| Author |
Topic |
|
robfrompgmx
Starting Member
13 Posts |
 Posted - 2006-06-20 : 17:34:13
|
| We are having problems with shopping cart (session) details being lost during the order process at PGMx.com with our .asp pages.This is particularly frustrating because it is an intermittent problem, and it is costing us sales and business. I have an image tracker set up, counting 5 to 10 orders every day that can't continue at checkout. And this has been going on for months...Our programmer has been working on this unsuccessfully for weeks now, and it is really hurting our business.Does anyone here have lots of experience with SQL, ASP and server sessions? What causes session details to be lost, and how can this be prevented? Many times I can log into the client's account myself and see the shopping cart details, but I can't reproduce the problem.Help would be greatly appreciated! |
|
|
DustinMichaels
Constraint Violating Yak Guru
464 Posts |
Posted - 2006-06-20 : 17:53:05
|
| Is the session timeout not large enough? Have you tried increasing the value?Another thing you might want to check to see if your server is running a web garden. We had intermittent problems with session and it was due to the IIS server running as a web garden. |
 |
|
|
robfrompgmx
Starting Member
13 Posts |
Posted - 2006-06-20 : 19:33:21
|
| I will ask our programmer about increasing the value for the session timeout, but I am not sure if this is the issue.What is a web garden? We are running a dedicated server, so probably not.Also - is there a way to somehow track sessions to see what exactly is causing the session data to be lost, when it happens, etc? |
|
|
|
MichaelP
Jedi Yak
2489 Posts |
Posted - 2006-06-20 : 19:51:00
|
| You maybe be able to put something in your Global.asa that handles the OnSessionEnd and log that somehow.http://www.w3schools.com/asp/asp_globalasa.aspMichael<Yoda>Use the Search page you must. Find the answer you will. Cursors, path to the Dark Side they are. Avoid them, you must. Use Order By NewID() to get a random record you will.</Yoda>Opinions expressed in this post are not necessarily those of TeleVox Software, inc. All information is provided "AS IS" with no warranties and confers no rights. |
|
|
|
robfrompgmx
Starting Member
13 Posts |
|
|
MichaelP
Jedi Yak
2489 Posts |
Posted - 2006-06-21 : 08:50:32
|
| Well, to do cookie-less sessions with ASP 3.0 you have to write your own solution. I don't know of a native way in ASP3.0 to do cookie-less sessions. I've always written my own session handler in the past and it works great. Basically, you have a "session id" in the URL of your site, and each link / button contains that session ID so that as you go page to page, it knows what user you are. You store the values in your database, read them at the "top" of the page, and save them at the "bottom" of the page.In asp.net, it has a cookieless session option built-in.Changing from using the ASP Session object to a custom cookieless session system is a pretty big change. Michael<Yoda>Use the Search page you must. Find the answer you will. Cursors, path to the Dark Side they are. Avoid them, you must. Use Order By NewID() to get a random record you will.</Yoda>Opinions expressed in this post are not necessarily those of TeleVox Software, inc. All information is provided "AS IS" with no warranties and confers no rights. |
|
|
|
Kristen
Test
22859 Posts |
Posted - 2006-06-21 : 09:28:33
|
| I would log (or check your Web Log for) the UserAgent. We had a problem with the Security Patch to IE in conjunction with something else. The Security Patch modified the User Agent for IE so should be visible |
|
|
|
robfrompgmx
Starting Member
13 Posts |
Posted - 2006-06-21 : 16:55:08
|
| From looking at this some more, I think this problem is likely related to the fact that the authentication system our programmer has set up is not really secure at all.For security reasons, I won't go into exact detail, but it is possible to access a PGMx member account without actually authenticating and by default the shopping cart contents are not loaded. So while indirectly this may be a session problem, the real issue is that our system is not properly authenticating users before they continue with the order process.We have to make sure that the PGMx member is properly "logged in" and that the shopping cart details are automatically loaded when they authenticate.Any suggestions? |
|
|
|
Kristen
Test
22859 Posts |
Posted - 2006-06-24 : 01:20:52
|
| "Any suggestions?"So when the get to the checkout you need an additional, more rigorous check, of whether the user credentials are "logged in" or not.We don't use sessions, in the IIS sense, but we do have a session number (in the database), and that is stored in a cookie.We use an ID number, and then tag onto a 6 digit random number. We store the ID and the RandomBit in separate columns in the DB - so we can check that they are the same for a given user's requests - we figured we had to make the lookup for the Session ID details in SQL anyway, so adding a "AND RandomBit = @UsersData" would add less time than mathematically calculating and validating the checksum partKristen |
|
|
|
|
Shopping Cart Details Lost at Checkout