Jump to content

php session randomly lost


gdfhghjdfghgfhf

Recommended Posts

I paid a programmer to make a shop basket script to work with Spreadshirt API. Everything is working perfectly, except that the basket keeps empting itself. I think the session is lost at some point so the script creates another BasketId.

I tried to find if there was a specific reason it was happenning, without any success... I can't reproduce the bug. It just happens randomly without any reason. Closing the browser, resetting apache or even the whole webserver won't provoke session lost.

I've got two different scripts working with cookies on the same domain and they don't have any problem (one is a cookie for the admin login session and the other cookie is to save the user's last viewed articles on the shop)

I tried all solutions found on google without any success : editing php.ini , forcing ini settings through php, tried the htaccess way, ...

Here's the "sessions" part of my phpinfo: http://gyazo.com/168e2144ddd9ee368a05754dfd463021

shop-ajax.php (session handling @ line 18)
 

    ini_set('session.cookie_domain', '.mywebsite.com' );
    header("Pragma: no-cache");
    header("Cache-Control: no-store, no-cache, max-age=0, must-revalidate");
    $language = addslashes($_GET['l']);
    $shopid = addslashes($_GET['shop']);
    
    
    // if($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
    //     die("no direct access allowed");
    // }
    
    
    
    if(!session_id()) {
      $lifetime=60 * 60 * 24 * 365;
      $domain = ".mywebsite.com";
       session_set_cookie_params($lifetime,"/",$domain);
        @session_start();
    }
    
    
    
    
    
    // Configuration
    $config['ShopSource'] = "com";
    $config['ShopId'] = $shopid;
    $config['ShopKey'] = "*****";
    $config['ShopSecret'] = "*****";
    
    
    
    /*
     * add an article to the basket
    */
    if (isset($_POST['size']) && isset($_POST['appearance']) && isset($_POST['quantity'])) {
        /*
         * create an new basket if not exist
        */
        if (!isset($_SESSION['basketUrl'])) {
            /*
             * get shop xml
            */
            $stringApiUrl = 'http://api.spreadshirt.'.$config['ShopSource'].'/api/v1/shops/' . $config['ShopId'];
            $stringXmlShop = oldHttpRequest($stringApiUrl, null, 'GET');
            if ($stringXmlShop[0]!='<') die($stringXmlShop);
            $objShop = new SimpleXmlElement($stringXmlShop);
            if (!is_object($objShop)) die('Basket not loaded');
    
            /*
             * create the basket
            */
            $namespaces = $objShop->getNamespaces(true);
            $basketUrl = createBasket('net', $objShop, $namespaces);
            $_SESSION['basketUrl'] = $basketUrl;
            $_SESSION['namespaces'] = $namespaces;
    
            /*
             * get the checkout url
            */
            $checkoutUrl = checkout($_SESSION['basketUrl'], $_SESSION['namespaces']);
    
            // basket language workaround
            if ($language=="fr") {
                if (!strstr($checkoutUrl,'/fr')) {
                    $checkoutUrl = str_replace("spreadshirt.com","spreadshirt.com/fr",$checkoutUrl);
                }
            }
    
            $_SESSION['checkoutUrl'] = $checkoutUrl;
    
        }
    
    
    
        /*
        Workaround for not having the appearance id 
        */
        if ($_POST['appearance']==0) {
            $stringApiArticleUrl = 'http://api.spreadshirt.'.$config['ShopSource'].'/api/v1/shops/' . $config['ShopId'].'/articles/'.intval($_POST['article']).'?fullData=true';
            $stringXmlArticle = oldHttpRequest($stringApiArticleUrl, null, 'GET');
            if ($stringXmlArticle[0]!='<') die($stringXmlArticle);
            $objArticleShop = new SimpleXmlElement($stringXmlArticle);
            if (!is_object($objArticleShop)) die('Article not loaded');
            $_POST['appearance'] = intval($objArticleShop->product->appearance['id']);
        }
    
    
        /*
         * article data to be sent to the basket resource
        */
        $data = array(
    
                'articleId' => intval($_POST['article']),
                'size' => intval($_POST['size']),
                'appearance' => intval($_POST['appearance']),
                'quantity' => intval($_POST['quantity']),
                'shopId' => $config['ShopId']
    
        );
    
        /*
         * add to basket
        */
        addBasketItem($_SESSION['basketUrl'] , $_SESSION['namespaces'] , $data);
    
        $basketData = prepareBasket();
    
    
        echo json_encode(array("c" => array("u" => $_SESSION['checkoutUrl'],"q" => $basketData[0],"l" => $basketData[1])));
    }
    
    
    
    
    // no call, just read basket if not empty
    if (isset($_GET['basket'])) {
        if (array_key_exists('basketUrl',$_SESSION) && !empty($_SESSION['basketUrl'])) {
    
            $basketData = prepareBasket();
    
            echo json_encode(array("c" => array("u" => $_SESSION['checkoutUrl'],"q" => $basketData[0],"l" => $basketData[1])));
        } else {
            echo json_encode(array("c" => array("u" => "","q" => 0,"l" => "")));
        }
    }
    
    
    
    
    
    
    function prepareBasket() {
    
        $intInBasket=0;
    
        if (isset($_SESSION['basketUrl'])) {
            $basketItems=getBasket($_SESSION['basketUrl']);
    
            if(!empty($basketItems)) {
                foreach($basketItems->basketItems->basketItem as $item) {
                    $intInBasket += $item->quantity;
                }
            }
        }
    
