Announcement:Materials and articles for ProductCart 5 can be found at our brand new support center.

Create an account to edit articles | See Formatting Syntax for Wiki syntax | We look forward to your contribution!

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

developers:timeout-issues [2009/01/14 09:54]
earlyimpact
developers:timeout-issues [2015/04/22 11:49] (current)
earlyimpact
Line 1: Line 1:
-====== Understanding Session Time-out Issues ​======+====== Understanding Session Time-outs or Loss of Session ​======
  
 ===== Symptoms of a Lost Server Session ===== ===== Symptoms of a Lost Server Session =====
Line 30: Line 30:
   * Make sure that the //SSL URL// under //Settings > Store Settings// is correct and consistent with the URL in "​storeconstants.asp"​   * Make sure that the //SSL URL// under //Settings > Store Settings// is correct and consistent with the URL in "​storeconstants.asp"​
   * Make sure that the //Home Page URL// under //Settings > Store Settings// is correct and consistent with the URL in "​storeconstants.asp"​   * Make sure that the //Home Page URL// under //Settings > Store Settings// is correct and consistent with the URL in "​storeconstants.asp"​
 +
 +=== Redirecting customers to WWW ===
 +
 +To correct the problem mentioned above (different domain names used), you can place the following code at the top of any ASP page (it must be an ASP page) used by your site. For ProductCart pages, in v3.05 and above you can place this code at the top of the file "​includes/​**stringfunctions.asp**"​. This file is used by all relevant files in your storefront. For previous versions of ProductCart (where this file was not used by all relevant files), add the code at the top of "​header.asp"​.
 +
 +<​code>​
 +<%
 +pcv_strServerURL = request.ServerVariables("​HTTP_HOST"​)
 +pcv_strScriptName = request.ServerVariables("​SCRIPT_NAME"​)
 +pcv_strQS = ""​
 +pcv_strQScount = 0
 +
 +For Each Item In Request.querystring ​
 +            if pcv_strQScount = 0 then 
 +                        pcv_strQS = pcv_strQS & "?" ​
 +            else 
 +                        pcv_strQS = pcv_strQS & "&"​
 +            end if
 +            pcv_strQS = pcv_strQS & item & "​="​ & request.QueryString(item)
 +            pcv_strQScount = pcv_strQScount + 1
 +Next 
 + 
 +
 +if pcv_strServerURL="​my-domain-name.com"​ then
 +            Response.Status="​301 Moved Permanently" ​
 +            Response.AddHeader "​Location",​ "​http://​www.my-domain-name.com"​ & pcv_strScriptName & pcv_strQS
 +else
 +            Response.AddHeader "​pragma",​ "​no-cache" ​
 +            Response.AddHeader "​cache-control","​private,​ no-cache, must-revalidate" ​
 +            Response.CacheControl = "​no-cache" ​
 +            Response.Expires = -1
 +end if
 +%>
 +</​code>​
 +
 +... where //​my-domain-name.com//​ is your domain name (change both instances in the code).
 +
 +=== Redirecting customers to WWW while using search-engine friendly URLs (404 redirects) ===
 +
 +If your site is using search-engine friendly URLs (via a 404 redirect), the above code snippet might not work for you.
 +Here's an example code snippet that has been modified to work with 404.asp search-engine friendly redirects.
 +This code snippet will also preserve SSL https connections:​
 +
 +<​code>​
 +<%
 +pcv_strServerURL = LCase(request.ServerVariables("​HTTP_HOST"​))
 +pcv_strScriptName = request.ServerVariables("​SCRIPT_NAME"​)
 +pcv_strServerPort = request.ServerVariables("​SERVER_PORT"​)
 +pcv_strQS = ""​
 +pcv_strQScount = 0
 +pcv_strRedirectPrefix = "​http://"​
 +if pcv_strServerPort = 443 then
 + pcv_strRedirectPrefix = "​https://"​
 +end if
 +pcv_strRedirectURL = ""​
 +
 +For Each Item In Request.querystring ​
 + if pcv_strQScount = 0 then 
 + pcv_strQS = pcv_strQS & "?" ​
 + else 
 + pcv_strQS = pcv_strQS & "&"​
 + end if
 + pcv_strQS = pcv_strQS & item & "​="​ & request.QueryString(item)
 + pcv_strQScount = pcv_strQScount + 1
 +Next 
 +
 +pcv_strQS = Replace(pcv_strQS,​ "​.htm=",​ "​.htm"​)
 +
 +if pcv_strServerURL="​my-domain-name.com"​ then
 +
 + if instr(pcv_strScriptName,​ "​404.asp"​) then
 + pcv_strQS = Replace(pcv_strQS,​ "?​404;​http://​my-domain-name.com:​80",​ ""​)
 + pcv_strQS = Replace(pcv_strQS,​ "?​404;​https://​my-domain-name.com:​443",​ ""​)
 + pcv_strRedirectURL = pcv_strRedirectPrefix & "​www.my-domain-name.com"​ & pcv_strQS
 + else
 + pcv_strRedirectURL = pcv_strRedirectPrefix & "​www.my-domain-name.com"​ & pcv_strScriptName & pcv_strQS
 + end if
 +
 + Response.Status="​301 Moved Permanently" ​
 + Response.AddHeader "​Location",​ pcv_strRedirectURL
 +
 +end if
 +%>
 +</​code>​
 +
 +… where my-domain-name.com is your domain name (change all instances in the code). ​
  
