Keep Shopping Cart From Expiring So Fast

[Zean]

I want to allow shoppers who have not logged in to keep items in their cart for several hours instead of the default which I believe is 1440 seconds (24 minutes).

I looked at Admin>Config>Sessions and did not see a relevant configuration parameter.
So I also messed with /includes/functions/sessions.php with no success, playing with $SESS_LIFE.
SESSION_TIMEOUT_CATALOG sounds like it might be relevant but doesn't seem to be defined or assigned a value anywhere.
I do not want to changed the admin's login session life . . . just the shoppers' cart's life.
I'm not sure how to do it without messing up or if this is even the right approach to the problem.

Thanks!

zc155a
PHP Version: 5.6.27 (Zend: 2.6.0)
Apache Linux

[lat9]

Try the Keep Cart plugin; it hasn't been updated for a while, but should be OK.

[Zean]

I was hoping just a small change to /includes/functions/sessions.php would do the trick.

For example, I tried changing the line $SESS_LIFE = 1440 to $SESS_LIFE = 14409 yet the cart still was gone after 24 minutes.

Here's the sessions.php code from Zen Cart version 155a if anyone wants to take a quick look and make a suggestion . . .

Code:

<?php
/**
 * functions/sessions.php
 * Session functions
 *
 * @package functions
 * @copyright Copyright 2003-2016 Zen Cart Development Team
 * @copyright Portions Copyright 2003 osCommerce
 * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
 * @version $Id: Author: ksteslicki  Sun Jan 25 17:45:51 2015 -0800 Modified in v1.5.5 $
 */
if (!defined('IS_ADMIN_FLAG')) {
  die('Illegal Access');
}
  if (IS_ADMIN_FLAG === true) {
    if (PADSS_ADMIN_SESSION_TIMEOUT_ENFORCED != 0 && SESSION_TIMEOUT_ADMIN > 900) {
      $SESS_LIFE = 900;
    } else {
      $SESS_LIFE = (int)SESSION_TIMEOUT_ADMIN;
    }
  } else {
    if (defined('SESSION_TIMEOUT_CATALOG') && (int)SESSION_TIMEOUT_CATALOG > 120) {
      $SESS_LIFE = (int)SESSION_TIMEOUT_CATALOG;
    } else
    if (!$SESS_LIFE = get_cfg_var('session.gc_maxlifetime')) {
      $SESS_LIFE = 1440;
    }
  }

  function _sess_open($save_path, $session_name) {
    return true;
  }

  function _sess_close() {
    return true;
  }

  function _sess_read($key) {
    global $db;
    $qid = "select value
            from " . TABLE_SESSIONS . "
            where sesskey = '" . zen_db_input($key) . "'
            and expiry > '" . time() . "'";

    $value = $db->Execute($qid);

    if (isset($value->fields['value']) && $value->fields['value']) {
      $value->fields['value'] = base64_decode($value->fields['value']);
      return $value->fields['value'];
    }

    return ("");
  }

  function _sess_write($key, $val) {
    global $db;
    if (!is_object($db)) return;
    $val = base64_encode($val);

    global $SESS_LIFE;
    $expiry = time() + $SESS_LIFE;

    $sql = "insert into " . TABLE_SESSIONS . " (sesskey, expiry, `value`)
            values (:zkey, :zexpiry, :zvalue)
            ON DUPLICATE KEY UPDATE `value`=:zvalue, expiry=:zexpiry";
    $sql = $db->bindVars($sql, ':zkey', $key, 'string');
    $sql = $db->bindVars($sql, ':zexpiry', $expiry, 'integer');
    $sql = $db->bindVars($sql, ':zvalue', $val, 'string');
    $result = $db->Execute($sql);

    return (!empty($result) && !empty($result->resource));
  }

  function _sess_destroy($key) {
    global $db;
    $sql = "delete from " . TABLE_SESSIONS . " where sesskey = '" . zen_db_input($key) . "'";
    $db->Execute($sql);
    return TRUE;
  }

  function _sess_gc($maxlifetime) {
    global $db;
    $sql = "delete from " . TABLE_SESSIONS . " where expiry < " . time();
    $db->Execute($sql);
    return true;
  }


  // Initialize session save-handler
  session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', '_sess_destroy', '_sess_gc');
  // write and close session at the end of scripts, and before objects are destroyed
  register_shutdown_function('session_write_close');


  function zen_session_start() {
    @ini_set('session.gc_probability', 1);
    @ini_set('session.gc_divisor', 2);
    if (IS_ADMIN_FLAG === true) {
      @ini_set('session.gc_maxlifetime', (SESSION_TIMEOUT_ADMIN > 900 ? 900 : SESSION_TIMEOUT_ADMIN));
    } elseif (defined('SESSION_TIMEOUT_CATALOG') && (int)SESSION_TIMEOUT_CATALOG > 120) {
      @ini_set('session.gc_maxlifetime', (int)SESSION_TIMEOUT_CATALOG);
    }
    if (preg_replace('/[a-zA-Z0-9,-]/', '', session_id()) != '')
    {
      zen_session_id(md5(uniqid(rand(), true)));
    }
    $temp = session_start();
    if (!isset($_SESSION['securityToken'])) {
      $_SESSION['securityToken'] = md5(uniqid(rand(), true));
    }
    return $temp;
  }

