I have code that creates a session variables for a user on one page. Before the data is entered in the database they go to PayPal to checkout and come back to the site. When they come back those session variables created for the user sometimes remain and sometimes return as NULL.
User enters their information creates session variables -> Go to PayPal, checkout -> Come back to the site, session variables are sometimes retained going into the database, sometimes not
I cannot figure out for the life of my why it does it sometimes and not other times. Is there something about sessions that I am missing? Any ideas?
Make sure you're calling session_write_close() before redirecting to Paypal.
Related
The issue here is I am trying to login into my system via ajax. Let me explain it to your first.
when my user puts in his login details it will be send to the server via Ajax request and then once it gets verified i create an entry into a session and save the information like userid and logged_in flag.
And then i return those value through Json back to user which is processed by a piece of javascript and redirect the user to dashboard.
If the user is not authenticated it shows an error.
But now whats happening here is. When i create a session variable and when the user is redirected to the dashboard. Sometimes it does not create the session variables and thats why i cant show logout button?
any help will be appreciated.
If you’ve used AJAX-heavy web apps built on a CI backend, you might have noticed premature session expiration, even if you’re expiration was set to never expire ($config['sess_expiration'] = 0; in application/config/config.php)
This was apparently due to AJAX requests not regenerating sessions, and apparent collisions. Long story short, last month there was a patch introduced without much fanfare, which (so far) seems to be working for me.
Replace your system/libraries/Session.php file with the one found here (CI’s git):
https://raw.github.com/EllisLab/CodeIgniter/b211adee89f5fd2192051e9c0826146bd150f469/system/libraries/Session.php
Sorry if this is a silly question but lately I've been designing a site for a client and something strange has been happening with my sessions.
The site has a PayPal button which redirects the user to PayPal so they can confirm a payment, before being redirected to the site again.
Before the user is redirected, a load of session variables are saved. Some of them are to do with PayPal, others are to do with things on my site such as a variable to determine which user is logged in, their shopping cart items, etc.
Now, here's where things have been going wrong...
The user is redirected from checkout.php to PayPal. Before they're redirected, all session variables for the site are present (shown by var_dump and print_r). This is fine.
The user returns from PayPal to orderreview.php, but var_dump and print_r now show that the site session variables are missing, but all PayPal ones are there.
I fixed this problem by removing "session_start();" from the top of orderreview.php.
So my question is, why did removing that line fix the issue? Why wouldn't it work before?
I thought I understood PHP sessions but clearly I don't understand them as well as I thought.
I'd read this somewhere:
"As of PHP 4.3.3, calling session_start() while the session has already been started will result in an error of level E_NOTICE. Also, the second session start will simply be ignored."
So I was under the assumption that calling session_start at the top of the script wouldn't affect anything if a session was already started earlier.
Thanks for any answers, once again I apologise if this is a silly question.
That's may be because that you have been redirected to another site during the process. And while you return from Paypal to your website, session_start() generated a new session id which your previously stored session variables are not linked to.
And when you removed session_start() (I don't think session should work without this on top), it used the old session id and never got regenerated. Hence, old session data are back!
This is just my assumption.
I have a problem with cookies.
Basically I'm trying to store the user's session ID as a cookie like so:
setcookie("CheckoutSessionID",session_id(),time()+3600);
This works fine on my site, the cookie has the correct value and is valid for long enough. However, my site redirects to PayPal so the user can confirm a payment. The user is then redirected back to my site. It's when the user is redirected back to my site that ALL cookie variables are gone.
As in, print_r($_COOKIE), var_dump($_COOKIE) etc have no values. This only occurs after being directed to and from PayPal.
Any ideas as to why this is happening?
Thanks in advance for all help, I'm stumped!
Okay I've been digging quite deep and realised that an earlier question of mine is related:
PHP sessions and session_start()
Basically I had problems because PHP sessions were being deleted when I went to PayPal and back. However, I believe this was actually caused by the session COOKIE being destroyed, not the entire session.
I also found this topic here: Do PHP sessions get lost when directing to a payment gateway?
Answer given by someone suggests using a GET request with the return URL to send data back, instead of using cookies or sessions.
The whole reason I was using a cookie in the first place was to save the user's session ID, as the sessions weren't working properly, so basically I've just made my return URL something like this:
mydomain.co.uk/mypage.php?SessionID=[session ID goes here] and then obtained it then set the user's session ID to it.
Sorted! For now... I mean I'll probably end up hitting another brick wall due to cookies/sessions not working properly.
Thanks everyone for your help :)
Actually whatever is happening (cookie is being empty), logically it's right. When you submit a page/make request the browser sends the cookie from the client's computer with the request so that you can find the cookie in the cookie variable.
But once you redirect the user to another external page/site and come back again to your page then you should not get the cookie in the cookie variable because (in your case) when the user is getting back to your site from the paypal the paypal is not submitting the cookie with the request.
In this case you can save your data in the database before you redirect the user to the paypal and once the user comes back to your site you can retrieve that data from the database.
I got similar problem cookies being removed after redirect from Paypal.
it took me a while to figure out where was a problem.
Samesite=**"Strict"** // Removes cookies after redirect from Paypal.
Samesite=**"Lax"** // does not remove cookies after redirect from Paypal.
i am developing a e-commerce website. The user logs in and buy a product when he checkout the page will redirect to the payment gateway. After the payment is completed it will return back to my website. This is ok. But when it is returning back the session maintained in my website get lost. This happen only for the first time. If the user again logged in and checkout the process works good and the session is maintaining.
Why does the session lost for first time.
I used session_start() in all the pages..
I cannot find the solutions. Kindly help..
Why don't you use javascript? You can create cookie to store your incoming members data.
With Jquery and cookie plugin you can do this very easy, sure you must do login for member to create this data. Some useful links:
http://www.jquery.com/
http://plugins.jquery.com/project/Cookie
http://www.electrictoolbox.com/jquery-cookies/
Why does the session lost for first time.
That's hard to tell because there is not much information in your question.
Normally a session get's lost if the session identifier (or session ID in short) is not passed from one request (page) to the other.
Please see the PHP Manual how the session ID can be passed. You need to take care with your code, for example that the cookie is properly set. If the session cookie is not set, the session id will be gone and session_start will create a new session.
Im setting a session variable on hypothetical page number 1. The user then clicks a link to go to a site off the server, and then comes back to page number 1. Problem is, the session variables i set on page one, are no longer set when the user comes back.
Is this a known issue with php, is there any work around?
I am starting the session on the page, and i am echoing the session variables after i set them to make sure they set and they are.
Not sure where to go with this.
Are you sure you call session_start() in all the scripts that use the session variables?
it is possible that the session timeout has expired when the user comes back .. also i think the session has a feature to check for referrers , so u can check that too .. also make sure when the user comes back he lands on the exact same domain
You need to store the session ID in a cookie, and then read that cookie when the user comes back.