Jump to content

Archived

This topic is now archived and is closed to further replies.

Supertex

Modifying table: orders_status & orders_status_history

Recommended Posts

I've had a few incidents of someone allowing the admin session timer to log them out, and they unknowingly tried to update an order status, resulting in a "lost" order.

 

In that instance, the order status becomes blank.  And because the orders.php uses "o.orders_status=s.orders_status_id" and there is by default, no status ID of ' ', the order does not show.

 

Now I know there are other ways of handling the session timeout, and I'll get to that in a sec, but it seems like preventing the order status from ever becoming an empty value is the fix for "vanishing orders."  I've been toying around with different methods, and what -seems- to work for this is:

 

1)  In table orders_status_history -  change column order_status_id to require a default, set 0.

2)  In table orders_status -  create a row for an ID of 0, with an orders_status_name of "TIMEOUT" or something.
 
Near as I can tell...if a session timeout occurs, followed by a user update attempt, the order status will then go to 0 instead of being blank, and since a 0 entry now exists to match it against, it should say "TIMEOUT" in the orders list...more to the point, it wont vanish from the orders list.

 

But I don't know if these modifications will cause problems somewhere else....so...thoughts?

 

 

And to the issue of session length...how long is too long, and why?  Currently at 1440 sec - nice round number of 24 mins?  Where'd that come from?  What concerns should I have if I set it to 43200 (12hrs)?  I understand the need to log in, obviously, but what cause is there for the admin session to ever expire, short of closing the browser?  Or would doing this cause anyone that sat down at the console within 12 hours to be able to point the browser to the admin and bypass login?

 

 

Share this post


Link to post
Share on other sites

@@Supertex

 

This is similar to a bug that was reported some time ago: http://forums.oscommerce.com/tracker/issue-707-2334-loses-order/


My Add-ons
Advanced Cache Control Tool for osCommerce 2.3.x (non-bootstrap) Download Support
Ajax Product Listing for osC 2.3.4 (bootstrap) Download Support
Category New Products Carousel for osC 2.3.4 (bootstrap) Download Support
Category Popular Products Carousel for osC 2.3.4 (bootstrap) Download Support
Customer Testimonials for osCommerce 2.3.4 (bootstrap and non-bootstrap) Download Support
Front Page New Products Carousel for osC 2.3.4 (bootstrap) Download Support

Index Nested - Product Listing for osC 2.3.4 (bootstrapDownload Support
Match Categories in Search Results for osCommerce versions 2.3.x (non-bootstrap) Download Support
Modular Category Page for osC 2.3.4 (bootstrap)
Download Support

NEW Australia Post Shipping Modules for osCommerce 2.3.x (non-bootstrap) Download Support
NEW Equal Height Module for osC 2.3.4 (bootstrapDownload Support
Products Low Stock Report for osC 2.3.x (bootstrap and non-bootstrap) Download Support
Twitter Typeahead Autocomplete Search for osCommerce 2.3.4 (bootstrap and non-bootstrap)
Download Support

Upcoming Products Modules for osC 2.3.4 (bootstrap) Download Support

 
Assisted Add-ons
Scroll Boxes for osCommerce 2.3.x (bootstrap and non-bootstrap) Download Support
 
Bootstrap Add-ons created by other members
osCommerce Bootstrap Addons and Code

Share this post


Link to post
Share on other sites

@@Supertex, @@auzStar ... or anyone...

 

Where would one change this timeout / session length number? I'm on OSC 2.3.4

 

Thanks


"The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself.

Therefore, all progress depends upon the unreasonable man."

-- George Bernard Shaw

Share this post


Link to post
Share on other sites

found it. Looks like 2.3.4 does session time outs a little different from the past. Here is a link to the solution. (it seems to work for me)

http://forums.oscommerce.com/topic/398350-how-do-i-control-session-lenght-in-ocs-234/

 

 

(EDIT)
For those carts older than 2.3.4, look for this code in your admin/includes/functions/sessions.php
 

        if (STORE_SESSIONS == 'mysql') {
        if (!$SESS_LIFE = get_cfg_var('session.gc_maxlifetime')) {
        $SESS_LIFE = 1440;
        }

Change the 1440 to whatever time you want (in seconds). 3600 = 1 hour.


"The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself.

Therefore, all progress depends upon the unreasonable man."

-- George Bernard Shaw

Share this post


Link to post
Share on other sites

The option I ended up using:

 

SQL entry: 

 

INSERT INTO `configuration` VALUES (236, 'Session Lifetime', 'MYSESSION_LIFETIME', '3600', 'How long you can stay on one page in ADMIN, without a refresh, before you are required to log in.(3600 is one hour)', 15, 8, '2006-01-01 10:11:25', '2006-01-01 03:30:25', NULL, NULL);

 

catalog/admin/includes/functions/sessions.php:

 // if (STORE_SESSIONS == 'mysql') {
 //   if (!$SESS_LIFE = get_cfg_var('session.gc_maxlifetime')) {
 //     $SESS_LIFE = 1440;
 //   }
  if (STORE_SESSIONS == 'mysql') {
        $SESS_LIFE = MYSESSION_LIFETIME + 600;
  

    function _sess_open($save_path, $session_name) {
      return true;
    }

    function _sess_close() {
      return true;
    }

That allows you to arbitrarily define session length from the admin side, but reserves 10 mins, so even if you goof up and enter "0", you still have a minimum session time of 10 mins.

 

http://addons.oscommerce.com/info/5899

Share this post


Link to post
Share on other sites

×