♥FWR Media Posted June 9, 2009 Share Posted June 9, 2009 i have been reading the Thread but, as this is in another language i somtimes find it difficult to understand.. especially "computer talk" :blush: Sorry... Im afraid to anoy you more but, i have to ask just so i make it glass clear: If my URL´s look like http:// mywebsite.com/index.php/barn-c-3?osCsid=4ae2e68238d85d62d43ffda14202bf77 and someone copies that url and paste it on a nother website, the osCsid will also show... is that a bad thing? Please be kind and not angry with me of my stupid questions... :blush: (wish i were english or american) It would be a problem if sessions were not recreated .. Recreate session should always be TRUE. Recreating the session id after a user "change of state" is simple standard practise. Your osCsid should only be visible in the querystring for one click .. after that it should be gone or your includes/configure.php settings are wrong. Ultimate SEO Urls 5 PRO - Multi Language Modern, Powerful SEO Urls KissMT Dynamic SEO Meta & Canonical Header Tags KissER Error Handling and Debugging KissIT Image Thumbnailer Security Pro - Querystring protection against hackers ( a KISS contribution ) If you found my post useful please click the "Like This" button to the right. Please only PM me for paid work. Link to comment Share on other sites More sharing options...
Solan Posted June 9, 2009 Share Posted June 9, 2009 Thank you Robert :rolleyes: I feel horrible, not understanding what you mean by "in the querystring for one click" .... i have compared my includes/configure.php with the one in this thread and see nothing wrong... but this line: define('ENABLE_SSL', false); Link to comment Share on other sites More sharing options...
♥FWR Media Posted June 9, 2009 Share Posted June 9, 2009 Thank you Robert :rolleyes: I feel horrible, not understanding what you mean by "in the querystring for one click" .... i have compared my includes/configure.php with the one in this thread and see nothing wrong... but this line: define('ENABLE_SSL', false); Solan if you close ALL of your browser windows then go to your site. Hover over any link and you will see in the bottom bar that the link has an osCsid appended to it. If you then click that link then once again hover over a link when the page reloads the link should now be free of any osCsid. Ultimate SEO Urls 5 PRO - Multi Language Modern, Powerful SEO Urls KissMT Dynamic SEO Meta & Canonical Header Tags KissER Error Handling and Debugging KissIT Image Thumbnailer Security Pro - Querystring protection against hackers ( a KISS contribution ) If you found my post useful please click the "Like This" button to the right. Please only PM me for paid work. Link to comment Share on other sites More sharing options...
Solan Posted June 9, 2009 Share Posted June 9, 2009 sorry but then i think i have problem, i dont know if i do it right but i still se the ocsid... Link to comment Share on other sites More sharing options...
♥FWR Media Posted June 9, 2009 Share Posted June 9, 2009 sorry but then i think i have problem, i dont know if i do it right but i still se the ocsid... Yes having seen your site you have persistent osCsid so your settings are wrong. Ultimate SEO Urls 5 PRO - Multi Language Modern, Powerful SEO Urls KissMT Dynamic SEO Meta & Canonical Header Tags KissER Error Handling and Debugging KissIT Image Thumbnailer Security Pro - Querystring protection against hackers ( a KISS contribution ) If you found my post useful please click the "Like This" button to the right. Please only PM me for paid work. Link to comment Share on other sites More sharing options...
Solan Posted June 9, 2009 Share Posted June 9, 2009 Yes having seen your site you have persistent osCsid so your settings are wrong. :( okay Thanks.. but nice to know my problem.. Link to comment Share on other sites More sharing options...
RBaxter Posted June 10, 2009 Share Posted June 10, 2009 If you have set prevent spider sessions to true and updated the spider.txt you don`t need SID killer You could still get sid mixup if other sites etc include the sid, so you need to be careful. Set Recreate Session to true to avoid that problem Thanks a lot for the help! I'll make sure those settings are set! Much appreciated -R Link to comment Share on other sites More sharing options...
Solan Posted June 10, 2009 Share Posted June 10, 2009 It would be a problem if sessions were not recreated .. Recreate session should always be TRUE. Recreating the session id after a user "change of state" is simple standard practise. Your osCsid should only be visible in the querystring for one click .. after that it should be gone or your includes/configure.php settings are wrong. You were totally right my friend :rolleyes: my includes/configure.php settings was wrong... With your great help i could finally load a correct configure.php Thank you a milling times for helping me out with my issue.. *handing you a flower* It feels great having a site again *lol* Link to comment Share on other sites More sharing options...
