Jump to content

php session randomly lost

Guest

By Guest
in PHP Coding Help

Recommended Posts

Guest

Guest

Posted
Posted

I paid a programmer to make a shop basket script to work with Spreadshirt API. Everything is working perfectly, except that the basket keeps empting itself. I think the session is lost at some point so the script creates another BasketId.

I tried to find if there was a specific reason it was happenning, without any success... I can't reproduce the bug. It just happens randomly without any reason. Closing the browser, resetting apache or even the whole webserver won't provoke session lost.

I've got two different scripts working with cookies on the same domain and they don't have any problem (one is a cookie for the admin login session and the other cookie is to save the user's last viewed articles on the shop)

I tried all solutions found on google without any success : editing php.ini , forcing ini settings through php, tried the htaccess way, ...

Here's the "sessions" part of my phpinfo: [removed]

shop-ajax.php (session handling @ line 18)
  

    ini_set('session.cookie_domain', '.mywebsite.com' );
    header("Pragma: no-cache");
    header("Cache-Control: no-store, no-cache, max-age=0, must-revalidate");
    $language = addslashes($_GET['l']);
    $shopid = addslashes($_GET['shop']);
    
    
    // if($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
    //     die("no direct access allowed");
    // }
    
    
    
    if(!session_id()) {
      $lifetime=60 * 60 * 24 * 365;
      $domain = ".mywebsite.com";
       session_set_cookie_params($lifetime,"/",$domain);
        @session_start();
    }
    
    
    
    
    
    // Configuration
    $config['ShopSource'] = "com";
    $config['ShopId'] = $shopid;
    $config['ShopKey'] = "*****";
    $config['ShopSecret'] = "*****";
    
    
    
    /*
     * add an article to the basket
    */
    if (isset($_POST['size']) && isset($_POST['appearance']) && isset($_POST['quantity'])) {
        /*
         * create an new basket if not exist
        */
        if (!isset($_SESSION['basketUrl'])) {
            /*
             * get shop xml
            */
            $stringApiUrl = 'http://api.spreadshirt.'.$config['ShopSource'].'/api/v1/shops/' . $config['ShopId'];
            $stringXmlShop = oldHttpRequest($stringApiUrl, null, 'GET');
            if ($stringXmlShop[0]!='<') die($stringXmlShop);
            $objShop = new SimpleXmlElement($stringXmlShop);
            if (!is_object($objShop)) die('Basket not loaded');
    
            /*
             * create the basket
            */
            $namespaces = $objShop->getNamespaces(true);
            $basketUrl = createBasket('net', $objShop, $namespaces);
            $_SESSION['basketUrl'] = $basketUrl;
            $_SESSION['namespaces'] = $namespaces;
    
            /*
             * get the checkout url
            */
            $checkoutUrl = checkout($_SESSION['basketUrl'], $_SESSION['namespaces']);
    
            // basket language workaround
            if ($language=="fr") {
                if (!strstr($checkoutUrl,'/fr')) {
                    $checkoutUrl = str_replace("spreadshirt.com","spreadshirt.com/fr",$checkoutUrl);
                }
            }
    
            $_SESSION['checkoutUrl'] = $checkoutUrl;
    
        }
    
    
    
        /*
        Workaround for not having the appearance id 
        */
        if ($_POST['appearance']==0) {
            $stringApiArticleUrl = 'http://api.spreadshirt.'.$config['ShopSource'].'/api/v1/shops/' . $config['ShopId'].'/articles/'.intval($_POST['article']).'?fullData=true';
            $stringXmlArticle = oldHttpRequest($stringApiArticleUrl, null, 'GET');
            if ($stringXmlArticle[0]!='<') die($stringXmlArticle);
            $objArticleShop = new SimpleXmlElement($stringXmlArticle);
            if (!is_object($objArticleShop)) die('Article not loaded');
            $_POST['appearance'] = intval($objArticleShop->product->appearance['id']);
        }
    
    
        /*
         * article data to be sent to the basket resource
        */
        $data = array(
    
                'articleId' => intval($_POST['article']),
                'size' => intval($_POST['size']),
                'appearance' => intval($_POST['appearance']),
                'quantity' => intval($_POST['quantity']),
                'shopId' => $config['ShopId']
    
        );
    
        /*
         * add to basket
        */
        addBasketItem($_SESSION['basketUrl'] , $_SESSION['namespaces'] , $data);
    
        $basketData = prepareBasket();
    
    
        echo json_encode(array("c" => array("u" => $_SESSION['checkoutUrl'],"q" => $basketData[0],"l" => $basketData[1])));
    }
    
    
    
    
    // no call, just read basket if not empty
    if (isset($_GET['basket'])) {
        if (array_key_exists('basketUrl',$_SESSION) && !empty($_SESSION['basketUrl'])) {
    
            $basketData = prepareBasket();
    
            echo json_encode(array("c" => array("u" => $_SESSION['checkoutUrl'],"q" => $basketData[0],"l" => $basketData[1])));
        } else {
            echo json_encode(array("c" => array("u" => "","q" => 0,"l" => "")));
        }
    }
    
    
    
    
    
    
    function prepareBasket() {
    
        $intInBasket=0;
    
        if (isset($_SESSION['basketUrl'])) {
            $basketItems=getBasket($_SESSION['basketUrl']);
    
            if(!empty($basketItems)) {
                foreach($basketItems->basketItems->basketItem as $item) {
                    $intInBasket += $item->quantity;
                }
            }
        }
    
