[ic] Problem Maintaining Session

interchange-users@interchange.redhat.com interchange-users@interchange.redhat.com
Wed May 1 17:39:01 2002


On Wed, May 01, 2002 at 01:45:12PM -0700, Ed LaFrance wrote:
> At 01:07 PM 05/01/2002 -0400, you wrote:
> >Problem: Accessing session data after an offsite transaction approval.
> >
> >This has been discussed frequently on the list but after hours of 
> >searching for a definitive answer,
> >I have not found one yet.
> >
> >I'm running IC 4.8.3 on an Ensim "powered" private server.
> >Red Hat Linux release 6.0 (Hedwig)
> >Perl 5.00503
> >Memory handicapped, but this is just a staging server.
> >

RH 6?

Perl 5.005

I think you are causing yourself extra pain.  Particularly with
the 5.005.  You will have problems with modules and versions.
You might try backing down to something like minivend4.03, something
concurrent with the rest of the software.  Yeesh, march down to
walmart and buy one of their $300 no OS boxes and put something
current on it.  Just because it is a dev box is no reason to
scrimp; frankly our production servers have less horsepower than
our dev machines.

cfm





> >The development store (demo) based on the foundation catalog is working 
> >perfectly.
> >I'm trying to implement a transaction clearing mechanism with our Canadian 
> >company "InternetSecure"
> >(mentioned a few times on the list as well but no one seems to have done 
> >this one successfully).
> >"IntenetSecure" is in essence a "Master Merchant" whith whom we have an 
> >account and are processing
> >transactions from other stores succesfully at this time. None of these 
> >stores are based on IC.
> >
> >Similar to PayPal and others, we pass some required merchant and store 
> >variables along with cart
> >contents and shipping costs via product strings to InternetSecure, which 
> >then captures the credit
> >card information, calculates applicable taxes and does the authorization.
> >We then have them fire back an approval string with their "post approval 
> >script" (on approved
> >transactions only) with all the pertinent data.
> >
> >We are attempting to process and complete the order with a special page 
> >"postapproval.html" which
> >essentially duplicates the functions of log_transaction, mail_receipt, 
> >report etc.
> >
> >
> >So far so good, we have all this working.
> >
> >Here is where I get stumped:
> >
> >Passing back the session id to a page which would then log the order and 
> >fire off the necessary
> >e-mails, is not working. A new session is always generated, hence we don't 
> >have the "old" session
> >data available. I have tried various suggested approaches.
> >Sending back the the session id in the IC format
> >http://serverurl/catalog/ord/postapproval?id=nnnnnnnn&etc&etc...:
> >
> >id appears to get ignored or stripped; [cgi id], [value id] are blank; 
> >[data session id] shows a new
> >session.
> >
> >Sending the session id to the processor and back as sessionvar=[data 
> >session id] works; [cgi
> >sessionvar] shows the proper session id.
> >
> >Using another suggested approach (courtesy MH) in conjunction with the 
> >above of setting up "Variable
> >MV_SESSION_ID sessionvar" in the catalog.cfg still gets me nowhere.
> >
> >If I plug the postapproval URL directly into a browser while I still have 
> >a window open with my cart
> >(http or https) works as expected and does the required post approval 
> >processing. Doing the same
> >with a different browser does not,
> >Cookies seem to make this work and having the store run in secure mode 
> >also seems to help.
> >
> >Any ideea as to how to make this work?
> 
> Calling a return URL to your store which contains a valid session ID string 
> should work - I have written implementations which do this without fail. 
> Something else is going on; perhaps the return  URL is being munged 
> somehow; or perhaps IC refuses to recognize id=nnnnnnnn on a cookie-enbaled 
> browser. Try building your return url as a form instead of a regular link, 
> i.e.:
> 
> [seti return_url][area form="
>                                 mv_todo=return
>                                 mv_nextpage=ord/postapproval
>                                 extra_var1=some_data
>                                 extra_var2=more_data
> "][/seti]
> 
> Then send [scratch return_url] to your payment processor with the other 
> data. The session ID will be included automatically and should be 
> recognized by IC on the return (and invoke-able with [data session id]).
> 
> - Ed L.
> 
> 
> 
> 
> >Failing which, how can I get at the session values for a specific session.
> >
> >If worst comes to worst, and this is sure as heck not very elegant, I can 
> >pass all the required
> >session variables, user data, etc. to InternetSecure and back but they 
> >won't guarantee to pass back
> >any more then their own variables (in reality I have found that everything 
> >comes back fine limited
> >only by the length of the URL string).
> >
> >Any help greatly appreciated as I'm drawing a blank at this time.
> >(I'm also not a programmer, so bear with me if I missed some ovious stuff).
> >
> >
> >Bruno Cantieni
> >
> >
> >###########################################
> >Bruno Cantieni
> >Digital Landscape - Cyboretum.com
> >Web Applications * Web Hosting * e-Commerce
> >http://www.digi-land.com
> >http://www.cyboretum.com
> >bruno@digi-land.com
> >Phone/Fax: 905.668.2255
> >
> >
> >
> >
> >
> >
> >
> >_______________________________________________
> >interchange-users mailing list
> >interchange-users@interchange.redhat.com
> >http://interchange.redhat.com/mailman/listinfo/interchange-users
> 
> ===============================================================
> New Media E.M.S.               Software Solutions for Business
> 463 Main St., Suite D          eCommerce | Consulting | Hosting
> Placerville, CA  95667         edl@newmediaems.com
> (530) 622-9421                 http://www.newmediaems.com
> (866) 519-4680 Toll-Free       (530) 622-9426 Fax
> ===============================================================
> 
> _______________________________________________
> interchange-users mailing list
> interchange-users@interchange.redhat.com
> http://interchange.redhat.com/mailman/listinfo/interchange-users

-- 

Christopher F. Miller, Publisher                               cfm@maine.com
MaineStreet Communications, Inc           208 Portland Road, Gray, ME  04039
1.207.657.5078                                         http://www.maine.com/
Content/site management, online commerce, internet integration, Debian linux