Supertex Posted January 26, 2015 Share Posted January 26, 2015 I've had a few incidents of someone allowing the admin session timer to log them out, and they unknowingly tried to update an order status, resulting in a "lost" order. In that instance, the order status becomes blank. And because the orders.php uses "o.orders_status=s.orders_status_id" and there is by default, no status ID of ' ', the order does not show. Now I know there are other ways of handling the session timeout, and I'll get to that in a sec, but it seems like preventing the order status from ever becoming an empty value is the fix for "vanishing orders." I've been toying around with different methods, and what -seems- to work for this is: 1) In table orders_status_history - change column order_status_id to require a default, set 0. 2) In table orders_status - create a row for an ID of 0, with an orders_status_name of "TIMEOUT" or something. Near as I can tell...if a session timeout occurs, followed by a user update attempt, the order status will then go to 0 instead of being blank, and since a 0 entry now exists to match it against, it should say "TIMEOUT" in the orders list...more to the point, it wont vanish from the orders list. But I don't know if these modifications will cause problems somewhere else....so...thoughts? And to the issue of session length...how long is too long, and why? Currently at 1440 sec - nice round number of 24 mins? Where'd that come from? What concerns should I have if I set it to 43200 (12hrs)? I understand the need to log in, obviously, but what cause is there for the admin session to ever expire, short of closing the browser? Or would doing this cause anyone that sat down at the console within 12 hours to be able to point the browser to the admin and bypass login? osC v2.3.1 MySQL v8.0.32 PHP v5.6.40 Installed addons: . Attribute Sets Plus .. Create Account & Manual Order Maker .. Customer Testimonials 2.3.4 .. Customer Blacklist .. Dynamic Info Pages .. FedEx Web Svcs v9 .. Filtered Sales Report .. Generic Box .. Google XML Sitemap SEO .. Maximum Order Value .. Modular Front Page .. Monthly Sales & Tax Report .. Multiple Products Manager .. Must Accept Terms & Conditions .. Order Editior .. PDF Customer Invoice .. Price in Cart Only .. Product Sort/Order .. Product Sort in Cart .. Quantity Discounts .. Restrict Delivery Methods .. SEO Header Tags - Reloaded .. Separate Pricing Per Customer .. Simpler Admin Session Length Control .. Sitemap SEO .. Show Free Ship + Modules .. Specials by Category for SPPC .. Store Mode (open|closed|maintenance) .. Store Pickup Shipping .. Theme Switcher .. Ultimate SEO URLs 5 Pro .. UPS XML Rates & Svcs 1.4 .. USPS methods 7.3.1 .. Who's Online Dashboard . Fixes: Add to cart -> 'product not found' : FIX Login issues with IE 11 : FIX Tools: Incredibly Handy: osC Xref Link to comment Share on other sites More sharing options...
auzStar Posted January 27, 2015 Share Posted January 27, 2015 @@Supertex This is similar to a bug that was reported some time ago: http://www.oscommerce.com/forums/tracker/issue-707-2334-loses-order/ My Add-onsAdvanced Cache Control Tool for osCommerce 2.3.x (non-bootstrap) Download SupportAjax Product Listing for osC 2.3.4 (bootstrap) Download SupportCategory New Products Carousel for osC 2.3.4 (bootstrap) Download SupportCategory Popular Products Carousel for osC 2.3.4 (bootstrap) Download SupportCustomer Testimonials for osCommerce 2.3.4 (bootstrap and non-bootstrap) Download SupportFront Page New Products Carousel for osC 2.3.4 (bootstrap) Download SupportIndex Nested - Product Listing for osC 2.3.4 (bootstrap) Download SupportMatch Categories in Search Results for osCommerce versions 2.3.x (non-bootstrap) Download SupportModular Category Page for osC 2.3.4 (bootstrap) Download SupportNEW Australia Post Shipping Modules for osCommerce 2.3.x (non-bootstrap) Download SupportNEW Equal Height Module for osC 2.3.4 (bootstrap) Download SupportProducts Low Stock Report for osC 2.3.x (bootstrap and non-bootstrap) Download SupportTwitter Typeahead Autocomplete Search for osCommerce 2.3.4 (bootstrap and non-bootstrap) Download SupportUpcoming Products Modules for osC 2.3.4 (bootstrap) Download Support Assisted Add-onsScroll Boxes for osCommerce 2.3.x (bootstrap and non-bootstrap) Download Support Bootstrap Add-ons created by other membersosCommerce Bootstrap Addons and Code Link to comment Share on other sites More sharing options...