        $l = "";
        $pQ = parse_url($_SESSION['checkoutUrl']);
        if (preg_match("#^basketId\=([0-9a-f\-])*$#i", $pQ['query'])) {
            $l = $pQ['query'];
        }
    
        return array($intInBasket,$l);
    }
    
    
    
    
    
    
    
    // Additional functions
    function addBasketItem($basketUrl, $namespaces, $data) {
        global $config;
    
        $basketItemsUrl = $basketUrl . "/items";
    
        $basketItem = new SimpleXmlElement('<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
                <basketItem xmlns:xlink="http://www.w3.org/1999/xlink" xmlns="http://api.spreadshirt.net">
                <quantity>' . $data['quantity'] . '</quantity>
                <element id="' . $data['articleId'] . '" type="sprd:article" xlink:href="http://api.spreadshirt.'.$config['ShopSource'].'/api/v1/shops/' . $data['shopId'] . '/articles/' . $data['articleId'] . '">
                <properties>
                <property key="appearance">' . $data['appearance'] . '</property>
                <property key="size">' . $data['size'] . '</property>
                </properties>
                </element>
                <links>
                <link type="edit" xlink:href="http://' . $data['shopId'] .'.spreadshirt.' .$config['ShopSource'].'/-A' . $data['articleId'] . '"/>
                <link type="continueShopping" xlink:href="http://' . $data['shopId'].'.spreadshirt.'.$config['ShopSource'].'"/>
                </links>
                </basketItem>');
    
        $header = array();
        $header[] = createAuthHeader("POST", $basketItemsUrl);
        $header[] = "Content-Type: application/xml";
        $result = oldHttpRequest($basketItemsUrl, $header, 'POST', $basketItem->asXML());
    }
    
    
    
    function createBasket($platform, $shop, $namespaces) {
    
        $basket = new SimpleXmlElement('<basket xmlns:xlink="http://www.w3.org/1999/xlink" xmlns="http://api.spreadshirt.net">
                <shop id="' . $shop['id'] . '"/>
                </basket>');
    
        $attributes = $shop->baskets->attributes($namespaces['xlink']);
        $basketsUrl = $attributes->href;
        $header = array();
        $header[] = createAuthHeader("POST", $basketsUrl);
        $header[] = "Content-Type: application/xml";
        $result = oldHttpRequest($basketsUrl, $header, 'POST', $basket->asXML());
        $basketUrl = parseHttpHeaders($result, "Location");
    
        return $basketUrl;
    
    }
    
    
    
    
    
    
    function checkout($basketUrl, $namespaces) {
    
        $basketCheckoutUrl = $basketUrl . "/checkout";
        $header = array();
        $header[] = createAuthHeader("GET", $basketCheckoutUrl);
        $header[] = "Content-Type: application/xml";
        $result = oldHttpRequest($basketCheckoutUrl, $header, 'GET');
        $checkoutRef = new SimpleXMLElement($result);
        $refAttributes = $checkoutRef->attributes($namespaces['xlink']);
        $checkoutUrl = (string)$refAttributes->href;
    
        return $checkoutUrl;
    
    }
    
    /*
     * functions to build headers
    */
    function createAuthHeader($method, $url) {
        global $config;
    
        $time = time() *1000;
        $data = "$method $url $time";
        $sig = sha1("$data ".$config['ShopSecret']);
    
        return "Authorization: SprdAuth apiKey=\"".$config['ShopKey']."\", data=\"$data\", sig=\"$sig\"";
    
    }
    
    
    function parseHttpHeaders($header, $headername) {
    
        $retVal = array();
        $fields = explode("\r\n", preg_replace('/\x0D\x0A[\x09\x20]+/', ' ', $header));
    
        foreach($fields as $field) {
    
            if (preg_match('/(' . $headername . '): (.+)/m', $field, $match)) {
                return $match[2];
            }
    
        }
    
        return $retVal;
    
    }
    
    function getBasket($basketUrl) {
    
        $header = array();
        $basket = "";
    
        if (!empty($basketUrl)) {
            $header[] = createAuthHeader("GET", $basketUrl);
            $header[] = "Content-Type: application/xml";
            $result = oldHttpRequest($basketUrl, $header, 'GET');
            $basket = new SimpleXMLElement($result);
        }
    
        return $basket;
    
    }
    
    
    
    
    function oldHttpRequest($url, $header = null, $method = 'GET', $data = null, $len = null) {
    
        switch ($method) {
    
            case 'GET':
    
                $ch = curl_init($url);
                curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
                curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
                curl_setopt($ch, CURLOPT_HEADER, false);
    
                if (!is_null($header)) curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
    
                break;
    
            case 'POST':
    
                $ch = curl_init($url);
                curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
                curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
                curl_setopt($ch, CURLOPT_HEADER, true);
                curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
                curl_setopt($ch, CURLOPT_POST, true); //not createBasket but addBasketItem
                curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
    
                break;
    
        }
    
        $result = curl_exec($ch);
        curl_close($ch);
    
        return $result;
    
    }
    ?>


There's also 2 other parts of the script : a form to add a sample tshirt to the basket (example.php) and a script to call the ajax (shop-controller.js). Can post it if needed but there's no session handling stuff.

Link to comment
https://forums.phpfreaks.com/topic/296924-php-session-randomly-lost/
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.