Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

connected without login


Zill

Recommended Posts

I don't know what to do anymore!!

 

We've running a single osc 2.2 shop for a university with 50'000 students. The server is a RedHat 7.2, PHP 4.1.2, dual pentium with 1gb memory and raid 5 controller.

 

The following problems are happen:

- Some users see other registered users without any login !!

- registered users are overwriten from new users !!

- some orders have the wrong delivery addres from other users!

- other user can see my basket

 

I have played with store_sessions '' and 'mysql' without any success.

Or USE_PCONNECT true and false as well.

 

In the application_top.php:

session.use_trans_sid', 0)

define('PHP_SESSION_NAME', 'sID');

define('PHP_SESSION_SAVE_PATH', '/tmp');

 

php.ini like:

 

session.use_cookies = 0

session.save_path = /tmp

session.cookie_lifetime = 0

session.gc_maxlifetime = 300 (unfortunately the users are still logged in longer then 5 min.)!!

session.cache_expire = 60

 

Another problem is if a user close the browser without check the log off button you can still see the user connected in the admin environment for 3h.

 

Server Info:

Linux 2.4.18-10smp

load average: 0.08, 0.03, 0.01

MySQL 3.23.49

Apache/1.3.23

OSC snapshot 20020820

 

I worked hard to get OSC into this project.. any helps are more than welcome.

 

thx

Zill

Link to comment
Share on other sites

Is cache enabled?

 

If yes, the early implementations of the cache feature also stored a session ID making it available to everyone that views the page with the cached block.

 

This ofcourse was fixed shortly afterwards - since you failed to state what 2.2-CVS version you are using, I cannot say for sure if this is the problem or not.

:heart:, osCommerce

Link to comment
Share on other sites

Hi Harald

 

Thx for your answer.

 

I've turned the cache off at the beginning in the configuration area. But the problem was still not fixed.

 

I've turned the cache off in the web admin configuration area. Are there some other places to take care about it?

 

If I don't have any other alternative then I will have a nice weekend to set up the store in the latest osc version.

 

It's a shame because everything was working well.

Link to comment
Share on other sites

session.use_cookies = 0

session.save_path = /tmp

session.cookie_lifetime = 0

session.gc_maxlifetime = 300 (unfortunately the users are still logged in longer then 5 min.)!!

session.cache_expire = 60

 

It looks like you scrambled your php.ini settings :huh:

 

session.gc_maxlifetime does not mean the life time of the session.

 

Compare your settings with the default php.ini settings - you should not need to change the default values.

:heart:, osCommerce

Link to comment
Share on other sites

Wrong Alert !

 

Sorry, found out two wrong links in our startpage. The link had some cookies in the URL where was made from our page designer to make some redirection to the categories.

 

The result was that the "old" cookies in the URL made that mess.

 

Afterwards we didn't had any problems anymore.

 

cheers

Zill

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...