Post by Zath » Fri Jan 13, 2023 8:40 pm

3.0.3.7 Logout on new cart item refresh.

Hello.
If I log on and add an item to a new cart, view the cart, change the quantity (or not), use the refresh button, it logs me out immediately.
Log back in, do the same and it takes the change and keeps me in.
Further to that, if I use the browser back option to where I was logged in, it allows me to see items and prices then, when reviewing the items, it says I cant see items unless I'm logged in.

Any ideas please ?
Last edited by Zath on Sat Apr 08, 2023 8:25 am, edited 1 time in total.

Opencart 3.0.3.7.


User avatar
New member

Posts

Joined
Fri Dec 08, 2017 10:07 am
Location - West Sussex, England

Post by Zath » Wed Jan 18, 2023 7:41 am

Can a mod move this to general support please ?

Opencart 3.0.3.7.


User avatar
New member

Posts

Joined
Fri Dec 08, 2017 10:07 am
Location - West Sussex, England

Post by ADD Creative » Wed Jan 18, 2023 7:46 pm

Could be this issue. https://github.com/opencart/opencart/issues/7008

You may be able to test by using your web browser's developer tool to disable the cache.

The easiest way to fix the lack of cache control headers issue is by making the following change to the framework.

In system/framework.php find the following line at around line 74.

Code: Select all

$response->addHeader('Content-Type: text/html; charset=utf-8');
After that line add the following.

Code: Select all

header('Expires: Thu, 19 Nov 1981 08:52:00 GMT', true);
header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0', true);
header('Pragma: no-cache', true);
Note, using header() rather than $response->addHeader() as the later doesn't apply to redirects. I've noticed recently that Firefox aggressively caches redirects, which can lead to some strange issues.

www.add-creative.co.uk


Expert Member

Posts

Joined
Sat Jan 14, 2012 1:02 am
Location - United Kingdom

Post by Zath » Sat Jan 21, 2023 12:18 am

I edited it as suggested and it seemed to work, but after a few goes, it still does it.
Any suggestions ?

Code: Select all

// Response
$response = new Response();
$response->addHeader('Content-Type: text/html; charset=utf-8');

// Added 20-01-23

header('Expires: Thu, 19 Nov 1981 08:52:00 GMT', true);
header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0', true);
header('Pragma: no-cache', true);

// End Added

$response->setCompression($config->get('config_compression'));
$registry->set('response', $response);

Opencart 3.0.3.7.


User avatar
New member

Posts

Joined
Fri Dec 08, 2017 10:07 am
Location - West Sussex, England

Post by ADD Creative » Sat Jan 21, 2023 1:19 am

Try clearing your browser cache after that change, as it still may be caching.

It it still doing it. Check both your OpenCart and PHP error log and also your web browser's developer console.

www.add-creative.co.uk


Expert Member

Posts

Joined
Sat Jan 14, 2012 1:02 am
Location - United Kingdom

Post by Zath » Tue Mar 14, 2023 1:24 am

ADD Creative wrote:
Sat Jan 21, 2023 1:19 am
Try clearing your browser cache after that change, as it still may be caching.

It it still doing it. Check both your OpenCart and PHP error log and also your web browser's developer console.
Where is the php error log ?
This is doing my head in lol !

It happens too, simply clicking on the black cart button, locating and clicking an item. The page of the item opens but you're then outside the SSL layer.


This error shows when looking at the page in Firefox tools.

Code: Select all

Cookie “OCSESSID” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite

Opencart 3.0.3.7.


User avatar
New member

Posts

Joined
Fri Dec 08, 2017 10:07 am
Location - West Sussex, England

Post by ADD Creative » Tue Mar 14, 2023 5:05 am

Check your config.php. Do all the URLs start with https and are all the same?

www.add-creative.co.uk


Expert Member

Posts

Joined
Sat Jan 14, 2012 1:02 am
Location - United Kingdom

Post by Zath » Tue Mar 14, 2023 8:54 am

Public view config

Code: Select all

<?php
// HTTP
define('HTTP_SERVER', 'http://www.mysite.com/shopdir/');

// HTTPS
define('HTTPS_SERVER', 'https://www.mysite.com/shopdir/');

Admin config

Code: Select all

<?php
// HTTP
define('HTTP_SERVER', 'http://www.mysite.com/shopdir/admin/');
define('HTTP_CATALOG', 'http://www.mysite.com/shopdir/');

// HTTPS
define('HTTPS_SERVER', 'https://www.mysite.com/shopdir/admin/');
define('HTTPS_CATALOG', 'https://www.mysite.com/shopdir/');

Opencart 3.0.3.7.


