Magento multi-domain checkout issues - session

I have a Magento install with multiple domains (domain1.com, domain2.com) sharing a single checkout URL (checkoutdomain.com). The problem is when I proceed to cart and do to the new domain I get "no items in shopping cart" error. For some reason the session/cookies aren't being passed to the checkout domain.
I'm running Magento 1.7. I've gone to system/config/web/session cookie management and tried all of the following values in the cookie domain field:
.domain.com
.domain.com/
http://www.domain.com
http://www.domain.com
Should something else go here?
I also have cookie path field blank (default) and use http only set to yes (default).
I'm not sure what else to do here.

The first place I'd check is your store setup. Remember that you can't easily share a cart across multiple Websites, only Stores and Store Views (to use Magento's nomenclature).
Assuming that's fine, your next problem is ensuring that all of the domains use the same PHP session. You can do this by telling them all to use the same session id. Cookies are an ideal solution for this, but cookies do not work across completely different domains.
This means we have to explicitly tell checkoutdomain.com to session that we wish to load. We can force Magento to load a specific session by passing the session id as the SID GET parameter. You can get this value by calling Mage::getModel("core/session")->getEncryptedSessionId().

You should set web/session/use_frontend_sid to yes in your system configuration.

You should also keep in mind that not specifying a cookie path will make it default to the current path you are on when the cookie is set. You should default it to "/" to make sure it is being set globally for the site.

Related

Magento cart can only take one item

Our cart is facing the following issue - you can add one item to the cart - but not a second one. I have already check all the obvious in the system section for restrictions on the quantity (e.g. Unable to add product quantity more than one items in one order MAGENTO) - cookie life time - and many more. No misconfiguration was found. I am using Magento 1.6.2.0. The error was reproduced in Chrome and Safari on Mac OS X many times in a row. I am sorry that I can not post an URL. Moreover there is to know that the run-time environment is an Amazon EC2/RDS Service.
Sounds like the session is not stored. Can you make sure the cookie is set on the correct domain and the sessions are stored properly?
In case you're using file based sessions it could be the files can't be created due to permission issues in the var/session directory

How to keep session unchanged in codeigniter?

I'm trying to create a shopping cart by storing the cart in a table in a database, instead of using the built-in CI cart class. I use sessionID to identify one visitor from another. But I found that the sessionID is changing for a period of time, even the visitor doesn't close the browser.
Is this a normal behavior of CI to renew the sessionID for a short period of time? Is there a way to make it unchanged until the visitor close the browser?
Thank you at advance.
Also, make sure in your config file you have cookie_prefix set.. see bottom of: http://ellislab.com/codeigniter/user_guide/libraries/sessions.html
If your session is contstantly being reset using the CI Session library, make sure the cookie domain is set to something like:
$config['cookie_domain'] = '.mysite.com'; // the . is for a wildcard subdomain

Magento: ?___SID=U appearing in some urls

Can someone please explain why ?___SID=U is appearing in some Magento URLs on my site and not others?
I think it has something to do with sessions but I am not entirely clear. Also, what makes it more confusing is the fact that it's only appearing in some URLs and not others.
I don't need to know how to remove it as I am aware of the setting in the admin area. I would really like an explanation of what it is, what its purpose is and why it would show on some pages and not others. id rather understand what's going on fully than blindly follow some advice as to how to remove it.
I addition to Brendan's answer, the ___SID=U is used in the cache as a placeholder for the session ID. It is replaced by Mage_Core_Model_Url::sessionUrlVar() which in turn calls Mage_Core_Model_Url::sessionVarCallback(). These methods are called from Mage_Core_Block_Abstract::_afterCacheUrl(), which means that any URL found in block output will contain the correct session ID (if needed).
So to get rid of the parameter in your own code the "right way" use this:
$url = Mage::getUrl('some/magento/route'); // might append ___SID parameter
$url = Mage::getModel('core/url')->sessionUrlVar($url); // process ___SID
If the string still displays in the rendered page that is a bug. Are you using some custom caching module, or generating URL's using a non-standard way?
The SID is a "session ID". Magento uses this to track a user's activity within the same Magento installation. Normally, Magento powers one website and one store from one installation (database).
Magento could power multiple websites with multiple stores from one installation though. The SID allows users to stay logged in while navigating across these websites/stores.
I think if you have the function enabled, the SID is sent when accessing catalog URLs so Magento can update the session with the user's location/state for the current website/store.
If you're not running a multi-website or multi-store environment, it's safe to disable the SID on the frontend.
Just something i come across today and though i make a comment, maybe it will help someone.
I found that Magento will format/create an incorrect product url (inc. Session Id) if there were some errors during processing the page. This is not consistent though.
It worth having a look at your server logs for PHP errors.
This is a general Magento 2 bug which is already reported to magento.
Temporary fix is
Go to Document Root,
Find .htaccess and add
RewriteCond %{HTTP_HOST} ^abc.com
RewriteRule ^(.*) www.abc.com/$1 [L,R=301]
below.
This should solve the issue. For me this work in M2.1
All the best.
Reference : https://github.com/magento/magento2/issues/5517
I hunted for hours to find this and the precise answer was a combination of the other answers listed here. First, I cranked up my PHP error reporting and error logging (thanks Gergely Varga). I saw this:
PHP Fatal error: Call to undefined function mb_strrpos() in /var/www/html/app/code/local/ManaPro/FilterAjax/Model/Observer.php on line 59
So, one of our installed extensions requires the php-mbstring package, which my server didn't have installed. As soon as I installed that, the SID=U URLs all disappeared. (In future I'll be running Magento's pre-install checks before copying an existing install over to a new server!)
Thanks to Vinai too for the background of what this tag is for.
Go to Store > Configuration > General > Web > Session Validation Settings > Use SID on Storefrontand and set the value to No.
Clear the Magento cache