yomama360 Posted July 16, 2015 Share Posted July 16, 2015 @@Supertex, @@auzStar ... or anyone... Where would one change this timeout / session length number? I'm on OSC 2.3.4 Thanks "The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore, all progress depends upon the unreasonable man." -- George Bernard Shaw Link to comment Share on other sites More sharing options...
yomama360 Posted July 17, 2015 Share Posted July 17, 2015 found it. Looks like 2.3.4 does session time outs a little different from the past. Here is a link to the solution. (it seems to work for me)http://www.oscommerce.com/forums/topic/398350-how-do-i-control-session-lenght-in-ocs-234/ (EDIT)For those carts older than 2.3.4, look for this code in your admin/includes/functions/sessions.php if (STORE_SESSIONS == 'mysql') { if (!$SESS_LIFE = get_cfg_var('session.gc_maxlifetime')) { $SESS_LIFE = 1440; } Change the 1440 to whatever time you want (in seconds). 3600 = 1 hour. "The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore, all progress depends upon the unreasonable man." -- George Bernard Shaw Link to comment Share on other sites More sharing options...
Supertex Posted July 17, 2015 Author Share Posted July 17, 2015 The option I ended up using: SQL entry: INSERT INTO `configuration` VALUES (236, 'Session Lifetime', 'MYSESSION_LIFETIME', '3600', 'How long you can stay on one page in ADMIN, without a refresh, before you are required to log in.(3600 is one hour)', 15, 8, '2006-01-01 10:11:25', '2006-01-01 03:30:25', NULL, NULL); catalog/admin/includes/functions/sessions.php: // if (STORE_SESSIONS == 'mysql') { // if (!$SESS_LIFE = get_cfg_var('session.gc_maxlifetime')) { // $SESS_LIFE = 1440; // } if (STORE_SESSIONS == 'mysql') { $SESS_LIFE = MYSESSION_LIFETIME + 600; function _sess_open($save_path, $session_name) { return true; } function _sess_close() { return true; } That allows you to arbitrarily define session length from the admin side, but reserves 10 mins, so even if you goof up and enter "0", you still have a minimum session time of 10 mins. http://addons.oscommerce.com/info/5899 osC v2.3.1 MySQL v8.0.32 PHP v5.6.40 Installed addons: . Attribute Sets Plus .. Create Account & Manual Order Maker .. Customer Testimonials 2.3.4 .. Customer Blacklist .. Dynamic Info Pages .. FedEx Web Svcs v9 .. Filtered Sales Report .. Generic Box .. Google XML Sitemap SEO .. Maximum Order Value .. Modular Front Page .. Monthly Sales & Tax Report .. Multiple Products Manager .. Must Accept Terms & Conditions .. Order Editior .. PDF Customer Invoice .. Price in Cart Only .. Product Sort/Order .. Product Sort in Cart .. Quantity Discounts .. Restrict Delivery Methods .. SEO Header Tags - Reloaded .. Separate Pricing Per Customer .. Simpler Admin Session Length Control .. Sitemap SEO .. Show Free Ship + Modules .. Specials by Category for SPPC .. Store Mode (open|closed|maintenance) .. Store Pickup Shipping .. Theme Switcher .. Ultimate SEO URLs 5 Pro .. UPS XML Rates & Svcs 1.4 .. USPS methods 7.3.1 .. Who's Online Dashboard . Fixes: Add to cart -> 'product not found' : FIX Login issues with IE 11 : FIX Tools: Incredibly Handy: osC Xref Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.