Jump to content
rayge

Issue with Recreate Session = true

Recommended Posts

I have a live site where there is suddenly a huge issue. Upon purchase RANDOMLY the order data gets overwritten. IE THE customer data is wrong, being overwritten with some other user's data.

Obviously this sounds like a session issue so I went to set Recreate Session = true in the admin and with it on, no one can actually login. it ACTS like it logged in, IE showing 2 in cart after login for me, but if I Click the cart it tells me to login again.

How might i debug this issue?

THANKS for any help!

Share this post


Link to post
Share on other sites

This can happen when either the osCsid has been indexed in a search engine, you have hardcoded a URL somewhere that contains the osCsid and you haven't enabled other options in admin that will check to see if the session being recreated belongs to the user that has stumbled across one of those bad links.

It might shed some more light on it if you said which payment module you're using too but for now try below.

Make sure Prevent Spider Sessions is set to True

You can also set the Check User Agent to True

Try setting Check IP Address to true, I've found this can sometimes have unpredictable results for payment gateway callback URL's so test this one fully before committing.

Try setting Force Cookie Use (again sometimes unpredictable in my experience so test fully)


If it still don't work, hit it again!

Senior PHP Dev with 18+ years of commercial experience for hire, all requirements considered, see profile for more information.

Is your version of osC up to date? You'll find the latest osC version (the community-supported responsive version) here.

Share this post


Link to post
Share on other sites

I'm not finding any Links with the OSCID in it.

Payment module is Auth.net

Again the issue right now is WITH Recreate Session = true
Login becomes an endless loop IE its not HOLDING the session. and according to what i've read using this setting on TRUE could fix the problem with the cross user stuff... If this aspect can be solved.
I truly think if i can get this setting to FUNCTION it would solve the issue.

RIght now its not showing the OSCID in the URL but forcing Cookie DOES DISPLAY the OSCID in the url.
Prevent Spider Sessions is set to True

THANKS

Share this post


Link to post
Share on other sites

PM the address to your site and I'll register with a test account.  It would help throw more light on it and as I've never been to your site before there's no danger of stale session cache conflicts.


If it still don't work, hit it again!

Senior PHP Dev with 18+ years of commercial experience for hire, all requirements considered, see profile for more information.

Is your version of osC up to date? You'll find the latest osC version (the community-supported responsive version) here.

Share this post


Link to post
Share on other sites

I'm still looking for someone to help me on this. if someone know how the code for Recreate Session = true is suppose to function and the related code to it please let me know so i can track it down and fix it.

Share this post


Link to post
Share on other sites
On ‎7‎/‎14‎/‎2019 at 3:11 PM, rayge said:

THE customer data is wrong, being overwritten with some other user's data.

This can happen if you are using cache and it is not set to a local directory.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×