Hello everyone, I'm hoping somebody here can help me out with a few quick questions.
1. I am under the impression that zen cart works with cookies disabled by appending the zenid to the end of the url when cookies are disabled. Is this the way it is supposed to work, or is it insecure to allow this?
2. In the main navigation (tpl_header.php), both the logo and the homepage do not use the zen_href_link function to build their urls, and thus don't include the zenid, breaking the session for those with cookies disabled, is this intentional, or is there a drawback to including the zenid if cookies are disabled (eg using the zen_href_link function to build the links rather than HTTP_SERVER . DIR_WS_CATALOG)?
3. There are many other instances of mods, customizations, etc that do not use the zen_href_link function, do I need to find all of them and change them to use this function in order to enable support for those with cookies disabled, or again, is this insecure?
Thanks for your time!
Results 1 to 4 of 4
-
5 Dec 2014, 11:13 PM #1
New Zenner
- Join Date
- Dec 2008
- Posts
- 22
- Plugin Contributions
- 0
Navigating with Sessions when Cookies are Disabled
-
14 Dec 2014, 03:14 AM #2
Sensei
- Join Date
- Jan 2004
- Posts
- 66,373
- Blog Entries
- 7
- Plugin Contributions
- 274
Re: Navigating with Sessions when Cookies are Disabled
You're asking a bunch of questions based on an assumption that you want to disable cookies. WHY?
In years past cookies were frowned upon. Nowadays they're commonplace. What's your rationale for wanting to prevent them?.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
-
16 Dec 2014, 10:46 PM #3
New Zenner
- Join Date
- Dec 2008
- Posts
- 22
- Plugin Contributions
- 0
Re: Navigating with Sessions when Cookies are Disabled
Thanks for responding. I don't want to prevent them, I was simply looking into finishing up enabling support for those with cookies disabled (not even sure if anyone would have cookies disabled, but we were having issues with session time outs, and add to cart redirecting to 404, sessions ending prematurely, etc similair to https://www.zen-cart.com/showthread....disabled/page2 which is what led me to this) since it seems like it is half-way implemented already, but should I instead just force everyone to use cookies? Then I don't see why force cookie use isn't set to true as default for zencart since it doesn't seem to work with cookies disabled anyways...?
Basically I'm just wondering if the support for non-cookie users is worth revisiting or just old code that's now irrelevant.Last edited by gunnzo; 16 Dec 2014 at 10:51 PM.
-
17 Dec 2014, 07:44 PM #4
New Zenner
- Join Date
- Dec 2008
- Posts
- 22
- Plugin Contributions
- 0
Re: Navigating with Sessions when Cookies are Disabled
And on another related note in that thread you mentioned session.use_only_cookies needs to be 0, is that still the case even though it is now defaulted to 1 in php?
Reply With Quote
Similar Threads
-
Sessions and cookies
By FreeArticlePublishin in forum Bug ReportsReplies: 1Last Post: 29 Nov 2010, 02:58 AM -
Google Chrome with Cookies Disabled
By DCDC in forum General QuestionsReplies: 6Last Post: 23 Nov 2010, 06:33 AM -
Message when cookies are disabled?
By orange_juice in forum General QuestionsReplies: 16Last Post: 13 Oct 2010, 10:19 AM -
[Done 1.4.0] shopping cart vanish if one return at home and cookies are disabled
By rob222 in forum Bug ReportsReplies: 4Last Post: 22 Oct 2008, 01:06 PM
Bookmarks