I'm getting a weird behavior I can't fully explain. Consider this controller code:
public function actionCreate()
{
$order = new Order();
$this->performAjaxValidation($order, null, 'order-form');
if (isset($_POST['Order'])) {
$order->attributes = $_POST['Order'];
if ($order->save()) {
Yii::app()->session['order_id'] = $order->id;
$this->redirect('confirm');
}
}
$this->render('create', array('order' => $order));
}
public function actionConfirm()
{
$order_id = Yii::app()->session['order_id'];
if(!$order_id) {
throw new CHttpException(404, 'Order not found');
}
$order = $this->loadModel($order_id);
$this->render('confirm', array('order' => $order));
}
So first I create the order, then if creation is successful, there is a redirect to the confirmation page. Order id is saved to the session so the customer can see the order they created. Why can't I make a redirect to "confirm($order_id)" page? Because 1. Order contains user submitted data and it can't be public, only user created that order can view it on the confirmation page, and 2. There is no authentication there, users are not required to log in.
The weird thing is, most of the time it works fine, but sometimes (1 time out of 5 approx) the order id is not saved in session. If the session is fresh, then it will end up showing 404. If it's not and you create several orders, it will evenually show the previous order data (next order is saved fine).
I would suggest that something is wrong with the session component itself (I'm using CDbHttpSession). But everything else (session related stuff) is working fine on the site (backend auth never fails, flash messages always show up).
Any ideas where should I look?
Okay, it appears pretty obvious now. The reason was classic session race condition: session auto start, performAjaxValidation reads session before order_id is set, then saves session without order_id after order_id is set but before actionConfirm is called. Native PHP sessions are blocking so this situation won't happen but db sessions are not.
Related
I have this line of code in my login method
Session::put('msg','Welcome user');
And with a simple route a get through AJAX the value of that message and then delete it ( in theory ) (It's like a flash message):
public function getMessage( ){
$msg = Session::pull('msg','');// tried this
Session::flush();// and/or this
return $msg;
}
Still the message from session is not removed. I want it behave like a flash message . Why the value still persists if I used Session::pull() and\or Session::flush()?
laravel have already a system of session flash,to set data in session flash
Session::flash('msg', 'Event Created');
and then when you show this session a single time,it will automatically remove,you don't need to think about it
Session::get('msg')
I started to learn codeigniter and now I have one prblem. I am making online store for laptops and now I have a wish to make a cart. I wanna remember all data in session when user add some laptop in cart, redardless is logged or not. But my problem is that I remember in session only last added id of laptops. I managed to remember number of laptops in total, and total price, but can’t manage how to remember all id. I am using next code in controller:
public function adding()
{
$id_lap=$this->input->post('id_lap'); // id laptop of which was clicked by user
$num_items=$this->input->post('num_items'); // total number of laptops
$price=$this->input->post('price'); // total cost
if($id_lap !='')
{
$this->session->set_userdata('num_items',$num_items);
$this->session->set_userdata('price_new',$price);
$this->session->set_userdata('id_lap_new',$id_lap);
$response=array(
'status'=>1,
'num_items'=>$num_items,
'price_new'=>$price,
'id_new_lap'=>$id_lap
);
} else {
$response=array(
'status'=>0
);
}
echo json_encode($response);
}
I am using Ajax for sending data in controller.
Thanks for answer, I appreciate.
try to save the session in the database, first open your config.php under application folder and change use session database option value to true. Import the sql structure like you have there and use sessions like you have. It will store the session variable in db. You might want to enable session encryption as well.
I have a website where the front page contains a search form with several fields.
When the user performs a search, I make an ajax call to a function in a controller.
Basically, when the user clicks on the submit button, I send an ajax call via post to:
Route::post('/search', 'SearchController#general');
Then, in the SearchController class, in the function general, I store the values received in a session variable which is an object:
Session::get("search")->language = Input::get("language");
Session::get("search")->category = Input::get("category");
//I'm using examples, not the real variables names
After updating the session variable, in fact, right after the code snippet shown above, I create (or override) a cookie storing the session values:
Cookie::queue("mysite_search", json_encode(Session::get("search")));
And after that operation, I perform the search query and send the results, etc.
All that work fine, but I'm not getting back the values in the cookie. Let me explain myself.
