Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Register Globals Easy - Issues


Recommended Posts

I have some issues since I also installed the Register Globals Easy to Oscommerce 2.2 -MS2 with 051112, 051113 and 060817 security updates/patches.

Environment - PHP Version 5.2.4 Mysql 5 Register Globals off by .htaccess

When I clear cache and go to the site I get the following error message - (This error goes away after the first click . We have force cookies set to true - if this is set to false the warning does not show.) :

 

Warning: extract() [function.extract]: First argument should be an array in /home/xxxxxx/public_html/includes/application_top.php on line 224

Code in application top file:

// Register Globals MOD - http://www.magic-seo-url.com

if (!ini_get("register_globals")) {

if (version_compare(phpversion(), "4.1.0", "<") === true) {

if (isset($HTTP_SESSION_VARS)) $_SESSION &= $HTTP_SESSION_VARS;

}

extract($_SESSION, EXTR_SKIP); //*****Line 224*****

}

 

We also lose the permanent cart - When we log off with some items in the cart and clear the cache and cookies and log back in again the cart is empty.

 

Does anyone have any ideas/suggestions.

 

As a side note,some of my contributions that didn't work with the other Register Globals patch do work with this one,so it would be good to get these issues ironed out.

Thanks,

Chris

Link to comment
Share on other sites

I have just had to install a Register Globals patch as my host just moved me over to a much faster server. Downside is that this more of a corporate server and is what I needed but register globals is turned off - bugger.

 

So this contribution looked just right for me. The only problem I appear to have is the oe listed below when you are editing a product. I get this message.

 

-------------------------------------------

Session not registered - You cant access this page directly

Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in Unknown on line 0

-------------------------------------------

 

As far as I understand the session.bug_compat_warn to off settings is for the php.ini file which I do not have access to.

 

Hope someone can help.

 

Thanks

Link to comment
Share on other sites

I also have this problem with this contribution installed:

We also lose the permanent cart - When we log off with some items in the cart and clear the cache and cookies and log back in again the cart is empty.

Does anyone have any ideas/suggestions.

Chris

 

This is not good.

My Environment - PHP Version 4.3 Mysql MySQL 4.1.21, Register Globals off in php.ini

 

"Does anyone have any ideas/suggestions." Is there an echo in here?

Link to comment
Share on other sites


Items are added to cart. The cart is actually saved however on returing to the store osCommerce does not "find" or recognize the old cart. It shows an empty cart after logging in.

 

Some debug information that hopefully will help solve this problem:

COOKIE INFO:

Array ( [cookie_test] => please_accept_for_session [Referrer] => [osCsid] => 54c014f6926b06b0d0b4d04c15e6a0bd )

 

This is with one item in the cart and logged in:

SESSION INFO:

Array ( [cart] => shoppingcart Object ( [contents] => Array ( [3469] => Array ( [qty] => 1 ) ) [total] => 0 [weight] => 0 [cartID] => 49983 [content_type] => ) [language] => english [languages_id] => 1 [currency] => USD [navigation] => navigationhistory Object ( [path] => Array ( [0] => Array (

Link to comment
Share on other sites

<snip>

Warning: extract() [function.extract]: First argument should be an array in /home/xxxxxx/public_html/includes/application_top.php on line 224

A quick fix for that -- replace line 224 with this:

if (is_array ($_SESSION) ) extract ($_SESSION, EXTR_SKIP);

 

A better fix would be to not force cookies. This always causes problems. If you do, the session information is always stored in a cookie. This means that destroying the cookie, either by manually deleting it or by having your browser set to delete all cookies, will also destroy the session. If the server no longer has any session information it has no way to find your cart.

 

And please read the forum rules. Bumping is not allowed. It will also make it much less likely for anyone to answer your question.

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

Link to comment
Share on other sites

Jim:

 

Thanks for trying!

 

I tried both your suggestion: "quick fix" and "not force cookies". In combination and separately. Unfortunately neither worked. Still unable to recall the cart once logged off. Anything else you can think of?