User avatar
New member

Posts

Joined
Fri Dec 08, 2017 10:07 am
Location - West Sussex, England

Post by by mona » Tue Mar 14, 2023 9:30 am

ADD Creative wrote:
Tue Mar 14, 2023 5:05 am
Check your config.php. Do all the URLs start with https and are all the same?
That would be a no then ..


Code: Select all

<?php
// HTTP
define('HTTP_SERVER', 'https://www.mysite.com/shopdir/');

// HTTPS
define('HTTPS_SERVER', 'https://www.mysite.com/shopdir/');

Code: Select all

<?php
// HTTP
define('HTTP_SERVER', 'https://www.mysite.com/shopdir/admin/');
define('HTTP_CATALOG', 'https://www.mysite.com/shopdir/');

// HTTPS
define('HTTPS_SERVER', 'https://www.mysite.com/shopdir/admin/');
define('HTTPS_CATALOG', 'https://www.mysite.com/shopdir/');

DISCLAIMER:
You should not modify core files .. if you would like to donate a cup of coffee I will write it in a modification for you.


https://www.youtube.com/watch?v=zXIxDoCRc84


User avatar
Expert Member

Posts

Joined
Mon Jun 10, 2019 9:31 am

Post by Zath » Tue Mar 14, 2023 7:14 pm

by mona wrote:
Tue Mar 14, 2023 9:30 am
ADD Creative wrote:
Tue Mar 14, 2023 5:05 am
Check your config.php. Do all the URLs start with https and are all the same?
That would be a no then ..


Code: Select all

<?php
// HTTP
define('HTTP_SERVER', 'https://www.mysite.com/shopdir/');

// HTTPS
define('HTTPS_SERVER', 'https://www.mysite.com/shopdir/');

Code: Select all

<?php
// HTTP
define('HTTP_SERVER', 'https://www.mysite.com/shopdir/admin/');
define('HTTP_CATALOG', 'https://www.mysite.com/shopdir/');

// HTTPS
define('HTTPS_SERVER', 'https://www.mysite.com/shopdir/admin/');
define('HTTPS_CATALOG', 'https://www.mysite.com/shopdir/');
Indeed not. However, in a previous question this was how it was suggested to leave it.
I will try again.
I also found reference to a startup.php that has many instances of HTTP.

Opencart 3.0.3.7.


User avatar
New member

Posts

Joined
Fri Dec 08, 2017 10:07 am
Location - West Sussex, England

Post by by mona » Tue Mar 14, 2023 7:29 pm

Zath wrote:
Tue Mar 14, 2023 7:14 pm
.. in a previous question this was how it was suggested to leave it. ..
what question [post]?


Zath wrote:
Tue Mar 14, 2023 7:14 pm
I also found reference to a startup.php that has many instances of HTTP.
is this related to the same previous question [post] or your observation ?

DISCLAIMER:
You should not modify core files .. if you would like to donate a cup of coffee I will write it in a modification for you.


https://www.youtube.com/watch?v=zXIxDoCRc84


User avatar
Expert Member

Posts

Joined
Mon Jun 10, 2019 9:31 am

Post by Zath » Sat Apr 08, 2023 8:25 am

I regard this as resolved now.
The problem of being booted out from logged in was due to config ini settings relying on http in the urls and also some calls to external resources where the url also relied on the old http call and not https.

Thanks to all who assisted or tried to assist with this issue.

Opencart 3.0.3.7.


User avatar
New member

Posts

Joined
Fri Dec 08, 2017 10:07 am
Location - West Sussex, England
Who is online

Users browsing this forum: DesignCart and 46 guests