0

I'm having a web store, custom built and I'm using PHP SESSIONs to store customer's selected products, quantities and other options. Selected products and options are sent to back-end through jQuery AJAX where PHP takes over, does it's checks (if product is available, does even exists and is there enough quantity left) and then it stores or updates data stored inside SESSION. When customer tries to do a purchase, in some cases the SESSION is lost and I don't know why. I did search for answer/solution for quite some time and I have also tried a few solutions, none of them worked 100%, sessions are still being lost. I found out where exactly and can't solve it.

Some code:

Redirection happens inside jQuery's $.ajax() call with window.location.href='/url/' (URL is valid, exists and it's on same domain as is the calling page)

This is my jQuery code:

$('body').on('submit','#some-form-name',function(e){
    e.preventDefault();
    var el=$(this);
    $.ajax({
        type:'post',
        dataType:'json',
        url:'/include/process-sl.php',
        data:el.serialize()+'&q=updateBasket',
        beforeSend:function(){
            ... some checks to verify if form should be submitted or an friendly error returned
        },
        success:function(json){
            if(json.success==true){
                ... show friendly success message before redirecting
                setTimeout(function(){
                    if(json.payment!=undefined){
                        if(json.payment=="paypal"){
                            window.location.href='https://www.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token='+json.token
                        }else{
                            window.location.href='/nakup-opravljen/'
                        }
                    }
                },1000);
            }else{
                ... shows friendly error message
            }
        },
        error:function(){
            ... ajax call failed, show error message
        }
    })
});

This is how main PHP files start (index.php, process-sl.php):

session_set_cookie_params(172800);
session_start();
session_save_path('/home/cheapand/tmp/sessions/');
ini_set("log_errors" , "1");
ini_set("error_log" , "logs/index.php.log");
ini_set("display_errors" , "0");

PHP code which processes the data is a bit long (but will paste it, if asked for), basically it just updates data in SESSION (I'm not doing this first time, so I'm presuming that there's no error, especially since it works most of the time) and returns success/error, payment type selected and if required, PayPal token.

What I have done:

  1. all checks and steps from here: PHP session lost after redirect
  2. setting session_set_cookie_params(172800);
  3. tryed to do multiple purchases myself from various devices and of course, it always worked (can't reproduce the error)
  4. confirmed that this happens on various devices (as it's logged in error logs), so it isn't device specific

Do you guys (and girls) have any additional recommendation what to check or try?

Community
  • 1
  • 1
Kristjan O.
  • 814
  • 1
  • 9
  • 33
  • 1
    Check the PHPSESSID cookie that is being sent, make sure it's same for each request. If the PHPSESSID cookie changes it means you get a new (empty) session. You can see the HTTP Request headers in the developer tools / Firebug / F12. – Halcyon Dec 18 '14 at 12:44
  • When I do a test purchase, it is the same... that's why the purchase is always successful, so there must be something else that triggers new session (or clear old one). – Kristjan O. Dec 18 '14 at 12:52

0 Answers0