SECURE SERVER LOSING CART : LUSENET : S-Mart Shopping Cart : One Thread

ok ! I know that you have already answered that question but your answer is not very clear and it seems that a lot of people get the same problem.

When I put the script in secure mode, I tested from my computer and everything seems to works fine, I ordered in secure mode and received the orders... The only problem is that it was possible only from my computer, if someone else tried to order, the content of the shopping cart was lost when going through the secure server. So I think it's a problem, specially if I want to have other customers than myself.. So please, answer.

-- Luigi Castagna (, March 07, 1998


If the secure and normal httpd servers reside on seperate physical machines, or have permission/ownership conflicts, then you will need to copy the temp cart files into a area readable by the https process.

This could be a matter of having a mutually readable directory, or copying the files across your network, using a variety of means. Ask your sysadmin how to best go about this.

-- Barry Robison (, March 07, 1998.

This is a heads up.

I recently encountered a problem when I modified the script so that the only secure transaction was the actual order checkout. This is a more efficient approach. I soon discovered that some shopping carts were being lost at the checkout stage. After some digging around, I realized that the problem could be isolated to AOL when customers were using the internal browser. AOL's browser goes through a different proxy for secure transactions, which results in the REMOTE_HOST environment variable taking on a different value. The result, of course, is that the script looks for a different shopping cart at checkout. I got around this problem by passing along the $host variable in a hidden form field.

The moral is, beware AOL!


-- Matt Flaherty (, February 05, 1999.

Hi again,

I have received a request for help on this, so here is the fix:

Modify the subroutine called "get_host:

sub get_host { # This is to compensate for discrepancies between hostnames for secure and unsecure transactions. if ($FORM{'cart'}) { $host = $FORM{'cart'}; } else {$host = $ENV{'REMOTE_HOST'};}

$reffile = "$tmpdir$delim$storename-$host"; }

The next step is to add a hidden form field to your checkout page (referred to by $order in the .cfg file) like this:

Finally, in the shopping cart script make another slight modification to substitute "REPLACECART" with the actual hostname:

(In subroutine buy_items1)

open (ORDER,"$basepath$delim$order") || print "Could not open $basepath$delim$order $! \n"; while () { s/REPLACECART/$ENV{'REMOTE_HOST'}/g; #this substitutes the hostname print $_; } close(ORDER);

-- Matt Flaherty (, February 05, 1999.


Apparently posting html to the forum creates html, so if you really want to see it, just view the source of this page. Sorry for the threepeat.

-- Matt Flaherty (, February 05, 1999.

Moderation questions? read the FAQ