Google Checkout Session Challenge (brainstorming needed)

[zcnb]

Google Checkout now works very nicely on my website (still the test site and GCO's sandbox).

One troubling issue, however, is the fact that a customer that made a purchase using GCO without logging into my website, cannot return for a 2nd or 3rd download after an hour or so. Instead, she receives "Session Expired". This is despite the browser not been closed and valid and despite Cart Expiration Time (Minutes) set to NONE in the GCO admin page.

Being able to download a purchased product several times over a week is a feature that I offer to my customers, in case something went wrong with the first download (or the customer simply misplaced the downloaded file).

I contacted the Google Checkout API Support and they realized pretty quickly that this is not a bug but rather a result of two conflicting requirements:

1. Checkout without having to log in.
2. Preserve sessions to some extent (at least until the download link expires).

The solution that was proposed by Google Checkout API Support was to place the GCO button after the login pages (yes, this was allowed by them since I only sell digital content).

The challenge now is: How to implement this?

I noticed that the GCO module is smart enough to enable/disable the GCO button depending on some conditions. Can I just add another condition that checks whether a customer is logged in?

Any ideas how to accomplish that?

[kuroi]

I'd agree with the analysis that this isn't a bug. If a customer doesn't create an account and login, then allowing them to come back to where they were is a tad difficult.

I believe that it is not Zen cart, but your PHP configuration that determines the length of your session and therefore how long data hangs around for. Zen Cart uses cookies where possible, but these are set to expire with the session, which makes sense for security reasons.

You could extend the session length in your php configuration (depending upon how much access your web host gives you to it), though this would also increase the risk to those of your customers who use public or shared computers.

You can test for whether a customer is logged in by using a condition such as

PHP Code:

if (isset($_SESSION['customer_id']) && $_SESSION['customer_id'] != '') {
  your code in here
} 


[zcnb]

kuroi, you are amazing. In one pithy reply you answered several questions that I had. Thank you!

Indeed, since the GCO module is a little more than a few lines of code, I would be leery to introduce extensive modifications modifications to it. Therefore, disabling the GCO button if the user is not logged in seems the safest workaround.

You can test for whether a customer is logged in by using a condition such as

PHP Code:

if (isset($_SESSION['customer_id']) && $_SESSION['customer_id'] != '') {
  your code in here
} 


This is exactly the tip that I needed for testing whether a customer is logged in.

Now, I need to find out how to disable the GCO button. My initial search found two relevant spots:

PHP Code:

  if(in_array($products[$i]['category'], $resticted_categories)) {
    $Gcart->SetButtonVariant(false);
    $Gwarnings[] = GOOGLECHECKOUT_STRING_WARN_RESTRICTED_CATEGORY;
    break;
  } 


PHP Code:

    function SetButtonVariant($variant) {
      switch ($variant) {
        case false:
            $this->variant = "disabled";
            break;
        case true:
        default:
            $this->variant = "text";
            break;
      }
    } 


I will continue to explore this and, once tested and working properly, I will post the solution here for the benefit of all.

In the meanwhile, additional insights, comments or ideas are welcome of course.

[zcnb]

You can test for whether a customer is logged in by using a condition such as

PHP Code:

if (isset($_SESSION['customer_id']) && $_SESSION['customer_id'] != '') {
  your code in here
} 


I finally got to looking again into this problem (sorry, GCO is not the highest priority on my list) and I discovered that before a customer logs in, 'customer_id' is not even defined...

Which mean the above condition cannot be properly evaluated and needs to be modified to something like this:

PHP Code:

if (isset($customer_id) && $customer_id != ''  && isset($_SESSION['customer_id']) && $_SESSION['customer_id'] != '') {
  your code in here
} 


I will report back when I have more information.

[kuroi]

I finally got to looking again into this problem (sorry, GCO is not the highest priority on my list) and I discovered that before a customer logs in, 'customer_id' is not even defined...

Which mean the above condition cannot be properly evaluated

It can and is evaluated properly throughout Zen Cart. The point of the isset component of the condition is to test whether the customer_id entry has been defined in the session array. If it hasn't, the customer's not logged in. If it is, then they almost certainly are, but I recommend the extra check in case the array component has been emptied but not properly reset (shouldn't happen but best to be safe).

