Jump to content

Orders Getting 'overwritten'


exiladler

Recommended Posts

Currently I am confronted with a problem similar to the one described in this older threat but as there was no obvious solution, I thought it would be an idea to check if anyone has a solution.

Quick description, client order an item 3.1. and got the order ID 080103-112145-4968 and subsequently on 4.1. ordered another item which again used the same id and generated confirmation emails but now in the database there is only one order and it only shows the second item.

Sounds very much like a cookie problem but one I would very much like to avoid. Any suggestions?

Link to comment
Share on other sites

What is "3.1"? Is this a CC version? I'm not aware of a version greater than 3.0.17. Could you reply with a verified CC3 version?

Because CC3 uses cookies to maintain the appearance of carrying a session across pages, there's going to be a problem. Maybe someone has made a mod to the logout function when a visitor properly logs out of their cart.

In PHP, see PHP Manual: session_start(). Also see PHP Manual: session_destroy() and PHP Manual: setcookie().

I've run a search through the code looking for session_start(), session_destroy(), and setcookie(). While I'm no expert on PHP coding, it *seems* to me that in /includes/content/logout.inc.php, the "delete cookie" routine is wrong. By using setcookie("name") without a negative expire time (defaulting to 0), the application thus relies on the browser's behavior of killing the cookie *only* when all browser windows have been closed.

Then, also in that file, the unset($_SESSION) is commented out. Why? I don't know. But it seems to me to be important that it executes.

Advice:

For testing - login, successfully place a test order, logout, then close *all/same* browser windows. That is, all IEs, or all FFs, or all Operas, or all whatevers to be sure the cookies for that session are killed. Then make another test order.

Maybe, if enough users complain directly to Devellion, a proper bug fix might come about to deal with issues caused by rogue cookies. If that's the cause of the problem.

Link to comment
Share on other sites

What is "3.1"? Is this a CC version? I'm not aware of a version greater than 3.0.17. Could you reply with a verified CC3 version?

Sorry that is the date the order was entered, 3rd of Jan and the second overwriting was 4th of Jan. I am using 3.0.17 for the shop moderately modded.

I guess your idea with the cookie seems the obvious problem combined with users probably not logging out, potentially leaving their PC on overnight so the session is still 'active' so a timeout would be needed to ensure this doesn't cause problems.

Let's see if we can get to the bottom of this problem.

Link to comment
Share on other sites

In your admin panel, General (Store) settings, Max Session Length is probably set to 172800 seconds (48 hours). If having a potential customer sit on your store's pages for two days is too long for you, maybe changing this value to 17280 seconds (4.8 hours) or less might be something to consider.

You might also try modifying the code as discussed earlier:

/includes/content/logout.inc.php

Near lines:

40 - setcookie("ccUser", "", , time() - 3600);

41 - setcookie("ccRemember", "", time() - 3600);

Then think about uncommenting line 44. If that breaks things, re-comment that line.

Link to comment
Share on other sites

In your admin panel, General (Store) settings, Max Session Length is probably set to 172800 seconds (48 hours). If having a potential customer sit on your store's pages for two days is too long for you, maybe changing this value to 17280 seconds (4.8 hours) or less might be something to consider.

I had considered that a while ago and the setting for the shop on the Max Session Length is 1800 (or 30 minutes) so this is unlikely to be the cause.

However the other part involving the code change and uncommenting the line seems a good area to try and see if this resolves the issue.

Link to comment
Share on other sites

Quick description, client order an item 3.1. and got the order ID 080103-112145-4968 and subsequently on 4.1. ordered another item which again used the same id and generated confirmation emails but now in the database there is only one order and it only shows the second item.

This happens if user's basket is not empty - it keeps the previous content order id included. Version 4 has just another checkout logic to prevent such issue.

If customer's basket is not emptied properly such issue will occurs allways once customer returns 'in time'.

If you would like to unset session as you mentioned it doesn't help you when customer doesn't log off which is the main matter in this case. You should force script to empty customer's basket. May be best when php session is gone OR browser is closed. Right not explicit decision.

Link to comment
Share on other sites

This happens if user's basket is not empty - it keeps the previous content order id included. Version 4 has just another checkout logic to prevent such issue.

If customer's basket is not emptied properly such issue will occurs allways once customer returns 'in time'.

If you would like to unset session as you mentioned it doesn't help you when customer doesn't log off which is the main matter in this case. You should force script to empty customer's basket. May be best when php session is gone OR browser is closed. Right not explicit decision.

Convict,

Thanks fir the reply and sorry for confusing everyone, the 3.1 and 4.1 are dates, not versions of CC.

One question, when a successful order is done, why is the basket not emptied? Also the session time is set to 30 mins (1800) to ensure this problem would be minimised and the 2nd order is certainly later thn 30 minutes after the first. So no in-time return as you describe it.

How can I force the empty customer basket? Is that a php script or would this be a cron script, I am interested in this solution, can you please elaborate

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...