Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

"Force Cookie Use" option


WoodsWalker

Recommended Posts

Hi everyone!

 

The "Force Cookie Use" option in the admin under "Configuration/Sessions" seemed like a good idea, but after I enabled it, several of my testers reported that when they tried to log in to the catalog or create an account, they were redirected to a page instructing them to enable cookies on their browsers. This happened even though their browsers were already set to accept cookies!

 

I tested the situation myself, using Firefox 2.0 and IE 6.0, both with cookies enabled, and my testers were right! All of us are redirected to /catalog/cookie_usage.php.

 

Glad I tested this before launching my catalog! Anyone have any further info on this, or is "Force Cookie Use" simply useless?

 

Thanks,

~Wendy

Link to comment
Share on other sites

check your config settings closely, for a root site they should be like.

 

define('HTTP_SERVER', 'http://www.mystore.com');

define('HTTPS_SERVER', 'https://mystore.com');

define('HTTP_COOKIE_DOMAIN', 'www.mystore.com');

define('HTTPS_COOKIE_DOMAIN', 'mystore.com');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

 

Remember BACKUP FIRST

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Link to comment
Share on other sites

check your config settings closely [etc etc]

 

Remember BACKUP FIRST

 

Hi Sam!

 

OK, I tried that (well, as close as I thought I could get, since my SSL is for address "www.myaddress.com"), and tested it but the problem still reappears as soon as I set "Force Cookie Use" to "true". Here's what I have...

 

define('HTTP_SERVER','http://www.myaddress.com');
 define('HTTPS_SERVER', 'https://www.myaddress.com');
 define('ENABLE_SSL', true);
 define('HTTP_COOKIE_DOMAIN', 'www.myaddress.com');
 define('HTTPS_COOKIE_DOMAIN', 'www.myaddress.com');
 define('HTTP_COOKIE_PATH', '/');
 define('HTTPS_COOKIE_PATH', '/');
 define('DIR_WS_HTTP_CATALOG', '/catalog/');
 define('DIR_WS_HTTPS_CATALOG', '/catalog/');

 

See any boo-boos?

 

~Wendy

Link to comment
Share on other sites

Hi Sam!

 

OK, I tried that (well, as close as I thought I could get, since my SSL is for address "www.myaddress.com"), and tested it but the problem still reappears as soon as I set "Force Cookie Use" to "true". Here's what I have...

 

define('HTTP_SERVER','http://www.myaddress.com');
 define('HTTPS_SERVER', 'https://www.myaddress.com');
 define('ENABLE_SSL', true);
 define('HTTP_COOKIE_DOMAIN', 'www.myaddress.com');
 define('HTTPS_COOKIE_DOMAIN', 'www.myaddress.com');
 define('HTTP_COOKIE_PATH', '/');
 define('HTTPS_COOKIE_PATH', '/');
 define('DIR_WS_HTTP_CATALOG', '/catalog/');
 define('DIR_WS_HTTPS_CATALOG', '/catalog/');

 

See any boo-boos?

 

Yes, I mentioned what I sent was for a 'root' site, but you seem to have a 'catalog' site.

 

try these:

 

define('HTTP_COOKIE_PATH', '/catalog/');

define('HTTPS_COOKIE_PATH', '/catalog/');

 

and maybe

 

define('HTTPS_COOKIE_DOMAIN', 'myaddress.com');

~Wendy

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Link to comment
Share on other sites

try these:

 

define('HTTP_COOKIE_PATH', '/catalog/');

define('HTTPS_COOKIE_PATH', '/catalog/');

This is what they were originally, before I made the suggested change, so I know that won't solve it.

 

 

and maybe

 

define('HTTPS_COOKIE_DOMAIN', 'myaddress.com');

Will this be OK, even though the SSL is for www.myaddress.com?

 

~Wendy

Link to comment
Share on other sites

Changing both cookie domains as follows solved the problem:

 

  define('HTTP_COOKIE_DOMAIN', 'myaddress.com');
 define('HTTPS_COOKIE_DOMAIN', 'myaddress.com');

 

I read in another thread that the two cookie domains must match for "Force Cookie Use" to work.

 

Thanks for your help!

 

Now that it's working I'm wondering if I really want to use it... natch.

 

~Wendy

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...