Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Producs viewed by the logged in user are in the cart after next login


Peter81

Recommended Posts

I have problem with my store.

I'm using SSL and in the "sessions" configuration 2 options enabled: force cookie usage and prevent sessions start by bots.

I noticed a strange behavior:

When a logged in user watch products and logs out - next time he logs in the previously watched products are in his shopping cart :(

Could you please suggest me where I can have a bug?

 

Thank you.

Link to comment
Share on other sites

Nice...aquatic stuff....right up my alley.   Unfortunately I can't find my way around because of the language issue...I struggle with English.   Maybe someone else can help.   Posting your configuration file might help too, just be sure to remove your logon details and any other sensitive information.

Dan

Link to comment
Share on other sites

Thank you,

here is my config:

 addDefine('HTTP_SERVER', 'https://sklep.roslinyakwariowe.local'); // eg, http://localhost - should not be empty for productive servers
  addDefine('HTTP_CATALOG_SERVER', 'https://sklep.roslinyakwariowe.local'); // eg, http://localhost - should not be empty for productive servers
  addDefine('HTTPS_SERVER', 'https://sklep.roslinyakwariowe.local'); // eg, https://localhost - should not be empty for productive servers
  
  addDefine('ENABLE_SSL', true); // secure webserver for checkout procedure?
  addDefine('HTTP_COOKIE_DOMAIN', 'roslinyakwariowe.pl');
  addDefine('HTTPS_COOKIE_DOMAIN', 'roslinyakwariowe.pl');
  
  addDefine('HTTP_COOKIE_PATH', '/');
  addDefine('HTTPS_COOKIE_PATH', '');
  addDefine('DIR_WS_CATALOG', '/'); // absolute path required
  addDefine('DIR_WS_HTTP_CATALOG', '/');
  addDefine('DIR_WS_HTTPS_CATALOG', '');
  addDefine('DIR_WS_IMAGES', 'images/');
  addDefine('DIR_WS_MANUALS', 'instrukcja/');
  addDefine('DIR_WS_CATALOG_MANUALS', DIR_WS_CATALOG . 'instrukcja/');

  addDefine('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
  addDefine('DIR_WS_INCLUDES', 'includes/');
  addDefine('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
  addDefine('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
  addDefine('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
  addDefine('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
  addDefine('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
  addDefine('DIR_FS_CACHE_XSELL', 'cache/');
  addDefine('DIR_WS_CACHE_XSELL', 'cache/');
  addDefine('DIR_FS_IMAGES', realpath(dirname(__FILE__). '/../' . DIR_WS_IMAGES) . DIRECTORY_SEPARATOR);
  addDefine('DIR_FS_NG_CACHE', realpath(dirname(__FILE__). '/../ng_cache') . DIRECTORY_SEPARATOR);
  addDefine('DIR_FS_NG_CACHE_SQL', DIR_FS_NG_CACHE . 'sql/');
  addDefine('DIR_FS_NG_CACHE_IMAGE', DIR_FS_NG_CACHE . 'image/');
  addDefine('DIR_FS_NG_CACHE_VARS', DIR_FS_NG_CACHE . 'vars/');
  addDefine('DIR_FS_NG_CACHE_TPL', DIR_FS_NG_CACHE . 'tpl/');
  addDefine('DIR_FS_NG_CACHE_TPL_C', DIR_FS_NG_CACHE . 'tpl_c/');
  addDefine('DIR_FS_NG_CACHE_SMRT_C', DIR_FS_NG_CACHE . 'smrt_c/');

  addDefine('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
  addDefine('DIR_FS_CATALOG', 'C:/htdocs/roslinyakwariowe.local/');
  addDefine('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
  addDefine('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

