Jump to content

Archived

This topic is now archived and is closed to further replies.

spooks

What is the osCsid & why you must not loose it.

Recommended Posts

which is smthg they would only do if there was a special need. sad.gif
just thought updating a topic with 32K+ views was worth the trouble :)

Nice topic it is :)

Share this post


Link to post
Share on other sites

Any idea how to add the tep_href_link() to the banner manager html? I would like to link to internal pages and not loose the session.

 

I have tried as examples:

 

<?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT, 'cpath=27') . '">' . tep_image(DIR_WS_IMAGES . 'klim_1.jpg', 'Click to go to the KLIM product line') . '</a>'; ?>

 

 

<a href="<?php echo tep_href_link(FILENAME_DEFAULT, 'cpath=27'); ?>"><img src="images/klim_1.jpg" alt="Click to go to the KLIM product line" border="0"></a>

 

The last example will show the banner image but the link is <a href="<?php echo tep_href_link(FILENAME_DEFAULT, 'cpath=27'); ?>"> and not the actual http://........com/index.php?cpath=27 etc.

 

I created a php page and ran it, and it works. Just not in banner manager.

 

Thanks, Corey

Share this post


Link to post
Share on other sites

 

 

if u got <a href="<?php echo

 

on the rendered page, u must have a <?php b4 that


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

if u got <a href="<?php echo

 

on the rendered page, u must have a <?php b4 that

 

 

The regular banner insert php lines are being used <?php echo tep_display_banner('static', $banner); ?>

 

It's not worth anymore of my time, just thought I could sneak the tep_href_link in there.

 

I will continue to use the banner with no click through and just a display image.

 

Thanks, Corey

Share this post


Link to post
Share on other sites

Hi everyone,

 

I'd modified line 77 of the create_account_success.php which was originally:

 

<td align="right"><?php echo '<a href="' . $origin_href . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td>

 

to:

 

<td align="right"><?php echo '<a href="https://yourdomain.com/checkout_shipping.php">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td>

 

I did this because I want customers who create a new account when trying to check out to be taken to the checkout page, not index.php. After reading this thread, I realize that I need to use a tep_href_link instead. Would someone be able to tell me where I'm messing up in the following code?:

 

<td align="right"><a href="<?php echo tep_href_link(FILENAME_CHECKOUT_SHIPPING); ?>"> tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td>

 

With this the Continue button doesn't show up but a clickable link that takes me to the checkout does.

 

Thanks!

Share this post


Link to post
Share on other sites

<td align="right"><a href="<?php echo tep_href_link(FILENAME_CHECKOUT_SHIPPING); ?>"> tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td>

With this the Continue button doesn't show up but a clickable link that takes me to the checkout does.

 

Maybe you try something like this

<?php echo '<a href="' . tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL') . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?>

 

PS1: Post any code in code tags, easier to identify, read, copy, whatever

PS2: Are you sure you want to have the link like this? People will be delivered to checkout_shipping.php doesn't matter if they have something in the cart or not. If cart is empty they will land on shopping cart page telling them "your cart is empty". The original code is much better. It returns to index only if no "snapshot" was set. If it was set then it returns to $origin_href, and this is exactly the place where the customer was when asked to login ie the checkout shipping page if he was on the way to checkout, can be also the reviews page etc

Share this post


Link to post
Share on other sites

Maybe you try something like this

<?php echo '<a href="' . tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL') . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?>

 

PS1: Post any code in code tags, easier to identify, read, copy, whatever

PS2: Are you sure you want to have the link like this? People will be delivered to checkout_shipping.php doesn't matter if they have something in the cart or not. If cart is empty they will land on shopping cart page telling them "your cart is empty". The original code is much better. It returns to index only if no "snapshot" was set. If it was set then it returns to $origin_href, and this is exactly the place where the customer was when asked to login ie the checkout shipping page if he was on the way to checkout, can be also the reviews page etc

 

 

I hadn't noticed the code tags button there. I'll use those in the future for sure. I was having an issue where even when something was in the cart, a customer who created a new account [me as I'm testing things] while trying to check out was sent back to index.php for whatever reason. Maybe this was just because I wasn't resetting my browser cache often enough as I'm working on things. I'll try out both ways and maybe revert back to the original code, but still this'll work for me if nothing else. Thanks again for the tips George!

Share this post


Link to post
Share on other sites

I recently upload my site and I noticed it lost the oscid, I mean it changes everytime you click a link, why is this? how can I find the thing which is making it change it? pelase help, thanks for reading!