 

A quick fix for that -- replace line 224 with this:
if (is_array ($_SESSION) ) extract ($_SESSION, EXTR_SKIP);

A better fix would be to not force cookies.

Regards

Jim

Link to comment
Share on other sites

Jim:

 

Thanks for trying!

 

I tried both your suggestion: "quick fix" and "not force cookies". In combination and separately. Unfortunately neither worked. Still unable to recall the cart once logged off. Anything else you can think of?

The "quick fix" was just to get rid of that error message -- it does nothing for session problems. Do you have sessions stored in the database? The last define in catalog/includes/configure.php should look like this:

  define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

Link to comment
Share on other sites

Jim:

 

Thank you very much for your response.

 

Yes, I store sessions in the database. I thought that was the most efficient option. Both configure.php files have exactly that:

define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'

 

I thank you for any advice, tips or suggestions you may have.

 

Dennis

 

The "quick fix" was just to get rid of that error message -- it does nothing for session problems. Do you have sessions stored in the database? The last define in catalog/includes/configure.php should look like this:
  define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'

 

Regards

Jim

Link to comment
Share on other sites

That eliminates all of the easy fixes. It appears that the Register Globals Easy contribution is failing to set the session variables properly. Unfortunately I don't know of an easy fix for this. The right way to do it would be to define all of those pesky globals, i.e. add

		  $customer_default_address_id = $_SESSION['customer_default_address_id'];

to checkout_shipping.php. I only know about that one because it bit me recently; I have no way of finding all the rest. Not without countless hours of work, that is. Sorry I'm not being much help here.

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

Link to comment
Share on other sites

In admin configure there is session create configuration.

 

Like recreate on login.

Chel browser.

Chek IP etc.

 

If any is set to true a new session gets generated and associated so anything related to previous session might get lost.

 

Satish.

Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site.

 

Check My About US For who am I and what My company does.

Link to comment
Share on other sites

I do appreciate that you took a look at it!

 

 

That eliminates all of the easy fixes. It appears that the Register Globals Easy contribution is failing to set the session variables properly. Unfortunately I don't know of an easy fix for this. The right way to do it would be to define all of those pesky globals, i.e. add
		  $customer_default_address_id = $_SESSION['customer_default_address_id'];

to checkout_shipping.php. I only know about that one because it bit me recently; I have no way of finding all the rest. Not without countless hours of work, that is. Sorry I'm not being much help here.

 

Regards

Jim

Link to comment
Share on other sites

For those of you having issues with this contribution in relation to other contributions I may have come up with a solution. The problem is that when using the tep_session_register function the $_SESSION value is set to null. When this in turn is interrogated with the tep_session_is_registered function it will always return false unless a value has been assigned to it. Instead of setting it to null I have modified it to set it to whatever value exists in the variable at the time of registration. If the variable never had anything set then it would still be null anyway.

 

I have tested this with several contributions including Admin Access Level Accounts 2.2a which started me on this quest in the first place. Everything appears to be working perfectly but that is only on my site. Try it out it may work for you as well.

 

This will work with configure.php - define('STORE_SESSIONS') set to 'mysql' or not. I have tested it both ways.

 

Within /catalog/admin/includes/functions/sessions.php change around line 57 from this:

 

// AGM Register Globals MOD 
 function tep_session_register($variable) {
   global $session_started;
   if ($session_started == true) {
     $_SESSION[$variable] = null;
     return true;
   } else {
     return false;
   }
 }

 

to this:

 

// AGM Register Globals MOD 
 function tep_session_register($variable) {
   global $session_started, $$variable;
   if ($session_started == true) {
     $_SESSION[$variable] = $$variable;
     return true;
   } else {
     return false;
   }
 }

 

And within /catalog/admin/includes/functions/sessions.php change around line 57 from this:

 

// AGM Register Globals MOD
 function tep_session_register($variable) {
   $_SESSION[$variable] = null;
 }

 

to this:

 

// AGM Register Globals MOD
 function tep_session_register($variable) {
   global $$variable;
   $_SESSION[$variable] = $$variable;
 }

 

BTW Great contribution!