  function zen_session_id($sessid = '') {
    if (!empty($sessid)) {
      $tempSessid = $sessid;
      if (preg_replace('/[a-zA-Z0-9,-]/', '', $tempSessid) != '')
      {
        $sessid = md5(uniqid(rand(), true));
      }
      return session_id($sessid);
    } else {
      return session_id();
    }
  }

  function zen_session_name($name = '') {
    if (!empty($name)) {
      $tempName = $name;
      if (preg_replace('/[a-zA-Z0-9,-]/', '', $tempName) == '') return session_name($name);
      return FALSE;
    } else {
      return session_name();
    }
  }

  function zen_session_write_close() {
    return session_write_close();
  }

  function zen_session_destroy() {
    return session_destroy();
  }

  function zen_session_save_path($path = '') {
    if (!empty($path)) {
      return session_save_path($path);
    } else {
      return session_save_path();
    }
  }

  function zen_session_recreate() {
    global $http_domain, $https_domain, $current_domain;
      if ($http_domain == $https_domain) {
      $saveSession = $_SESSION;
      $oldSessID = session_id();
      session_regenerate_id();
      $newSessID = session_id();
      session_id($oldSessID);
      session_id($newSessID);
      session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', '_sess_destroy', '_sess_gc');
      $_SESSION = $saveSession;
      if (IS_ADMIN_FLAG !== true) {
        whos_online_session_recreate($oldSessID, $newSessID);
      }
    }
  }

btw, yes, I saw the Keep Cart addon. I should have mentioned that. I had decided that was not a good choice for me because there is no support thread or any discussion about it in the forum and my concern it could result in unanticipated Zen Cart behavior.

[DrByte]

The 1440 comes from your php.ini configuration ... which is the default value that PHP sets out-of-the-box.

[Zean]

The 1440 comes from your php.ini configuration ... which is the default value that PHP sets out-of-the-box.

However, for example, changing the 900 in sessions.php

Code:

  if (IS_ADMIN_FLAG === true) {
    if (PADSS_ADMIN_SESSION_TIMEOUT_ENFORCED != 0 && SESSION_TIMEOUT_ADMIN > 900) {
      $SESS_LIFE = 900;

to this

Code:

 if (IS_ADMIN_FLAG === true) {
    if (PADSS_ADMIN_SESSION_TIMEOUT_ENFORCED != 0 && SESSION_TIMEOUT_ADMIN > 86400) {
      $SESS_LIFE = 86400;

keeps the admin open for 24 hours.

So, I would like to do the kind of thing to keep the cart from being deleted so fast for shoppers that have not logged in.

However, unlike the above change, changing the $SESS_LIFE assignment from 1440 in the below section of code has no discernible effect.

Code:

 if (defined('SESSION_TIMEOUT_CATALOG') && (int)SESSION_TIMEOUT_CATALOG > 120) {
      $SESS_LIFE = (int)SESSION_TIMEOUT_CATALOG;
    } else
    if (!$SESS_LIFE = get_cfg_var('session.gc_maxlifetime')) {
      $SESS_LIFE = 1440;

I don't understand why it works for the admin $SESS_LIFE but not for the shoppers' $SESS_LIFE.
Thanks!

[DrByte]

Right above your injected code is code that checks whether SESSION_TIMEOUT_CATALOG is defined, and if so, uses that.

Have you tried simply embracing that? Just create an /includes/extra_configures/my_ultra_long_session_timeout.php file and in it put:

Code:

<?php define('SESSION_TIMEOUT_CATALOG', 1441);

[Zean]

Right above your injected code is code that checks whether SESSION_TIMEOUT_CATALOG is defined, and if so, uses that.

Have you tried simply embracing that? Just create an /includes/extra_configures/my_ultra_long_session_timeout.php file and in it put:

Code:

<?php define('SESSION_TIMEOUT_CATALOG', 1441);

Hmm. I was so excited to try such an elegant solution. However, it breaks my Zen Cart. More specifically, adding the file/includes/extra_configures/my_set_session_timeout_catalog.php containing only the following code prevents the site from loading . . .

Code:

<?php define('SESSION_TIMEOUT_CATALOG', 1441);

What am I missing?

[carlwhat]

did any log files get created? if so, please post their contents....

[Zean]

did any log files get created? if so, please post their contents....

It does not cause a file to be created in /logs
I was thought I would see a new myDEBUG-xxxxx-yyyyyy.log file. But there are just old ones. So I added some non-syntactical garbage to the code just to make sure it would generate a myDEBUG-xxxxx-yyyyyy.log file. And, yes it did. So, I'm stumped.

[carlwhat]

zean,
an error that can be replicated, is an error that can be solved!

So I added some non-syntactical garbage to the code

where did you add this code? did you remove this new file prior to adding this code?

i tried adding the SESSION_TIMEOUT_CATALOG to my test system and it worked fine.... if your system is erroring out when adding that file and no debug errors get generated, that means that the extra includes files get added PRIOR to the overwrite that gets established for the zen debug logs. which means the error is still getting logged to the system PHP logs. do you have access to those logs on your server?

this seems like a rather simple problem, which means the answer should be staring you right in the face. have you tried adding echo statements in the suspect file before the include and right after the include?

there are a bunch of potential ways to find out what the problem might be.

i would DOUBLE/TRIPLE check your syntax on the new file, and if that looks good, i would add the echo statements before and after the define statement in the new file....

it is entirely possible that the define statement, 'MAY' be causing some problem down the line....

good luck!