I need help!

[countingsheep]

I have a client, who insists that her customers are getting mixed up carts. She said that the cart will delete items on random, add items on random.

Here is a portion of an email from one of her customers:

i had alot of problems with the web site it kept putting my previous order on my new order, and would drop some of the items in my cart when i would go to another page

~~~~~~~~~
This does not happen with all customers, she has had two or three large orders today alone and steadily gets orders with quite a few customers throughout each day. I have checked to make certain that there is no session ids hardcoded into her site anywhere at all. I have checked the search engines to make sure there are no session ids that are linked in the search engines, nothing there that I could find.

She also checked today and said she saw that there were two carts with identical ip addresses in there at the same time but each cart had different items in it?


What do I check next?

[michael_s]

Your client hardcoded session ids somewhere and multiple customers are getting the same session id, thus they can see whatever else was put in that sessions cart by someone else. Look through all the custom pages and remove any hardcoded session IDs from any links.

[countingsheep]

Hi Michael, I have already checked the entire site for any session ids.. just to make sure I am checking the right thing, a session id is a link that looks like this:
http://www.website.com/shop/index.ph...61867784711aad

and instead of having the session id, it should look like this:

http://www.website.com/shop/index.php?cPath=1

Am I right? If so, there is nothing in there with the session ids linked. I double checked everything. If I am wrong, please let me know.

[countingsheep]

After searching into things more, I need to know if I have the following set up correctly:
in her admin, for the sessions, heres what I have:

Sessions


Session Directory nothing
Force Cookie Use False
Check SSL Session ID False
Check User Agent False
Check IP Address False
Prevent Spider Sessions True
Recreate Session False

In her includes/configure.php file here is what I have:




<?php
/*
osCMax v2.0, Open Source E-Commerce Solutions
osCommerce Documentation by OSCdox :: osCommerce and osCMax installation and users manual, discussion forums (News)

Copyright (c) 2005 osCMax

Released under the GNU General Public License
*/

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
define('HTTP_SERVER', 'http://www.plumpurdy.com/'); // eg, cPanel® - should not be empty for productive servers
define('HTTPS_SERVER', 'https://black.countingsheepwebdesigns.com/~plumrm/'); // eg, https://localhost - should not be empty for productive servers
define('ENABLE_SSL', true); // secure webserver for checkout procedure?
define('HTTP_COOKIE_DOMAIN', '.plumpurdy.com');
define('HTTPS_COOKIE_DOMAIN', '.countingsheepwebdesigns.com');
define('HTTP_COOKIE_PATH', 'shop/');
define('HTTPS_COOKIE_PATH', 'shop/');
define('DIR_WS_HTTP_CATALOG', 'shop/');
define('DIR_WS_HTTPS_CATALOG', 'shop/');
define('DIR_WS_IMAGES', 'images/');
define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
define('DIR_WS_INCLUDES', 'includes/');
define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
define('DIR_FS_CATALOG', '/home/plumrm/public_html/shop/');
define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

// define our database connection
define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers
define('DB_SERVER_USERNAME', 'xxxxx');
define('DB_SERVER_PASSWORD', 'xxxx');
define('DB_DATABASE', 'xxxxx');
define('USE_PCONNECT', 'false'); // use persistent connections?
define('STORE_SESSIONS', ''); // leave empty '' for default handler or set to 'mysql'
?>

[michael_s]

You need to change this:
Session Directory nothing

To a valid writable directory

or change this to 'mysql'

define('STORE_SESSIONS', ''); // leave empty '' for default handler or set to 'mysql'

[countingsheep]

What about this part:
Cache


Use Cache false
Cache Directory I have nothing in there, does that need to be changed?


And which is better for the stored sessions? Mysql or a directory?

[michael_s]

That is the only thing that can cause mixed sessions. Two or more people getting the same session ID. The only way this is possible is if the session ID is hardcoded in a url somewhere.

It could be indexed that way in a search engine, or somewhere on your site (or another site where someone posted a link with a session ID in it).

You could turn on 'Recreate Session' and when a users tries to check out, it doesn't matter what their initial session was, it will give them a new one. That will solve the issue once an for all.

[countingsheep]

Hi Michael I have included the option for recreating the sessions, however, the cart is still not including certain items. Are there symbols that conflict with the programming that may cause items to not be added to the cart? Or what else can I look for?

UPDATE: Ok, I removed symbols like these . ' # from the title of products as well as some symbols in the product descriptions that were in question, she has symbols in other product titles. I was then able to add all products the customer had attempted to add, signed into my account, trying to checkout and am unable to get past this:

This is currently the only shipping method available to use on this order.

United States Postal Service
An error occured with the USPS shipping calculations.
If you prefer to use USPS as your shipping method, please contact the store owner.

I verfied that my account has the correct shipping address as well as zip code and verified that her USPS was set up correctly. This WAS working she has had 1021 orders so far.

Whats next?

[countingsheep]

Ok, after a couple days of testing things, removing symbols we thought we had the problem remedied. However, on the side bar, we had put a couple items that we were "featuring" and hardcoded the links to them. There was no session id in the link, so, when a person would click on one of the items, add it to cart, then another item that was listed in the actual category to add to cart, all went well, then when they went back to the hardcoded links to add the second hardcoded linked item to the cart, it would delete the two previous items from the cart. So, I am assuming that they had a session id going with the first two items, then when they clicked on the second hard coded item, it cleared their session as if they were starting over. Am I right in that assumption?