[zcnb]

It can and is evaluated properly throughout Zen Cart. The point of the isset component of the condition is to test whether the customer_id entry has been defined in the session array. If it hasn't, the customer's not logged in. If it is, then they almost certainly are, but I recommend the extra check in case the array component has been emptied but not properly reset (shouldn't happen but best to be safe).

Thanks for correcting me, Kuroi - you are right in that it is evaluated properly without having to add the conditions for $customer_id that I added.

Now it's my turn to correct your original posting . Instead of:

PHP Code:

if (isset($_SESSION['customer_id']) && $_SESSION['customer_id'] != '') {
  your code in here
} 


It should be:

PHP Code:

if (!isset($_SESSION['customer_id']) || $_SESSION['customer_id'] == '') {
  your code in here
} 


Do you notice the slight difference and why it didn't work for me in the first place?

It works now.

[zcnb]

So now that this modification is tested working, here is a description of what needs be done.

But first please note this disclaimer: this change may violate Google Checkout policies, so before implementing this in your store you must receive explicit permission in writing from Google to incorporate this.

OK - here goes:

1. Add line 28 in includes\languages\english\modules\payment\googlecheckout.php:

PHP Code:

define('GOOGLECHECKOUT_STRING_WARN_CUSTOMER_NOT_LOGGED_IN', 'To enable the Google Checkout button please log in'); 


2. Add line 91 in includes\languages\english\modules\payment\gcheckout.php:

PHP Code:

if (!isset($_SESSION['customer_id']) || $_SESSION['customer_id'] == '') {
  $Gcart->SetButtonVariant(false);
  $Gwarnings[] = GOOGLECHECKOUT_STRING_WARN_CUSTOMER_NOT_LOGGED_IN 
} 


The main remaining problem right now is the text underneath the grayed out button ("disabled") that says "Not available for these items" when in fact the reason for being disabled is that the customer has not logged in yet.

Also, I find it very confusing for the customer to see two competing buttons below the shopping cart:
1. "Go to Checkout"
2. "Or login to use Google Checkout"

These are two incompatible checkout schemes which will very likely to confuse customers.

Thus, it will take me a while before introducing GCO to my operational site...

[DaveCB]

There is a post someplace around page 70 or so of this thread to instructs you how to hide the zen cart checkout button. The example is there, but I can not figure out which lines to comment out and to keep the PHP file running. I have attempted several combinations.

The last thing I did was change the actual graphic to a blank file. If a customer gets luck enough to click on exactly the correct spot on the screen, then they will end up in the zen checkout mode, but 99% will never get that far.

This simple end around solution worked for me.

The folks at zen and the folks at google need to get together and clean up several issues with this plugin.

The other major is, as you have mentioned, the ability to purchase a product through the store without forcing a customer to register and log in.

Dave Bruner

[DaveCB]

1. Add line 28 in includes\languages\english\modules\payment\googlecheckout.php:

PHP Code:

define('GOOGLECHECKOUT_STRING_WARN_CUSTOMER_NOT_LOGGED_IN', 'To enable the Google Checkout button please log in'); 


2. Add line 91 in includes\languages\english\modules\payment\gcheckout.php:

PHP Code:

if (!isset($_SESSION['customer_id']) || $_SESSION['customer_id'] == '') {
  $Gcart->SetButtonVariant(false);
  $Gwarnings[] = GOOGLECHECKOUT_STRING_WARN_CUSTOMER_NOT_LOGGED_IN 
} 


What file are you modifing in the second instance above? There is no file named "Gcheckout.php" . Are you adding a line 91 to the googlecheckout file as in the first change, or is this a different file and you got the directory and filename incorrect?

[zcnb]

What file are you modifing in the second instance above? There is no file named "Gcheckout.php" . Are you adding a line 91 to the googlecheckout file as in the first change, or is this a different file and you got the directory and filename incorrect?

Sorry. I had a typo in the directory name. The filename gcheckout.php is correct. However it is in the directory /googlecheckout and not as written above.