Guest Posted June 19, 2009 Share Posted June 19, 2009 errm okay guys now back to my prob...I mean back to the SOLUTION I desperately still need help with the following: What is the correct way to add a link to my page? Scenario 1: I am using Oscommerce and adding a link within the descrition of a product to another product on the same site what code is suitable? Scenario 2: If I want to link from a product page to a different site what code is suitable? Scenario 3: If I am using dreamweaver then does the applicable code remain the same as if designing the page in oscommerce or is it okay to just use the normal 'insert link' function. PLEASE PLEASE HANDSOME..PRETTY PLEASE HELP :rolleyes: Link to comment Share on other sites More sharing options...
Guest Posted June 29, 2009 Share Posted June 29, 2009 No one out there who can help with this? Not anyone? Please? Link to comment Share on other sites More sharing options...
spooks Posted July 8, 2009 Author Share Posted July 8, 2009 Please? If you dot your queries at the end of other unrelated queries randomly throughout a thread your unlikely to gert a reply as your question will be missed. Scenario 1: I am using Oscommerce and adding a link within the descrition of a product to another product on the same site what code is suitable? Use tep_href_link as detailed ealier Scenario 2: If I want to link from a product page to a different site what code is suitable? Any standard link can be used as no need to maintain the session Scenario 3: If I am using dreamweaver then does the applicable code remain the same as if designing the page in oscommerce or is it okay to just use the normal 'insert link' function. No, you must use tep_href_link as detailed ealier Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
RishikeshJha Posted July 18, 2009 Share Posted July 18, 2009 hi i am using this code for the link <a href="<?php echo tep_href_link('stuffsell.php', '', 'SSL'); ?>">Sell your Stuff</a> it is working fine on the local system. but when i upload same pages on the live site osCid becomes blank. how to resolve this problem. can anyone have any solution to this. waiting for reply... Thanks in advance.. Link to comment Share on other sites More sharing options...
spooks Posted July 18, 2009 Author Share Posted July 18, 2009 tep_href_link only adds the sid to the url if it is required, often thiis only occurs on the first page viewed. Your real test is to log in, then check you don`t get logged out un-expectedly Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
RBaxter Posted August 3, 2009 Share Posted August 3, 2009 errm okay guys now back to my prob...I mean back to the SOLUTION I desperately still need help with the following:What is the correct way to add a link to my page? Scenario 1: I am using Oscommerce and adding a link within the descrition of a product to another product on the same site what code is suitable? Scenario 2: If I want to link from a product page to a different site what code is suitable? Scenario 3: If I am using dreamweaver then does the applicable code remain the same as if designing the page in oscommerce or is it okay to just use the normal 'insert link' function. PLEASE PLEASE HANDSOME..PRETTY PLEASE HELP :rolleyes: Hi Amirage, I can't help with everything but this might be of some use (if it's not too late). Scenario 1 - if you're adding a link to another product on the same site, you'll want to use the tep_href_link function in conjunction with the product_id of the item you want to link to. So, it'd be something like: <a href="'.tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=PRODUCTIDHERE'"> Now, that's not a very elegant way of doing it and I'm sure someone else out there will be able to do it much better, but it might put you on the right track. Using the tep_href_function will help ensure you don't lose your osCsid. Scenario 2 - If you want to link to a different site, just write a link as normal, for example, <a href="http://www.bbc.co.uk">Linky</a>. Scenario 3 - I've no idea about dreamweaver tbh. I wouldn't feel confident using dreamweaver with oscommerce personally, but that's just because I like the TextPad & tea approach to coding. :) Link to comment Share on other sites More sharing options...