 

P.D. site is http://sri.com.ve

Share this post


Link to post
Share on other sites

I recently upload my site and I noticed it lost the oscid, I mean it changes everytime you click a link, why is this? how can I find the thing which is making it change it? pelase help, thanks for reading!

 

P.D. site is http://sri.com.ve

 

 

Please always give full information, its always hard to tell much from a tiny bit of info!!

 

Check your configure files.

 

These are examples of both configure files with locations

 

CATALOG/ADMIN/INCLUDES/CONFIGURE.PHP

define('HTTP_SERVER', 'http://www.my-site.co.uk');

define('HTTP_CATALOG_SERVER', 'http://www.my-site.co.uk');

define('HTTPS_CATALOG_SERVER', 'http://www.my-site.co.uk');

define('DIR_WS_HTTP_CATALOG', '/servername/catalog/');

define('DIR_WS_HTTPS_CATALOG', '/servername/catalog/');

define('ENABLE_SSL_CATALOG', 'false');

define('DIR_FS_DOCUMENT_ROOT', '/home/servername/public_html/catalog/');

define('DIR_WS_ADMIN', '/catalog/admin/');

define('DIR_FS_ADMIN', '/home/servername/public_html/catalog/admin/');

define('DIR_WS_CATALOG', '/catalog/');

define('DIR_FS_CATALOG', '/home/servername/public_html/catalog/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');

define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');

define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

 

CATALOG/INCLUDES/CONFIGURE.PHP

define('HTTP_SERVER', 'http://www.my_site.co.uk');

define('HTTPS_SERVER', 'http://www.my_site.co.uk');

define('ENABLE_SSL', false);

define('HTTP_COOKIE_DOMAIN', 'www.my_site.co.uk');

define('HTTPS_COOKIE_DOMAIN', 'www.my_site.co.uk');

define('HTTP_COOKIE_PATH', '/catalog/');

define('HTTPS_COOKIE_PATH', '/catalog/');

define('DIR_WS_HTTP_CATALOG', '/catalog/');

define('DIR_WS_HTTPS_CATALOG', '/catalog/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', '/home/servername/public_html/catalog/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

define('DB_SERVER', 'Localhost');

define('USE_PCONNECT', 'false');

define('STORE_SESSIONS', 'mysql');

 

if your store is in the root remove catalog/ above

 

 


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

Alright, well I don't really know what other information I could give you, my configure.php files are likes yours.

 

Also, when I Force Cookies Usage, even if my browser is accepting ALL cookies, my shop says I got them disabled, why is this?

So I dug into the code and found the redirect:

// redirect the customer to a friendly cookie-must-be-enabled page if cookies are disabled

if ($session_started == false) {

tep_redirect(tep_href_link(FILENAME_COOKIE_USAGE));

}

So I looked for where $session_started should be true and found this:

 

if (isset($HTTP_COOKIE_VARS['cookie_test'])) {

tep_session_start();

$session_started = true;

}

in application.top never becomes true

 

EDIT: I use FireFox, Chrome and IE, all with accepting all cookies, and nothing happened.

 

Someone help me please, as you can see I cannot get my store to run through those 2 only ways, cookies usage or without!:(

 

You can PM me for any other info you need to give me a hand, I really need it

Share this post


Link to post
Share on other sites

 

 

 

 

Version info is always handy, ie php, sql and osc

 

 

 

you don't seem to be setting the cookie, can u give your configure files cookie settings ?

 

have u enabled error messages?, how r u storing sessions?

 

 


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

 

 

I don't know why u needed to PM your configure!! U left nothing in it u needed to hide!! Please only use PM when asked.

 

U say you have osc2.2 but there are varients of that, if you have ms2 upgrade to rc2a, the sessions were redone in rc2a.


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

I've got a SID / shopping cart problem on my site (it's a live site).

 

When my cookies are cleared, and i enter my site normally by typing the url in my browser, everything works fine.

 

When i enter my site from another site by a link (whitout a oscsid in the url) product never show up in shopping cart when i click the order button.

 

Can't figur out why... :(

 

I've already noticed that the cookie that is stored contains two different OSCID's.

 

Anyone got an idea where to look???

 

Edit: it seems to happen when i enter the site trough a direct link to a product_info page. The cookie stores an oscsid, but all the internal links on the page get another oscsid??

Share this post


Link to post
Share on other sites

My version info and configuration:

 

oscommerce-2.2rc2a

 

prevent spider sessions enabled

all the other session settings are disabled

store cart in cookie was set to true, but i've also tried false

 

The only things i've been working on the last couple of days is the whos_online function. I've added a column in the whos_online table called referrer. In this column is stored where the customer came from. This is displayed in the admin section.