 ==== Exhausted Virtual Memory ==== ==== Exhausted Virtual Memory ====
Line 52: Line 138:
 ==== IIS7 ===== ==== IIS7 =====
  
-IIS7 has a setting called ​"New ID On Secure Connection (keepSessionIdSecure)"+=== What the problem is === 
 + 
 +IIS7 has a setting called ​**New ID On Secure Connection** (formerly:  ​keepSessionIdSecure )
  
 This generates a new cookie when a transition from a non-secure to a secure connection is made. The default is True. Change this to False if you can, or ask your hosting company to make the change. [[http://​technet.microsoft.com/​en-us/​library/​cc731782.aspx|Here is more information from Microsoft on this topic]]. This generates a new cookie when a transition from a non-secure to a secure connection is made. The default is True. Change this to False if you can, or ask your hosting company to make the change. [[http://​technet.microsoft.com/​en-us/​library/​cc731782.aspx|Here is more information from Microsoft on this topic]].
 +
 +[[http://​stackoverflow.com/​questions/​23257356/​classic-asp-session-weirdness-between-http-and-https|And another site...]]
 +
 +=== More detailed explanation ===
 +
 +What is happening is the environment is creating a separate session variable each for "​http"​ and another for "​https"​ so that when you switch between them, it will give the appearance of missing items. ​ You can verify this when you experience the empty cart (if you are in https) by simply changing the URL for the page you are on to http and you will see your items in the cart.
 + 
 +The root of the problem is ProductCart running in the Win2008/​IIS7 environment when IIS7 is set up using default values. ​ There is some key differences between IIS6 and IIS7. 
 + 
 +
 +=== How to fix it ===
 +
 +You have two options to fix this issue:
 +
 +  - **IIS setting** \\ In the IIS properties window, under the ASP tab --> Session Properties, there is a setting for "New ID on Secure Connections"​ (this is the friendly name). ​ IIS7 had this set on/enabled by default. ​ You will need to ask your host to turn this setting off.  ​
 +  - **web.config file** \\ If you are having problems in your ProductCart-powered store during checkout (e.g. a message indicating that the shopping cart is empty), then try the following.
 +    - Create a new Notepad file with the following content: <​code><?​xml version="​1.0"​ encoding="​utf-8"​ ?>
 +<​configuration>​
 +  <​system.webServer>​
 +    <asp>
 +      <session keepSessionIdSecure="​false"​ />
 +    </​asp>​
 +  </​system.webServer>​
 +</​configuration></​code>​
 +    - Save the file with the name "​Web.config"​ \\ //Make sure it does not have a *.txt extension. The entire file name should be "​web.config"//​
 +    - Upload it to the root folder using your favorite FTP software
  
 ==== Application Pool : Idle Time-out ==== ==== Application Pool : Idle Time-out ====
Line 81: Line 195:
  
 Make sure that you do not have a "​global.asa"​ file on your site that is overriding the default session timeout value. Make sure that you do not have a "​global.asa"​ file on your site that is overriding the default session timeout value.
 +
 +==== Application Directory ====
 +
 +Make sure that your '​includes'​ folder is NOT configured as an Application Directory, otherwise it will initiate a new session every time this folder is called.
  
  
Line 134: Line 252:
  
   * [[:​developers:​startingsession|Starting a ProductCart session]]   * [[:​developers:​startingsession|Starting a ProductCart session]]
 +  * [[:​productcart:​script_timeout|Setting a Script Timeout]]

QR Code
QR Code Understanding Session Time-outs or Loss of Session (generated for current page)