Link to comment
Share on other sites

I was about to make the suggested changes when I noticed that they were all to the admin side. I had a problem loading items into the cart on the catalog side. Aren't there some changes that should be made to the cart side also?

 

For those of you having issues with this contribution in relation to other contributions I may have come up with a solution. The problem is that when using the tep_session_register function the $_SESSION value is set to null. When this in turn is interrogated with the tep_session_is_registered function it will always return false unless a value has been assigned to it. Instead of setting it to null I have modified it to set it to whatever value exists in the variable at the time of registration. If the variable never had anything set then it would still be null anyway.

 

I have tested this with several contributions including Admin Access Level Accounts 2.2a which started me on this quest in the first place. Everything appears to be working perfectly but that is only on my site. Try it out it may work for you as well.

 

This will work with configure.php - define('STORE_SESSIONS') set to 'mysql' or not. I have tested it both ways.

 

Within /catalog/admin/includes/functions/sessions.php change around line 57 from this:

 

// AGM Register Globals MOD 
 function tep_session_register($variable) {
   global $session_started;
   if ($session_started == true) {
     $_SESSION[$variable] = null;
     return true;
   } else {
     return false;
   }
 }

 

to this:

 

// AGM Register Globals MOD 
 function tep_session_register($variable) {
   global $session_started, $variable;
   if ($session_started == true) {
     $_SESSION[$variable] = $variable;
     return true;
   } else {
     return false;
   }
 }

 

And within /catalog/admin/includes/functions/sessions.php change around line 57 from this:

 

// AGM Register Globals MOD
 function tep_session_register($variable) {
   $_SESSION[$variable] = null;
 }

 

to this:

 

// AGM Register Globals MOD
 function tep_session_register($variable) {
   global $variable;
   $_SESSION[$variable] = $variable;
 }

 

BTW Great contribution!

Link to comment
Share on other sites

For those of you having issues with this contribution in relation to other contributions I may have come up with a solution. The problem is that when using the tep_session_register function the $_SESSION value is set to null. When this in turn is interrogated with the tep_session_is_registered function it will always return false unless a value has been assigned to it. Instead of setting it to null I have modified it to set it to whatever value exists in the variable at the time of registration. If the variable never had anything set then it would still be null anyway.

 

I have tested this with several contributions including Admin Access Level Accounts 2.2a which started me on this quest in the first place. Everything appears to be working perfectly but that is only on my site. Try it out it may work for you as well.

 

This will work with configure.php - define('STORE_SESSIONS') set to 'mysql' or not. I have tested it both ways.

 

Within /catalog/admin/includes/functions/sessions.php change around line 57 from this: NOTE TYPO SHOULD BE catalog/includes/functions/sessions.php

 

// AGM Register Globals MOD 
 function tep_session_register($variable) {
   global $session_started;
   if ($session_started == true) {
     $_SESSION[$variable] = null;
     return true;
   } else {
     return false;
   }
 }

 

to this:

 

// AGM Register Globals MOD 
 function tep_session_register($variable) {
   global $session_started, $$variable;
   if ($session_started == true) {
     $_SESSION[$variable] = $$variable;
     return true;
   } else {
     return false;
   }
 }

 

And within /catalog/admin/includes/functions/sessions.php change around line 57 from this:

 

// AGM Register Globals MOD
 function tep_session_register($variable) {
   $_SESSION[$variable] = null;
 }

 

to this:

 

// AGM Register Globals MOD
 function tep_session_register($variable) {
   global $$variable;
   $_SESSION[$variable] = $$variable;
 }

 

BTW Great contribution!

 

 

Bob your fix works great for saving the Permanent Cart - Thumbs up !

 

I tried :

(kymation @ Mar 14 2008, 11:10 PM) *

A quick fix for that -- replace line 224 with this:

CODE

if (is_array ($_SESSION) ) extract ($_SESSION, EXTR_SKIP);

 

A better fix would be to not force cookies.

Regards

Jim

 

..but I still get a - Warning: Invalid argument error

 

No longer forcing cookies gets rid of the earlier error ...Thanks Jim

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...