions later, is functioning well.

J
Jason

Simple 1-2-3 Intructions on how to get, install and configure SSL

The Google Sandbox explained

Simple to follow instructions on how to change the look of your OSC

How To Make A Horrible OSC Website

my toolbox: All things WordPress-related - All things Adobe-related - PHP Designer 2007 - Codecanyon Junkie - Crimson Editor - Winmerge - phpMyAdmin - WS_FTP

my installed contributions:  Category Banners, File Upload feature-.77, Header Tags, Sort_Product_Attributes_1, XSellv2.3, Price Break 1.11.2, wishlist 3.5, rollover_category_images_v1.2, Short_Description_v2.1, UPSXML_v1_2_3, quickbooks qbi_v2_10, allprods v4.4, Mouseover-effect for image-buttons 1.0, Ultimate_SEO, AAP 1.41, Auto Select State Value, Fast Easy Checkout,  Dynamic SiteMap v2.0, Image Magic, Links Manager 1.14, Featured Products, Customer Testimonials, Article Manager, FAQ System, and I'm sure more ...

#13   boxtel

boxtel
  • Members
  • 5,237 posts

Posted 03 August 2006 - 15:15

Well, I have read SO many articles that say sessions should be INT and auto incremented .... data analysts, programmers, etc. ....

But there's no doubt, even before I added a contribution, I was getting 1062 duplicate error messages. And that's on a clean installation of OSC. I had to constantly truncate the sessions table. So *something* had to be fixed. Through my research, that was my fix. With my customer base, it's highly unlikely that an end-user is going to know how to alter his session -- and even if he does know (which he won't, because I don't even know how to do it), I'm still doubtful he'll get the information from a previous session. As for now, my OSC, 6 contributions later, is functioning well.

J


well, sure, it can very well be that it is an error that comes with the default install.
But if you do it with INT and Autoincrement, at least make sure that the session id is NEVER shown in the url's by forcing cookies. That way they are ALWAYS stored in cookies and not readily visible.
Then again forcing cookies has its own pro's and con's.

Still, that is only a small improvement as people who want to look for other peoples data are bound to know how to read that cookie and still know what likely active id's are.

It is basically like giving all the people in your street a combination lock to their cars and make the combinations sequential. So you know, only if he wants to ofcourse, that your neighbour can have a joy-ride in yours any time.
Treasurer MFC

#14   enigma1

enigma1
  • Members
  • 8,206 posts

Posted 03 August 2006 - 18:23

what you have there is going to break sooner or later. You changed the session key to integer/auto-increment. Now as the auto-index increases so the chances of passing a key (from the actual session) to the _sess_write function with the first character as a digit (0-9) and that digit will be already in the database which will give you a duplicate entry for the auto-increment field.

#15   jpweber

jpweber

    Occupy HLN

  • Members
  • 1,262 posts

Posted 03 August 2006 - 18:49

So then what's the fix to the ol' duplicate entry error 1062 in the sessions table? Just keep truncating the table when no customers are online every day?

J
Jason

Simple 1-2-3 Intructions on how to get, install and configure SSL

The Google Sandbox explained

Simple to follow instructions on how to change the look of your OSC

How To Make A Horrible OSC Website

my toolbox: All things WordPress-related - All things Adobe-related - PHP Designer 2007 - Codecanyon Junkie - Crimson Editor - Winmerge - phpMyAdmin - WS_FTP

my installed contributions:  Category Banners, File Upload feature-.77, Header Tags, Sort_Product_Attributes_1, XSellv2.3, Price Break 1.11.2, wishlist 3.5, rollover_category_images_v1.2, Short_Description_v2.1, UPSXML_v1_2_3, quickbooks qbi_v2_10, allprods v4.4, Mouseover-effect for image-buttons 1.0, Ultimate_SEO, AAP 1.41, Auto Select State Value, Fast Easy Checkout,  Dynamic SiteMap v2.0, Image Magic, Links Manager 1.14, Featured Products, Customer Testimonials, Article Manager, FAQ System, and I'm sure more ...

#16   enigma1

enigma1
  • Members
  • 8,206 posts

Posted 03 August 2006 - 18:57

well this error should not happen in the first place. Check the sessions logic when a new session is to be inserted.

