[ic] Cookie on 4.8.3

Kevin Walsh interchange-users@interchange.redhat.com
Mon Mar 25 08:10:00 2002


> we had a shop on Interchange 4.6.5 that works fine on a BSD server 
> with a space provider.
> now we've a new Linux dedicated server with Red Hat 7.1 and the last 
> Interchange version 4.8.3.
> All works fine but there is a problem with persistent cookies:
> we need to maintain cart closing browser.
> In version 4.6.5 no problems, cookie was persistently maintained with 
> mv_save_session.
> In 4.8.3 we red thet we need to add set-cookie directive, like: 
> [set_cookie name="MV_SESSION_ID" value="yes" expire="[time gmt=1 
> adjust='+2190']%a, %d-%b-%Y %H:%M:%S GMT[/time]"].
> - Is it correct?
> (we tried to name it not mv_session_id but another name and the 
> browser can't recognise the order)
> We put it in result.html and inside the form.
> - Is it the right place?
> 
> It generates cookies, but, closing and reopening  browser, it 
> generate another cookie that overrides the previous and clear the 
> cart.
> 
You'll have to forgive me for saying that I think that's a daft idea.

You are expecting, judging by the intention of your code, to save
user session cookies for approx. three months.  That will mean that
you have to have SessionExpire set to the same value in your
catalog.cfg file to prevent the session files being removed.

If your site is visited more than a couple of times in those three
months, you will find yourself either running out of available
session IDs, or the session allocation routines spending ages
searching for an available session ID to give new visitors.

There are various other reasons why this is a bad idea, but what
I have said is reason enough not to do what you have said. :-)

I expect that all you need is the facility for your users to be
able to save and then re-load their cart contents.  Look at the
"set_cart" and "get_cart" facilities offered by the [userdb] tag.
Your registered users could use them, or you could probably knock
up a facility to automatically save cart contents and tie that to
a cookie value for later re-loading.

I can think of a way for you to set that session cookie expiry time,
but I'm not going to post it here - sorry.  Think about what you
really want and find another way to do it.

-- 
   _/   _/  _/_/_/_/  _/    _/  _/_/_/  _/    _/
  _/_/_/   _/_/      _/    _/    _/    _/_/  _/   K e v i n   W a l s h
 _/ _/    _/          _/ _/     _/    _/  _/_/    kevin@cursor.biz
_/   _/  _/_/_/_/      _/    _/_/_/  _/    _/