As soon as the front page of my website is opened, I perform an action like this:
if (!Session::has("search")) {
//check for a cookie
$search = Cookie::get('mysite_search');
if($search) Session::put("search", json_decode($search));
else {
$search = new stdClass();
$search->language = "any";
$search->category = "any";
Session::put("search", $search);
}
}
That seems to be always failing if($search) is always returning false, and as a result, my session variable search has always its properties language and category populated with the value any. (Again: I'm using examples, not the real variables names).
So, I would like to know what is happening here and how I could achieve what I'm intending to do.
I tried to put Session::put("search", json_decode($search)); right after $search = Cookie::get('mysite_search'); removing all the if else block, and that throws an error (the ajax call returns an error) so the whole thing is failling at some point, when storing the object in the cookie or when retieving it.
Or could also be something else. I don't know. That's why I'm here. Thanks for reading such a long question.
Ok. This is what was going on.
The problem was this:
Cookie::queue("mysite_search", json_encode(Session::get("search")));
Before having it that way I had this:
Cookie::forever("mysite_search", json_encode(Session::get("search")));
But for some reason, that approach with forever wasn't creating any cookie, so I swichted to queue (this is Laravel 4.2). But queue needs a third parameter with the expiration time. So, what was really going on is that the cookie was being deleted after closing the browser (I also have the session.php in app/config folder set to 'lifetime' => 0 and 'expire_on_close' => true which is exactly what I want).
In simple words, I set the expiration time to forever (5 years) this way:
Cookie::queue("mysite_search", json_encode(Session::get("search")), 2592000);
And now it seems to be working fine after testing it.
I am trying to create a PHP trigger for when a user views certain pages on my website it will update the user table in the points section.
I understand the process would work something like this
on page view > update user > where user id is (**get username from session**) > add 5 to points row
Anyone have any idea how to set up something simple like this for giving users simple points for viewing pages?
My site is using PHP and mySQL for the database.
Use cookies or session variables to keep track of the user details like the username or ID. So making a pageview trigger would be as easy as adding a mysql query at the top of every page which would update the database table for views. Kinda the same way that forums operate.
E.g
<?php
session_start();
$db_connection = mysqli_connect('host','username','password','db');
$user_id = $_SESSION['userid']; //That is asssuming that you had gotten the user id on login
mysqli_query($db_connection, 'UPDATE page_views SET views_column=views_column+1 WHERE userid=$user_id');
?>
Yes, you could do something like (if you own the page the user has to visit):
<?php
$pointsForThisSite = 5;
include "points_adder.php";
?>
While Points_adder looks whether $pointsForThisSite is defined and > 0, then adds the Points to the database as you descripbed.
Is that what you are looking for?
Create a php function and call it everytime the user enter the page.
You don't need a mysql trigger because, the action is at the webpage.
function add_points($user, $page){
//If users visits too many maybe you don't want to gave him some points.
//add points
}
and invoke the function in that pages you want to score
The most unobtrusive way to do this is with an AJAX call after the page has loaded. The call should be to an include file that performs the database update operation and returns a 204 response so that the visitor's browser doesn't wait for response content.
For an Apache server;
header('HTTP/1.0 204 No Content');
header('Content-Length: 0', true);
header('Content-Type: text/html', true);
flush();
// do the table update here
I am new to Magento Web-Service and have to expand it.
The Webservice shell be able to login an customer, give me the session cookie back so that I can redirect to a file that sets the cookie again, redirects me and I can see my cart and proceed to checkout on the Magento Store.
The Problem:
Magento creates a cookie (that contains the session id or whatever, ive tried to set this cookie manual and them im logged in) instead of setting a session when the customer logs in.
