carlwhat,
Log back in to your account. When you get taken back to the main page, is login or logout shown in the green bar at the top? Does zc create a new session in going from http page to https page and vice versa?
Dave
carlwhat,
Log back in to your account. When you get taken back to the main page, is login or logout shown in the green bar at the top? Does zc create a new session in going from http page to https page and vice versa?
Dave
when i login, your site is at https. it stays at https. i can browse no problem. i can see my account data. no problem. as i initially showed in my screenshot above, it shows logout and my account in the green bar. if i manually change the url to http, i then appear to be logged out. i do not believe one can look at one's account data if ZC is set up for https as the session is different for http v https. if i try to go to my account, it then requires me to login back in. so my initial https session looks destroyed. but in fact it is not. the session is there, but one needs the zenid parameter in the url to reconnect to that existing https session. which is not being passed along in the url.
few things:
- this is NOT standard behavior for any user to manually change URLs.
- i am not sure how ZC handles the zenid in the url. perhaps someone else can chime in. some times it is there, some times it is not...
- 100% convinced this has nothing to do with timeouts.
- i was able to place an order no problem.
i am not sure if this "problem" would be solved by making the site all https. if so, i have found this approach to work fine for me as opposed to doing any redirects in the .htaccess:
https://github.com/zencart/zencart/pull/1525/files
(looks staged for the next version of ZC.)
hope that helps.
What browser are Dave224 and carlwhat using?
~Melanie
PRO-Webs, Inc. :: Recent Zen Cart Projects :: Zen Cart SEO – 12 Steps to Success
**I answer questions in the forum, private messages are NOT answered. You are welcome to contact us via our website for professional engagements.
The reason I ask, I saw similar behavior because of Chrome's datasaver function. I add no-transform to cache-control on all sites because Chrome cannot properly negotiate sessions with data saver on, which is on by default.
Data Saver
On your Android phone or tablet, open the Chrome app .
At the top right, tap More Settings.
Under "Advanced," tap Data Saver.
~Melanie
PRO-Webs, Inc. :: Recent Zen Cart Projects :: Zen Cart SEO – 12 Steps to Success
**I answer questions in the forum, private messages are NOT answered. You are welcome to contact us via our website for professional engagements.
Maybe it is on Dave's? =)
~Melanie
PRO-Webs, Inc. :: Recent Zen Cart Projects :: Zen Cart SEO – 12 Steps to Success
**I answer questions in the forum, private messages are NOT answered. You are welcome to contact us via our website for professional engagements.
That's your problem. v1.5.4 and older don't support hash_bits_per_character higher than 5.
Work with your host for the best way to drop that to 4 or 5 temporarily until you upgrade to the newer Zen Cart version.
Also note that the hash_bits_per_character is irrelevant after PHP 7.1 (it was renamed in 7.1.0). But that's moot since newer ZC versions work with the newer settings anyway.
Hence using the word "temporarily" above. :)
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
Melanie, carlwhat, I'm using Firefox 64.0 on Mac OS 10.13.6.
DrByte, I'll try to get session.hash_bits_per_character changed and report back. Thank you!
I've changed the value of session.hash_bits_per_character in the php.ini file and extensively tested the store. It works perfectly now. Thank you DrByte and the others who have helped fix this problem. Great support!!!
Bookmarks