// addDefine our database connection
  addDefine('DB_SERVER', 'xxx'); // eg, localhost - should not be empty for productive servers
  addDefine('DB_SERVER_USERNAME', 'xxx');
  addDefine('DB_SERVER_PASSWORD', 'xxx');
  addDefine('DB_DATABASE', 'xxx');
  addDefine('USE_PCONNECT', 'false'); // use persistent connections?
  addDefine('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'
// ship2pay
  addDefine('DIR_RP_LANGUAGES',       DIR_WS_LANGUAGES);
  addDefine('DIR_RP_MODULES',         DIR_WS_MODULES);

define('SMARTY_DIR', 'new15/lib/Smarty-3.1.14/libs' . DIRECTORY_SEPARATOR);
define('SMARTY_DATA_DIR', 'new15' . DIRECTORY_SEPARATOR);

 

-----------

p.s. 5.PHP 2.17 (Zend: 2.2.0)

Link to comment
Share on other sites

  • 2 weeks later...

I don't but I'm surprised that others haven't chimed in....looking at your configuration file I do wonder why the word "add" is in front of the defines though and also why you have ".local" at the end of the site name.   Is your site not on-line?

Dan

Link to comment
Share on other sites

I try with your test login and it happens what you describe.

With my FireFox, I can see cookies and I don't understand why a new osCsid is generated for each url I looked.

Another thing I don't understand : in your config file, addDefine('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'  but the path (chemin in french below) is not mysql.

Nom    __lc.visitor_id.8887059
Valeur    S1499095796.cac3d5df90
Domaine (host)    .roslinyakwariowe.pl
Chemin    /
Expire le    Sun, 29 Mar 2020 15:29:57 GMT
Sécurisé    Non
HttpOnly    Non

Nom    lc_window_state
Valeur    minimized
Domaine (host)    .roslinyakwariowe.pl
Chemin    /
Expire le    À la fin de la session
Sécurisé    Non
HttpOnly    Non

Nom    cookie_test
Valeur    please_accept_for_session
Domaine (host)    sklep.roslinyakwariowe.pl
Chemin    /akcesoria-narzedzia/
Expire le    Wed, 02 Aug 2017 15:29:56 GMT
Sécurisé    Non
HttpOnly    Non

Nom    cookie_test
Valeur    please_accept_for_session
Domaine (host)    sklep.roslinyakwariowe.pl
Chemin    /akcesoria-narzedzia/komplety-narzedzi/
Expire le    Wed, 02 Aug 2017 15:30:05 GMT
Sécurisé    Non
HttpOnly    Non

Nom    cookie_test
Valeur    please_accept_for_session
Domaine (host)    sklep.roslinyakwariowe.pl
Chemin    /zdjecia/
Expire le    Wed, 02 Aug 2017 15:30:09 GMT
Sécurisé    Non
HttpOnly    Non

Nom    cookie_test
Valeur    please_accept_for_session
Domaine (host)    sklep.roslinyakwariowe.pl
Chemin    /
Expire le    Wed, 02 Aug 2017 15:30:47 GMT
Sécurisé    Non
HttpOnly    Non

Nom    listing_view
Valeur    2
Domaine (host)    sklep.roslinyakwariowe.pl
Chemin    /akcesoria-narzedzia/
Expire le    Mon, 10 Jul 2017 15:29:56 GMT
Sécurisé    Non
HttpOnly    Non

Nom    listing_view
Valeur    2
Domaine (host)    sklep.roslinyakwariowe.pl
Chemin    /akcesoria-narzedzia/komplety-narzedzi/
Expire le    Mon, 10 Jul 2017 15:30:05 GMT
Sécurisé    Non
HttpOnly    Non

Nom    listing_view
Valeur    2
Domaine (host)    sklep.roslinyakwariowe.pl
Chemin    /zdjecia/
Expire le    Mon, 10 Jul 2017 15:30:09 GMT
Sécurisé    Non
HttpOnly    Non

Nom    listing_view
Valeur    2
Domaine (host)    sklep.roslinyakwariowe.pl
Chemin    /
Expire le    Mon, 10 Jul 2017 15:30:47 GMT
Sécurisé    Non
HttpOnly    Non

