Jump to content
Larry Ullman's Book Forums

checkout page conflict


Recommended Posts

Hi Larry,

 

I think I have managed to sort out the problem regarding the the login status being lost when I go to the checkout page.

 

Basically, I implemented the login functionality from the 1st project into the ecommerce site.

Now in the config file for the 1st project, it contains the session_start() methhod. This starts the session and tracks logged in users.

Now when I go to the checkout page, an error is generated on the following line:

session_id(uid);

The error says:

'Cannot change session id when session is active.'

So because the session has already been started in the configuration file(from the 1st project), when it reaches the statement 'session_id(uid)' in the checkout page, an error is generated because the session is not supposed to be active at that point,  but it is, because it's been started in the configuration file to track logged in users.

 

To get around this error, I inserted a session_destroy() method in the checkout page just before

session_id(uid);

ie:

session_destroy();

session_id(uid);

and making it the first statement also in the checkout page  in the else clause.

} else {

session_destroy();

session_start();

$uid = session_id

This solves the problem, and I can now click on the checkout page without the error,  'Cannot change session id when session is active.'  being generated.

 

But the implication now is that, because session_destroy() destroys the session, the user's status is also affected, and hence the user being logged off.

 

In regards to the 1st project, a session_start() method needs to be inserted in the configuration file in order to be available to all the pages, and to track the logged in  user. But this is the line that is conflicting with the checkout page and generating an error, hence the session_destroy() being implemented to solve the problem.

So I'm in a catch 22 situation now. The session_destroy() method solves one problem, but creates another, ie logs out the user.

 

Qu 1: What solution can I implement to solve the above problem which will allow me to go to the checkout page without losing the login status, whilst allowing the session_start() method in the configuration file to track the logged in users?

 

I find that when I comment out the session_destroy() methods in the checkout page and leave the session_start() method in the configuration file. I now navigate to the checkout page, and then by clicking the back button to go back to the cart page, this inadvertently increments the items in the shopping cart by 1. This is because the url:

 

http://localhost:8888/cart.php?action=add&sku=C11

 

is being generated each time I go from the checkout page back to the cart page, I think!!

 

Qu 2: What could I do to avoid this issue, so that the items in the shopping cart will remain constant and not be incremented each time I go from the checkout page back to the cart page?

 

regards

Link to comment
Share on other sites

Right, if you're using session_destroy() it's going to destroy the session, which is not what you want. What you want is for every page to call session_start() once. If all pages include the configuration file, that should suffice. 

Link to comment
Share on other sites

Larry, before I saw your reply, I kinda found a way around the error message

'Cannot change session id when session is active' .

when I navigate to the checkout page.

What I did is put in the checkout page around the problematic line:

if(!isset($_SESSION)

{

session_id($uid);

...................................

}

So this worked perfectly because the code

session_id($uid);

would only execute if no session had started.

So now I can leave the session_start() method in the configuration file without any conflict when the checkout page is run.

Please let me know if my above logic makes sense.

 

regards

Link to comment
Share on other sites

Hi Larry,

 

To avoid the error:

'Cannot change session id when session is active.'

when trying to navigating to the checkout page, you suggested I make every page call session_start() once?

How would I make every page call session_start() once?

 

I tried to use:

   if( session_id($uid)) {

        session_start();
}

 

but the above method loses login status when I try to navigate to any random pages, just after I log in.

 

regards

Link to comment
Share on other sites

Conventionally, I make every page call session_start() once by invoking that line in a common file included by every page. This could be a configuration file or a dedicated file for handling session activity. 

Link to comment
Share on other sites

Hi Larry,

 

I've got to say, I'm slowly losing patience with what I am trying to do. I have tried everything, and when I think I have solved it, the solved problem generates a new error!

In the 'config.inc.php' file, the session_start() method is proving to be a problem. If I comment it out, then the login status is lost, when I go from page to page, which is not what I want.

If I include it, the login stats works fine, but everytime I go back to the cart page from the checkout page by clicking the page back button, the url:

http://localhost:8888/cart.php?action=add&sku=C11

 

is generated again, and whatever product is in the shopping cart, is increment by one, so if I have 1 item in the shopping cart, by clicking the back button from the checkout page, which takes me back to the cart page, the above url is sent back, and another item is added, so i would now have 2 items, which is not what I want.

I want the same number of items to be in the shopping cart.

 

So by clicking the browser back button from the checkout page, the url I should and want to get is:

http://localhost:8888/cart.php

and not the first url.

This would mean that no extra items would be added in the shopping cart.

I have tried everything possible, but I have literally run out of ideas.

Qu: Can you please help me resolve the above problems please, because I'm really tired and fresh out of ideas.

 

regards

 

Link to comment
Share on other sites

Yeah, I can appreciate the frustration. For what it's worth--and I mean this in a helpful way--it does seem sometimes that you're trying things to see if they work without really thinking through the implications or full ramifications of the change. That's going to be problematic. It's not uncommon as people are learning, but it's not ideal. I have found--especially while writing books--that verbally explaining to myself what the code does often illuminates the problem. Search for "rubber duck debugging"! 

So in this particular situation, the behavior you're seeing has nothing to do with the session_start() line and everything to do with how browsers behave. The URL http://localhost:8888/cart.php?action=add&sku=C11 adds that item to the cart. Every time you go to that URL it's going to add that item to the cart. This includes clicking the back button, which is you telling the browser to revisit that page. The back button is not going to send you to http://localhost:8888/cart.php because that's not the previous page/URL. There are two obvious ways to change this behavior:

1. Have cart.php redirect the browser to http://localhost:8888/cart.php after updating the cart. This way the URL http://localhost:8888/cart.php?action=add&sku=C11 is never part of the browser history. This is the route I'd take. Keep in mind cart.php can only do a redirection upon a change or else you'll create an infinite loop.

2. Make cart updates be POST requests instead of GET. This is easier but unseemly. 

Now going back a step, if you think about what session_start() does, you'll see it's not the cause of the problem. session_start() only starts a session. It's required to have shopping cart functionality but there's absolutely nothing in session_start() that's going to affect the shopping cart contents at all.

Link to comment
Share on other sites

 Share

×
×
  • Create New...