[Date Prev][Date Next][Thread Prev][Thread Next][Minivend by date
][Minivend by thread
]
Re: [mv] Loosing the cart/ssl
****** message to minivend-users from Mike Heins <mikeh@minivend.com> ******
Quoting Sebastian Wain (swain@helicoid.com):
> Thank You!!!
> But, this bug is very old, nobody touch it before?
>
> On Fri, 8 Sep 2000 16:53:01 +0200 (CEST)
> jojo@buchonline.net wrote:
>
> > > I loose my cart in the step (3), I begin a connection with ssl in step (2) seeing the cart.
> > >
> > > * Joachim:
> > >
> > > If I use cookies, I don't loose the shopping cart (if I don't use cookies and don't use ssl I don't loose the shopping cart)
> > > I am using the 4.04 version, and I tried with Interchange too with the same results.
> > >
> > >
> > > Thank You
> > > Sebastian Wain
> >
> > There is a little bug in bin/minivend! The variable "shost" is not
> > right and has "Yes" or "No" instead of an IP-Number!
> >
> > Mike,
> >
> > did you fix that?
> >
> > This is my dirty quick solution!
> >
> > ---------------diff------------
> > --- minivend.test Wed Aug 2 14:11:05 2000
> > +++ minivend Wed Aug 2 14:11:05 2000
> > @@ -1326,7 +1327,13 @@
> > }
> > my $now = time;
> > if(! $from_cookie) {
> > + $Vend::Session->{shost} = $CGI::secure;
> > +#jojo
> > if( is_retired($sessionid) ) {
> > new_session();
> > last RESOLVEID;
> > }
> > @@ -1336,22 +1343,25 @@
> > if(! $compare_host) {
> > new_session() unless $CGI::secure;
> > $Vend::Session->{shost} = $CGI::secure;
> > }
> > elsif ($compare_host ne $CGI::remote_addr) {
> > #jojo
> > +# this delete the carts!!! new_session();
> > }
> > }
> > if ($now - $Vend::Session->{'time'} > $Vend::Cfg->{SessionExpire}) {
> > ---------------diff------------
This is not a complete diff, and there is no version information. It doesn't
match Interchange.
I still don't know what anyone is talking about. If you don't use WideOpen and
don't use cookies, you are going to lose your cart unless your secure server is
the same as your non-secure.
I would need some explanation of:
1. Exactly what the patch does.
2. Version this is against.
3. A complete diff.
The best mechanism to handle a separate secure and non-secure server is:
AlwaysSecure order ord/basket ord/checkout
In other words, only submit orders and do order-related things against
the secure server. If you do form-based orders, use [process secure=1]
as the form action.
--
Akopia, Inc., 131 Willow Lane, Floor 2, Oxford, OH 45056
phone +1.513.523.8220 fax 7501 <heins@akopia.com>
Any man who is under 30, and is not liberal, has not heart; and any man
who is over 30, and is not a conservative, has not brains.
-- Winston Churchill
-
To unsubscribe from the list, DO NOT REPLY to this message. Instead, send
email with 'UNSUBSCRIBE minivend-users' in the body to Majordomo@minivend.com.
Archive of past messages: http://www.minivend.com/minivend/minivend-list