        $l = "";
        $pQ = parse_url($_SESSION['checkoutUrl']);
        if (preg_match("#^basketId\=([0-9a-f\-])*$#i", $pQ['query'])) {
            $l = $pQ['query'];
        }
    
        return array($intInBasket,$l);
    }
    
    
    
    
    
    
    
    // Additional functions
    function addBasketItem($basketUrl, $namespaces, $data) {
        global $config;
    
        $basketItemsUrl = $basketUrl . "/items";
    
        $basketItem = new SimpleXmlElement('<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
                <basketItem xmlns:xlink="http://www.w3.org/1999/xlink" xmlns="http://api.spreadshirt.net">
                <quantity>' . $data['quantity'] . '</quantity>
                <element id="' . $data['articleId'] . '" type="sprd:article" xlink:href="http://api.spreadshirt.'.$config['ShopSource'].'/api/v1/shops/' . $data['shopId'] . '/articles/' . $data['articleId'] . '">
                <properties>
                <property key="appearance">' . $data['appearance'] . '</property>
                <property key="size">' . $data['size'] . '</property>
                </properties>
                </element>
                <links>
                <link type="edit" xlink:href="http://' . $data['shopId'] .'.spreadshirt.' .$config['ShopSource'].'/-A' . $data['articleId'] . '"/>
                <link type="continueShopping" xlink:href="http://' . $data['shopId'].'.spreadshirt.'.$config['ShopSource'].'"/>
                </links>
                </basketItem>');
    
        $header = array();
        $header[] = createAuthHeader("POST", $basketItemsUrl);
        $header[] = "Content-Type: application/xml";
        $result = oldHttpRequest($basketItemsUrl, $header, 'POST', $basketItem->asXML());
    }
    
    
    
    function createBasket($platform, $shop, $namespaces) {
    
        $basket = new SimpleXmlElement('<basket xmlns:xlink="http://www.w3.org/1999/xlink" xmlns="http://api.spreadshirt.net">
                <shop id="' . $shop['id'] . '"/>
                </basket>');
    
        $attributes = $shop->baskets->attributes($namespaces['xlink']);
        $basketsUrl = $attributes->href;
        $header = array();
        $header[] = createAuthHeader("POST", $basketsUrl);
        $header[] = "Content-Type: application/xml";
        $result = oldHttpRequest($basketsUrl, $header, 'POST', $basket->asXML());
        $basketUrl = parseHttpHeaders($result, "Location");
    
        return $basketUrl;
    
    }
    
    
    
    
    
    
    function checkout($basketUrl, $namespaces) {
    
        $basketCheckoutUrl = $basketUrl . "/checkout";
        $header = array();
        $header[] = createAuthHeader("GET", $basketCheckoutUrl);
        $header[] = "Content-Type: application/xml";
        $result = oldHttpRequest($basketCheckoutUrl, $header, 'GET');
        $checkoutRef = new SimpleXMLElement($result);
        $refAttributes = $checkoutRef->attributes($namespaces['xlink']);
        $checkoutUrl = (string)$refAttributes->href;
    
        return $checkoutUrl;
    
    }
    
    /*
     * functions to build headers
    */
    function createAuthHeader($method, $url) {
        global $config;
    
        $time = time() *1000;
        $data = "$method $url $time";
        $sig = sha1("$data ".$config['ShopSecret']);
    
        return "Authorization: SprdAuth apiKey=\"".$config['ShopKey']."\", data=\"$data\", sig=\"$sig\"";
    
    }
    
    
    function parseHttpHeaders($header, $headername) {
    
        $retVal = array();
        $fields = explode("\r\n", preg_replace('/\x0D\x0A[\x09\x20]+/', ' ', $header));
    
        foreach($fields as $field) {
    
            if (preg_match('/(' . $headername . '): (.+)/m', $field, $match)) {
                return $match[2];
            }
    
        }
    
        return $retVal;
    
    }
    
    function getBasket($basketUrl) {
    
        $header = array();
        $basket = "";
    
        if (!empty($basketUrl)) {
            $header[] = createAuthHeader("GET", $basketUrl);
            $header[] = "Content-Type: application/xml";
            $result = oldHttpRequest($basketUrl, $header, 'GET');
            $basket = new SimpleXMLElement($result);
        }
    
        return $basket;
    
    }
    
    
    
    
    function oldHttpRequest($url, $header = null, $method = 'GET', $data = null, $len = null) {
    
        switch ($method) {
    
            case 'GET':
    
                $ch = curl_init($url);
                curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
                curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
                curl_setopt($ch, CURLOPT_HEADER, false);
    
                if (!is_null($header)) curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
    
                break;
    
            case 'POST':
    
                $ch = curl_init($url);
                curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
                curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
                curl_setopt($ch, CURLOPT_HEADER, true);
                curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
                curl_setopt($ch, CURLOPT_POST, true); //not createBasket but addBasketItem
                curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
    
                break;
    
        }
    
        $result = curl_exec($ch);
        curl_close($ch);
    
        return $result;
    
    }
    ?>


There's also 2 other parts of the script : a form to add a sample tshirt to the basket (example.php) and a script to call the ajax (shop-controller.js). Can post it if needed but there's no session handling stuff.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.