WoodsWalker Posted May 31, 2008 Share Posted May 31, 2008 Hi everyone! The "Force Cookie Use" option in the admin under "Configuration/Sessions" seemed like a good idea, but after I enabled it, several of my testers reported that when they tried to log in to the catalog or create an account, they were redirected to a page instructing them to enable cookies on their browsers. This happened even though their browsers were already set to accept cookies! I tested the situation myself, using Firefox 2.0 and IE 6.0, both with cookies enabled, and my testers were right! All of us are redirected to /catalog/cookie_usage.php. Glad I tested this before launching my catalog! Anyone have any further info on this, or is "Force Cookie Use" simply useless? Thanks, ~Wendy Link to comment Share on other sites More sharing options...
spax Posted May 31, 2008 Share Posted May 31, 2008 It sounds like you have a shared SSL certificate. If you want to force cookie use, then you need a dedicated certificate. Link to comment Share on other sites More sharing options...
WoodsWalker Posted May 31, 2008 Author Share Posted May 31, 2008 It sounds like you have a shared SSL certificate. If you want to force cookie use, then you need a dedicated certificate. Nope, I have dedicated SSL, so it can't be that. Link to comment Share on other sites More sharing options...
spax Posted May 31, 2008 Share Posted May 31, 2008 Then maybe the configure files aren't set correctly. Link to comment Share on other sites More sharing options...
WoodsWalker Posted May 31, 2008 Author Share Posted May 31, 2008 Then maybe the configure files aren't set correctly. Is there anything specific I should look for? Link to comment Share on other sites More sharing options...
spooks Posted May 31, 2008 Share Posted May 31, 2008 check your config settings closely, for a root site they should be like. define('HTTP_SERVER', 'http://www.mystore.com'); define('HTTPS_SERVER', 'https://mystore.com'); define('HTTP_COOKIE_DOMAIN', 'www.mystore.com'); define('HTTPS_COOKIE_DOMAIN', 'mystore.com'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); Remember BACKUP FIRST Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
WoodsWalker Posted June 1, 2008 Author Share Posted June 1, 2008 check your config settings closely [etc etc] Remember BACKUP FIRST Hi Sam! OK, I tried that (well, as close as I thought I could get, since my SSL is for address "www.myaddress.com"), and tested it but the problem still reappears as soon as I set "Force Cookie Use" to "true". Here's what I have... define('HTTP_SERVER','http://www.myaddress.com'); define('HTTPS_SERVER', 'https://www.myaddress.com'); define('ENABLE_SSL', true); define('HTTP_COOKIE_DOMAIN', 'www.myaddress.com'); define('HTTPS_COOKIE_DOMAIN', 'www.myaddress.com'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); define('DIR_WS_HTTP_CATALOG', '/catalog/'); define('DIR_WS_HTTPS_CATALOG', '/catalog/'); See any boo-boos? ~Wendy Link to comment Share on other sites More sharing options...
spooks Posted June 1, 2008 Share Posted June 1, 2008 Hi Sam! OK, I tried that (well, as close as I thought I could get, since my SSL is for address "www.myaddress.com"), and tested it but the problem still reappears as soon as I set "Force Cookie Use" to "true". Here's what I have... define('HTTP_SERVER','http://www.myaddress.com'); define('HTTPS_SERVER', 'https://www.myaddress.com'); define('ENABLE_SSL', true); define('HTTP_COOKIE_DOMAIN', 'www.myaddress.com'); define('HTTPS_COOKIE_DOMAIN', 'www.myaddress.com'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); define('DIR_WS_HTTP_CATALOG', '/catalog/'); define('DIR_WS_HTTPS_CATALOG', '/catalog/'); See any boo-boos? Yes, I mentioned what I sent was for a 'root' site, but you seem to have a 'catalog' site. try these: define('HTTP_COOKIE_PATH', '/catalog/'); define('HTTPS_COOKIE_PATH', '/catalog/'); and maybe define('HTTPS_COOKIE_DOMAIN', 'myaddress.com'); ~Wendy Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
WoodsWalker Posted June 1, 2008 Author Share Posted June 1, 2008 try these: define('HTTP_COOKIE_PATH', '/catalog/'); define('HTTPS_COOKIE_PATH', '/catalog/'); This is what they were originally, before I made the suggested change, so I know that won't solve it. and maybe define('HTTPS_COOKIE_DOMAIN', 'myaddress.com'); Will this be OK, even though the SSL is for www.myaddress.com? ~Wendy Link to comment Share on other sites More sharing options...
WoodsWalker Posted June 5, 2008 Author Share Posted June 5, 2008 Changing both cookie domains as follows solved the problem: define('HTTP_COOKIE_DOMAIN', 'myaddress.com'); define('HTTPS_COOKIE_DOMAIN', 'myaddress.com'); I read in another thread that the two cookie domains must match for "Force Cookie Use" to work. Thanks for your help! Now that it's working I'm wondering if I really want to use it... natch. ~Wendy Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.