Magento session lost when switching to https from http

I've searched high and low for a solution to this, with no luck. My host told me they are too busy to help.
Magento 1.4.2 // SSL cert
1- When I add an item to cart, the page reloads and my item is added to cart. [good]
2- Next, I click home, and my items are no longer visible in cart sidebar. [bad]
3- Next, I click "Tops", and my items are still not visible in cart sidebar. [bad]
4- Next , I click "Bottoms" and the items show just fine.
In all cases where the cart isn't visible, I can add https to the URL and the cart loads up just fine. Can anyone help me figure out why my session is being lost between http and https?
I have all my backend web cookie settings set to "no" except for sID.
Also- When a user is logged in, the cart items ALWAYS show on the right. It's only screwy if they're a guest.
Thanks guys, if you need me to post any code let me know.
wwwdotlylifdotcom
EDIT: Here is a screenshot of my cookies session in firebug (not exactly sure what I am looking at). Hope this helps.
And here is my Session settings in magento: I have tried just about every variation of turning these on and off.
EDIT!
This issue has actually been narrowed down to a cache issue. We found out that when the cache is dumped/deleted, the website works properly. But after a few minutes of surfing the problem happens again. Does anyone have any idea? (And should i change the question title?)
I'm using a module called Lightspeed from TinyBrick, and it seems the new cache options are messing with our site. =( I'm contacting them shortly.
**EDIT Tinybricks excellent support helped us out. Thanks for all of your suggestions.
Is the session cookie being set to be HTTPS-only? That'll prevent it from being carried over to regular HTTP requests, effectively giving the user two different sessions.
You have in your screenshot two frontend cookie with two domains, one with www and an other one without. Check if you have a correct domain name in the configuration > Web tab > Cookie Management > Cookie Domain (or something close to that). If it's empty set it to ".mydomain.com" and try again.
Check if you don't have different cookie domain in your configuration in the other store views, set them to "use website".
If still doesn't work, What are the values of the fields of cookie management and the cookie validation settings
We were experiencing similar issues where our custom nav (depending on whether a user was logged in or not, was not very consistent across different pages.
We followed the suggestion # http://ka.lpe.sh/2011/06/19/magento-checking-customer-admin-is-logged-in-or-not/ to check if a user was logged base on the frontend session variable before a rendering a particular block, and it seems to have done the trick.
Perhaps you can try something similar.
Tinybricks excellent support helped us out. Thanks for all of your suggestions. This was a localized problem based off cache and a module called Lightspeed.

Magento Admin login kicks me out back to the Admin login

After I enter my username and password and click "Login" it sends me back to the Login page with NO error messages. The URL changes to include a session key and that's it. Everytime I click Login again, the session key is regenerated and I still can't log into the admin interface.
I just encountered this problem on one of my servers (not a localhost installation). Turns out the system account was over quota, so I presume Magento was unable to create the necessary temporary files. (I noticed this when trying to create a directory on the server over ssh.)
So... maybe check to make sure the account under which Magento is running isn't over quota on your server? At the very least, it might not be a Magento problem directly.
Clear the contents of the directory var/cache and try again.
If that doesn't help check the table core_config_data in the database for records with a path value of "web/secure/base_url", "web/unsecure/base_url" and "admin/url/custom". These should match the page you are trying to log into (but without "index.php/admin/" at the end)
Finally check your browser's cookie settings and that the server's PHP is able to set cookies.
I was having the same problem running Magento 1.5.1 on my production server. I would log in to the admin, the url would show the address for the dashboard (with the secure key), but the screen would still be the login screen. There was no error. This happened with FF, Safari, and Chrome.
I fixed it by manually setting two core_config_data values in the database. They are as follows:
web/cookie/cookie_path = /
web/cookie/cookie_domain = "mydomain.com"
clear out var/cache and try to log in. For me, it worked.
Version 1.7.0.2 I have been moving my magento store from on server to another one, and I had the same problem. Use phpamdin to edit your database on new server, search for web/cookie/cookie_domain in 'config path row', the value is probably your old domain name: yourdomain.com, change that to your new domain name OR to your new IP address (new server). If you attend to use your old domain on new server environment you will probably want to set your story ready before you switch your name servers. That was the case for me, after I added my new server IP to web/cookie/cookie_domain instead of domain I was finally able to log into my magento backend.
I had some problems when on a local server. It was on http://server/username/ and so didn't have dots in it. If we changed the settings to be the IP address of the server then it was fine.
There can be several things that cause this behavior. This is my checklist. One of them will eventually fix it.
Click the "forgot password link" and then the "back" link. This will remove any possibly misplaced params in the URL as well as make sure you're on the right server (some installations have separate admin servers)
Clear cookies or use an incognito window
Try another browser
Local installations: Try using 127.0.0.1 instead of localhost (and update the base URL in the core_config_data table)
Clear Magento cache, full_page_cache, and session directories in the magento/var/ directory (and repeat 1 and 2)
Truncate the core_session table
Verify your Magento has correct memory settings
Check Magento system.log and exception.log files and debug
Check PHP's error logs and debug
I've experienced this issue using Opera, while in other browsers it worked fine.
Also, make sure to set correct cookie options in:
System > Configuration > Web > Cookie Settings
Also, make sure that your system time / time zone on the server and php and magento match up.

Resources