 

The session files are all untouched.

Share this post


Link to post
Share on other sites

Anyone???

 

I've removed the "store cart in cookie mod" which used the store cart in cookie database entry.

Share this post


Link to post
Share on other sites

 

 

From what you say the app is performing differently depending on the referrer setting, as there is nothing in the default code that would do that, its either something you've changed or some server config your host has set up.

 

Its nothing I`ve come across b4, but then thats due to the former I suspect.


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

Interesting set of articles. However, my problem is that I want to get rid of osCsid! I'm looking after an osCommerce site and it seems that the temptation for people to send each other urls for products (containing session ids) is too much and has caused the shared session problem outlined above. I can't use force cookies because the site uses shared ssl although switching 'force cookies' on has proved to be a useful way of taking the payment part of the site down whilst still allowing people to browse.

 

So I was wondering...

 

Suppose I put this code at the top of application-top.php:

 

//MOD:AC:2010-03-12

//An attempt to prevent session ids entering from pasted

//or posted urls containing osCsid parameters

if(strlen($_SERVER["HTTP_REFERER"])==0){

if(isset($_GET["osCsid"])){

unset($_GET["osCsid"]);

}

if(isset($_REQUEST["osCsid"])){

unset($_REQUEST["osCsid"]);

}

}

//END MOD

 

Basically, if there's no referer, i.e the url has been pasted in or clicked on in an email then the osCsid key (if set) is removed.

 

I'm fairly new to PHP and OScommerce so am a bit wary of dropping code in where there may be unintended consequences so can anyone see if this code has any credibility?

 

Much obliged

Share this post


Link to post
Share on other sites

 

 

No, thats a bad idea, you'll just loose the session & have new issues. huh.gif

 

Matt has made an excellent post on alieviating your issue http://forums.oscomm...xternal-source/

 

Don't forget the admin settings. wink.gif

 

Also with this you will get a issue with google & duplicate content, Remove & Prevent duplicate content with the canonical tag http://addons.oscommerce.com/info/7163 addon will fix that. smile.gif

 

 

PS on a correctly configured site the sid should only appear in the uri on the first page visited.


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

Many thanks for your time and trouble Sam, this looks like it's exactly what I need. I did a lot of searching for something like this before I posted here but never found this. I'll let you know how I get on. Thanks again.

Share this post


Link to post
Share on other sites

Hi Sam,

 

I have:

 

"prevent spider sessions" enabled

all the other session settings are disabled

 

When a new user comes in the very first time if he/she clicks on the Catalog link it still gives a session ID.

 

Please help!

 

Thanks, any advise will be greatly appreciated.

Share this post


Link to post
Share on other sites

Hi Sam,

 

I have:

 

"prevent spider sessions" enabled

all the other session settings are disabled

 

When a new user comes in the very first time if he/she clicks on the Catalog link it still gives a session ID.

 

Please help!

 

Thanks, any advise will be greatly appreciated.

Seeing the session ID for 2 or 3 clicks isn't abnormal.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

is there a way I can get the session id and use it to track how many times a guest is refreshing given page?


OSC beginner

Share this post


Link to post
Share on other sites

Hi All,

 

sorry for crosspost, but as i can see - problems with osCsid are discuss in this topic.

So, my problem:

 

I have installed osCommerce Online Merchant v2.2 RC2a (version of php = 5.2.10) and i made some modifications with it.

 

 

if you go for URL: http://name.ru (without "www") the engine create a pages with correct links:

all links looks like "http://name.ru/index.php?osCsid=....&...&.."

 

if you go for URL: http://www.name.ru - some times all links have no "?osCsid=" (but other params, like cPath=xxx - still present). If you delete "www" in url and refresh page - all links became correct.

 

so there is a differece between http://name.ru and http://www.name.ru

 

Some additional words about my problem:

 

1. this problem happens only with internet site (when it placed on host side and use through internet). This problem not happens in my home environment (when site placed in my notebook)

 

2. all links make through tep_href_link function

 

 

what steps i need to do to localize this problem?

Share this post


Link to post
Share on other sites

 

 

Check your config files are correct for your server, also check any htaccess files, otherwise appears to be a server config error, speak to host.

 

You should not have www & non www versions of your site, creates a duplicate content issue, always redirect one to the other.

 

 

 

# redirect non www to www

RewriteCond %{HTTP_HOST} !^www\.mysite\.co.uk [NC] 

RewriteCond %{HTTP_HOST} !^$ 

RewriteRule ^(.*) http://www.mysite.co.uk/$1 [L,R=301] 

 

 


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

×