spooks Posted August 29, 2009 Author Share Posted August 29, 2009 HOW TO HIDE THE SID Before making any changes BACKUP First. its important you ensure that robots do not have sessions, so in admin -> sessions set Prevent Spider Sessions to true and update spiders.txt http://addons.oscommerce.com/info/2455 Second. in case you have any links that have a session attached, in admin -> sessions set Recreate Session to true. Third. check your configure.php settings: define('HTTP_SERVER', 'http://www.mystore.com'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://mystore.com'); // eg, https://localhost - should not be empty for productive servers define('HTTP_COOKIE_DOMAIN', 'www.mystore.com'); define('HTTPS_COOKIE_DOMAIN', 'mystore.com'); define('HTTP_COOKIE_PATH', '/'); or define('HTTP_COOKIE_PATH', '/catalog/'); if store is in the catalog dir. define('HTTPS_COOKIE_PATH', '/'); or define('HTTPS_COOKIE_PATH', '/catalog/'); You should then only see a sid on the first page viewed, you can prevent even that by in admin -> sessions set: Force Cookie Use to true That could cause you problems with customers that have cookies disabled though (including AOL users!) Some SEO contributions have an option to hide the sid, useful if other methods don't work for you. If you are using MS2 (many templates are ms2 based) you may still have an issue, consider upgrading to rc2a Upgrading osC from 2.2 MS2 to 2.2 RC2a http://addons.oscommerce.com/info/6654 or at the least its advisable to use the includes/functions/sessions.php from the rc2a distribution. If turning on Force Cookie Use in MS2 creates errors you may find using the includes/application_top.php from the rc2a distribution will fix that, though take great care if trying that. Not sure what version osC your using?. This thread in Tips details the method to find your osC version, don't forget in Admin, under tools you have Server Info, that will provide a lot of info about your store & server. Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
armatik Posted August 29, 2009 Share Posted August 29, 2009 When I set force cookies to true, it does not work for me, not in Firefox or IE. Also, when I set it to false, the SID shows on every page. SID Killer is not an ideal module to add because I don't want this security risk on my site at all. Do you know of a way to fix this problem? I do remember reading something about the way PHP is installed and how it could affect something. For now I'm developing on my box, using WAMP server so PHP is a module on Apache. Is this related to the problem? Link to comment Share on other sites More sharing options...
spooks Posted August 30, 2009 Author Share Posted August 30, 2009 Have u looked at all the options detailed in my last? what version is your store? Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
armatik Posted August 30, 2009 Share Posted August 30, 2009 Yes I have, and I have the very latest version, downloaded two weeks ago, but it is version 2.x, not the alpha. RC2 I believe. Link to comment Share on other sites More sharing options...
spooks Posted August 30, 2009 Author Share Posted August 30, 2009 Yes I have, and I have the very latest version, downloaded two weeks ago, but it is version 2.x, not the alpha. RC2 I believe. version 2.x is meaningless, so you could have 2.2ms2!! So update to 2.2rc2a! Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
armatik Posted August 30, 2009 Share Posted August 30, 2009 I did mention that I have the RC2 version.. also the latest version since I believe this version has been out for a while now? Two weeks isn't that long ago. Could it be that the way PHP is installed is affecting the functionality of osCommerce? Link to comment Share on other sites More sharing options...
spooks Posted September 1, 2009 Author Share Posted September 1, 2009 Regenerating the session when linked from an external source Matt has created I nice post here with a mod for regenerating the session and preventing shared sessions from shared links Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
simonChen Posted September 23, 2009 Share Posted September 23, 2009 Thanks for the nitty gritty, really useful. I am very new here. Just try to construct a site. But to my horror, this oscSid kept changing after login (in fact, it did not remember who the user is ). the app cannot track my orders or any other things. What I have done wrong here?? I just got the app installed a few days back, and did not make much customization. Link to comment Share on other sites More sharing options...
spooks Posted September 23, 2009 Author Share Posted September 23, 2009 What version have u installed, is it a template? a link would help to seee issue too. Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
simonChen Posted September 24, 2009 Share Posted September 24, 2009 Ok it appears that new installation has this problem. and the solution is provided by this discussion http://www.oscommerce.com/forums/index.php?sho...&hl=session. The solution is : Change the Cookie Domains and Cookie Paths to blank in the catalog\includes\configure.php file . vista; Apache/2.2.11 (Win32) PHP/5.3.0; MySQL 5.1.36; osCommerce 2.2-MS2. Link to comment Share on other sites More sharing options...
spooks Posted October 1, 2009 Author Share Posted October 1, 2009 Ok it appears that new installation has this problem. and the solution is provided by this discussion http://www.oscommerce.com/forums/index.php?sho...&hl=session. The solution is : Change the Cookie Domains and Cookie Paths to blank in the catalog\includes\configure.php file . vista; Apache/2.2.11 (Win32) PHP/5.3.0; MySQL 5.1.36; osCommerce 2.2-MS2. A new install of latest versions does not have this issue, as it is correctly coded, if you use cookies then yes u must set the configure files correctly, but most don't use cookies for good reason. Cookies is just one small part of this issue, most problems occur with faultly links or incorrect use of forms. PS why are u using a old version of osc, or have u installed a duff template & assumed faults with that apply to all!! :rolleyes: Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.