I've tried now for several hours to get this cookie that is set by magento in my magento web-service. It seems the cookie isn't set when i call
$session = Mage::getSingleton('customer/session');
return $session->getCookie()->get('frontend');
Heres my complete Code:
Magento Webservice Api:
<?php
class Customapi_Model_Core_Api
{
public function __construct()
{
}
public function checkout($user, $cart)
{
$ret['cookie'] = $this->login($user);
//$coreCookie = Mage::getSingleton('core/cookie');
//$ret['cookie'] = $_COOKIE['frontend'];
return $ret;
}
function login($user)
{
Mage::getSingleton('core/session', array('name'=>'frontend'));
$session = Mage::getSingleton('customer/session');
try
{
$session->loginById($user['id']);
}
catch (Exception $e)
{
}
return $session->getCookie()->get('frontend');
}
}
?>
Heres my Api Call in Php:
<?php
$teambook_path = 'http://localhost/magento/';
$soap = new SoapClient('http://localhost/magento/api/?wsdl');
$soap->startSession();
$sessionId = $soap->login('ApiUser', 'ApiKey');
$userSession = $soap->call(
$sessionId,
'customapi.checkout',
array(
array(
'id' => 1,
'username' => 'Ruf_Michael#gmx.de',
'password' => '***'
),
array(
)
)
);
echo '<pre>';
var_dump($userSession)."\n";
if(isset($userSession['sid']))
echo ''.$userSession['sid'].''."\n";
echo '</pre>';
$soap->endSession($sessionId);
?>
Thanks for every help!
MRu
Sorry i am writing an answer but the comment box denied me to write more than ... letters.
I've tried both codes you posted and all I get is an empty Array or Bool false.
I wrote a static function:
private static $cookie = array();
public static function cookie($key, $value)
{
if($key == 'frontend') {
self::$cookie['key'] = $key;
self::$cookie['value'] = $value;
}
}
that is called in Mage_Core_Model_Session_Abstract_Varien::start and I got the frontend cookie value:
Customapi_Model_Core_Api::cookie($sessionName, $this->getSessionId());
in line 125.
But that didnt solve my basic Problem:
The Session created in the Api call can't be restored, although it is set to the correct value.
Thanks for your help!
You can get an array of all your cookies with the following command:
Mage::getModel('core/cookie')->get();
The frontend cookie can be retrieved like this:
Mage::getModel('core/cookie')->get('frontend');
From your commented code I can see that you already knew that.
As far as I know, when you log in a user, Magento doesn't just create a new session id, it uses the session id of the active connection (which is generated by PHP itself). You are logging in the user and associating him to the session that your API client just created with Magento. Thus, the code that you have commented seems to be correct for what you are trying to achieve.
Now you should just need to get the returned session id and use it in your new request as the 'frontend' cookie.
Edit (a second time)
Magento has different sessions inside a single PHP session which it uses for different scopes. For instance, there is the core scope, the customer scope, etc. However, the customer scope is also specific to a given website. So, you can have a customer_website_one and a customer_website_two scope.
If you want to log in your user, you have to tell Magento in which website that is. Take the following code as an example
// This code goes inside your Magento API class method
// These two lines get your website code for the website with id 1
// You can obviously simply hardcode the $code variable if you prefer
// It must obviously be the website code to which your users will be redirected in the end
$webSites = Mage::app()->getWebsites();
$code = $webSites[1]->getCode();
$session = Mage::getSingleton("customer/session"); // This initiates the PHP session
// The following line is the trick here. You simulate that you
// entered Magento through a website (instead of the API) so if you log in your user
// his info will be stored in the customer_your_website scope
$session->init('customer_' . $code);
$session->loginById(4); // Just logging in some example user
return session_id(); // this holds your session id
If I understand you correctly, you now want to let the user open a PHP script in your server that sets the Magento Cookie to what you just returned in your API method. I wrote the following example which you would access like this: example.com/set_cookie.php?session=THE_RETURNED_SESSION_ID
<?php
// Make sure you match the cookie path magento is setting
setcookie('frontend', $_GET['session'], 0, '/your/magento/cookie/path');
header('Location: http://example.com');
?>
That should do it. Your user is now logged in (at least I got it to work in my test environment). One thing you should keep in mind is that Magento has a Session Validation Mechanism which will fail if enabled. That's because your session stores info about which browser you are using, the IP from which you are connecting, etc. These data will not match between calls through the API methods and the browser later. Here is an example output of the command print_r($session->getData()) after setting the session in the API method
[_session_validator_data] => Array
(
[remote_addr] => 172.20.1.1
[http_via] =>
[http_x_forwarded_for] =>
[http_user_agent] => PHP-SOAP/5.3.5
)
Make sure you turn of the validation in the Magento Admin in Settings > Configuration > General > Web > Session Validation Settings