Nom    osCsid
Valeur    sr9auhh9vpvr929p78f5q0q7g7
Domaine (host)    sklep.roslinyakwariowe.pl
Chemin    /zdjecia/
Expire le    À la fin de la session
Sécurisé    Non
HttpOnly    Non

Nom    osCsid
Valeur    1a4fh2112a5a9ngnnha1fkifv0
Domaine (host)    sklep.roslinyakwariowe.pl
Chemin    /akcesoria-narzedzia/komplety-narzedzi/
Expire le    À la fin de la session
Sécurisé    Non
HttpOnly    Non

Nom    osCsid
Valeur    0bphlje68a4dbovl6k62tk9qp0
Domaine (host)    sklep.roslinyakwariowe.pl
Chemin    /
Expire le    À la fin de la session
Sécurisé    Non
HttpOnly    Non

   
   
   
   
   
   
   

with OsC 2.2 since 2006 ...

Link to comment
Share on other sites

Hi, 

I also tried with the test account you provided and had the same results, but got no real clue by seeing this happen. Things that come to my mind is to look at the form in product_info.php or to try it with an unchanged version of that file if you changed something there. The same would go to the // Shopping cart actions part of  includes/application_top.php and maybe also to includes/functions/sessions.php.

You could also try to look at what changes in your sessions between each of the steps.

Best regards

Christoph

Link to comment
Share on other sites

  • 2 months later...

I still have this problem :(

 

In the product_info.php add to cart buttons looks like this:

 

 <?php echo tep_draw_hidden_field('products_id', $product_info['products_id']) . tep_image_submit('kupuje.gif', IMAGE_BUTTON_IN_CART); ?>
                                                                                              
                                                                                              
<div style="margin-top: 15px; margin-left: 0px;">
<?php
$isGratis = false;
if (in_array($product_info['products_type_id'], array(6, 7))) {
 $isGratis = true;
 }
if (!$isGratis) {
echo tep_draw_hidden_field('products_id', $product_info['products_id']) . tep_image_submit('kupuje.gif', IMAGE_BUTTON_IN_CART);
echo '</a>';
                                                            }
                                                            ?>
                                                        </div>              

Link to comment
Share on other sites

$isGratis = false;
if (in_array($product_info['products_type_id'], array(6, 7))) {

This is from some contribution? Do you know which one and what it is trying to achieve? Have you tried with an original product_info.php? My guess would be that this should add some products as gift to the shopping cart but is not working correctly.

Best regards

Christoph

Link to comment
Share on other sites

47 minutes ago, beerbee said:

$isGratis = false;
if (in_array($product_info['products_type_id'], array(6, 7))) {

This is from some contribution? Do you know which one and what it is trying to achieve? Have you tried with an original product_info.php? My guess would be that this should add some products as gift to the shopping cart but is not working correctly.

Best regards

Christoph

It's code which doesn't let to add a product to cart when the product has a special flag (gift). User can only add it in the shopping cart - depending on the cart value.

 

I've tried to use a original product_info.php but then I get 404 error for product pages and the standard redirection to the mainpage :(

Link to comment
Share on other sites

2 hours ago, radhavallabh said:

Hi, @Peter81

Try setting

Force Cookie Use to False

Check SSL Session ID to True

Recreate Session to True

This is what I use may be that could get your site working correctly without creating multiple sessions.

Thank you, I have tried that but the problem for automatically adding products for logged in users is still there :(

Also with with those options switched on - the oscd session parameter is still added to every product and doesn't want to disappear (it should after few clicks).

Link to comment
Share on other sites

There is a lot going on with that page. I would start by disabling the scripts on that page first to rule out anything there. Then sort out your configure.php file (you are sure this is osCommerce and not a fork?)

Then I would carefully compare the code in application_top.php against an original copy. I would also remove the free gift coding to see if that makes a difference.That's just for starters. Someone has done a lot of messing around with the core code on your site.

osCommerce user since 2003! :thumbsup:

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...