[Date Prev][Date Next][Thread Prev][Thread Next][Minivend by date
][Minivend by thread
]
Re: Expire session after successful checkout
****** message to minivend-users from Frank Miedreich <miedreich@acm.org> ******
>****** message to minivend-users from Mike Lerley <mike@bfent.com>
>******
>
>Wouldn't that command expire ALL current sessions? What if someone else
>was in the
>middle of placing an order or browsing?
>-mike
>
>Ryan Hertz wrote:
>
>> ****** message to minivend-users from Ryan Hertz
>><rhertz@gyb.baits.com> ******
>>
>> Brian,
>>
>> Perhaps on the receipt page, you could try a SSI like <!#--exec
>> cmd="expire -c
>> catalog" -->
>> Just my initial thought, hope it helps.
>>
Hi,
Actually it would not usually expire any sessions at all, unless the expire
time for sessions in catalog.cfg is set to something really short. If it is
short enough, it would probably expire all sessions. It may even happen
that the only session that would not expire, is the session that initiates
the command, as this would usually be the most recently active session.
It may be useful to simply decide which session parameters you want to
clear, and either explicitely set them to empty at the end of the receipt
page via "[value...set...]", or (better solution IMHO), write a simple
userTag that clears all relevant values.
The problem here would be, that users who have started entering
information, but changed their mind before actually ordering, would not
have their session clear.
If your primary concern is privacy, I would suggest you clear the user
specific info upon entering the checkout page, at the cost of users having
to enter their data again if they return to browsing before final order
submission.
I guess my message is, expire will not really help you, no matter when and
where you do it. Decide under which condition, and at what points in the
shopping process, you want to delete user information. Then clear the
session data for that specific user at those points. You may want to
consider to provide the user with a button that lets them reset everything
at any time in your catalog. This would enable users to ensure their
privacy without inconveniencing users who visit you from a private computer.
Cheers, Frank
>> At 04:35 PM 2/11/99 , Brian T. Allen wrote:
>> >
>> > Hi Everyone,
>> > What I would like to do is expire a persons session after they have
>> > checked out. I don't use the Login feature, so someones information isn't
>> > stored in the system anywhere, except the session.
>> > What I want to avoid is someone buying something from my site using a
>> > computer at a library or cyber-cafe, then have someone else come in
>>and use
>> > the same machine, go to the site, and have the last persons information
>> still
>> > in there.
>> > One option may be a command at the end of the reciept page that clears
>> > the session, but is that too soon and will that cause problems?
>> >
>> > Thanks,
>> > Brian T. Allen
>> > <mailto:brian@purenetfx.com>brian@purenetfx.com
>>
>> Ryan Hertz tel 520-645-3812
>> Webmaster tel 800-645-BAIT
>> Advertising Director fax 520-645-2588
>> Gary Yamamoto Custom Baits, Inc. http://www.yamamoto.baits.com
>> -
>> To unsubscribe from the list, DO NOT REPLY to this message. Instead, send
>> email with 'UNSUBSCRIBE minivend-users' in the body to
>>Majordomo@minivend.com.
>> Archive of past messages: http://www.minivend.com/minivend/minivend-list
>
--
Frank Miedreich
Max-Planck-Institut fuer psychologische Forschung
-
To unsubscribe from the list, DO NOT REPLY to this message. Instead, send
email with 'UNSUBSCRIBE minivend-users' in the body to Majordomo@minivend.com.
Archive of past messages: http://www.minivend.com/minivend/minivend-list