$check_query = tep_db_query("select count(*) as total from " . TABLE_SESSIONS . " where sesskey = '" . tep_db_input($key) . "'");
	  $check = tep_db_fetch_array($check_query);

	  if ($check['total'] > 0) {
		return tep_db_query("update " . TABLE_SESSIONS . " set expiry = '" . tep_db_input($expiry) . "', value = '" . tep_db_input($value) . "' where sesskey = '" . tep_db_input($key) . "'");
	  } else {
		return tep_db_query("insert into " . TABLE_SESSIONS . " values ('" . tep_db_input($key) . "', '" . tep_db_input($expiry) . "', '" . tep_db_input($value) . "')");
	  }

Notice the code performs a check query with the session key passed and inserts this as a new key only when the key is not found in the database.

Now it could be something else like a null key. Have you implement the latest osc upgrade?
http://www.oscommerc...tions/downloads

It has a specific check filtering the session id with the tep_session_start() function. Make sure you have those changes integrated with your store.

#17   ehong33234

ehong33234
  • Members
  • 77 posts

Posted 18 August 2006 - 17:29

well this error should not happen in the first place. Check the sessions logic when a new session is to be inserted.

$check_query = tep_db_query("select count(*) as total from " . TABLE_SESSIONS . " where sesskey = '" . tep_db_input($key) . "'");
	  $check = tep_db_fetch_array($check_query);

	  if ($check['total'] > 0) {
		return tep_db_query("update " . TABLE_SESSIONS . " set expiry = '" . tep_db_input($expiry) . "', value = '" . tep_db_input($value) . "' where sesskey = '" . tep_db_input($key) . "'");
	  } else {
		return tep_db_query("insert into " . TABLE_SESSIONS . " values ('" . tep_db_input($key) . "', '" . tep_db_input($expiry) . "', '" . tep_db_input($value) . "')");
	  }

Notice the code performs a check query with the session key passed and inserts this as a new key only when the key is not found in the database.

Now it could be something else like a null key. Have you implement the latest osc upgrade?
http://www.oscommerc...tions/downloads

It has a specific check filtering the session id with the tep_session_start() function. Make sure you have those changes integrated with your store.



I'm sorry I am new to all of this and am getting this error. What is the solution? Thanks in advance...

#18   xiaoge

xiaoge
  • Members
  • 2 posts

Posted 19 August 2006 - 09:50

I'm sorry I am new to all of this and am getting this error. What is the solution? Thanks in advance...


I have just met that problem.and now i've removed it.

according to enigma1, osc has made sure that the key item can't be insert twice. but for mysql,there is such a condition that if the string is too long ,it will be cut short to the certain length.

for example: 123456789 exists in the database, if you insert 123456789123,it won't find 123456789123 in the table,but when you insert 123456789123 into the table ,mysql cut it to 123456789 automatically,so,there shows an error.

so,to solve the problem .

first when you have klicked on one category. make sure that in the address there is like:".../index.php?cPath=44&osCsid=0983152dd2ebf0ad25171fbfbdef3c31", and there is nothing after this string. if there is ,the error occurs. and then you should exam you file "./includes/boxes/categories",make sure that the href link is right.

this is my first threat here. sorry for my pool english.

#19   Vger

Vger
  • Members
  • 16,978 posts

Posted 19 August 2006 - 12:47

Its' not just the sessions table that you'll get the 1062 error on. Just a few days ago I came across a site that was getting that on the orders table - load one order fine, next order comes up with the 1062 error.

Whilst everything looked fine on the surface, dropping and reinstalling all 'orders' tables fixed the problem. Basically it was the database tables that were the problem.

Vger

#20   enigma1

enigma1
  • Members
  • 8,206 posts

Posted 19 August 2006 - 14:32

I have just met that problem.and now i've removed it.

according to enigma1, osc has made sure that the key item can't be insert twice. but for mysql,there is such a condition that if the string is too long ,it will be cut short to the certain length.

for example: 123456789 exists in the database, if you insert 123456789123,it won't find 123456789123 in the table,but when you insert 123456789123 into the table ,mysql cut it to 123456789 automatically,so,there shows an error.

so,to solve the problem .

first when you have klicked on one category. make sure that in the address there is like:".../index.php?cPath=44&osCsid=0983152dd2ebf0ad25171fbfbdef3c31", and there is nothing after this string. if there is ,the error occurs. and then you should exam you file "./includes/boxes/categories",make sure that the href link is right.

this is my first threat here. sorry for my pool english.


This is actually valid. It can happen with the default functions. I have an extra filter to check the key length specifically for this reason. However the default osc sessions.php doesn't. So you do need to check the length in tep_session_start() where it flags the sane id. So the key should be 24<= key <= 32 digits. Or in the _sess_write() handler

Edited by enigma1, 19 August 2006 - 14:33.