OSCommerce: Troubleshooting OSCommerce not Keeping Sessions Between HTTP and HTTPS
This is a problem with the cookie settings. These are easy to fix with a simple change in the includes/configure.php file. For this example, I will be using the https://secure.Bluehost.com/~username url.
Note: You may replace this url with any secure path you are currently using.
Edit the configure.php file located in the includes directory for your OSCommerce install. For this example it is:
I have 5 lines in the configure.php file which I am concerned with:
- define('HTTP_SERVER', 'http://www.example.com'); // eg, http://localhost - should not be empty for productive servers
- define('HTTPS_SERVER', 'https://secure.Bluehost.com/~username'); // eg, https://localhost - should not be empty for productive servers
- define('ENABLE_SSL', true); // secure webserver for checkout procedure?
- define('HTTP_COOKIE_DOMAIN', 'www.domain.com');
- define('HTTPS_COOKIE_DOMAIN', 'secure.Bluehost.com');
The third line defines that when you are dealing with checking out and account configuration, it uses a secure link. All other links will be unsecure. You want to make sure that the HTTP_SERVER and HTTPS_SERVER domain names are equal to the HTTP_COOKIE_DOMAIN and HTTPS_COOKIE_DOMAIN setting as well. You will notice you do not include the "https" or the "~username" or any other folders at all, just the domain name.