View Issue Details
|OXID eShop (all versions)
|4.02. Session handling
|unable to reproduce
|4.6.3 revision 47975
|Fixed in Version
|4.6.5 revision 49955
|0004409: Session sharing between subshops with different domains does not work
|I found no way to share the session between two sub-shops having two different domains. Passing force_sid or sid parameter between 2 domains destroys the session.
|Steps To Reproduce
|You can test this by adding something to basket or/and logging in as particular user to one of the subshops. Then get the active sesssion id value (sid parameter) and try to pass it to another subshop. At this point session data is lost.
|I found this behaviour when debugging the support case:
Customer has a Enterprise Edition 4.5.X with a Mainshop and two Subshops with inherited articles.
Now he wants to have a shared basket for the two Subshops.
In config.inc.php he has inserted the parameter $this->blMallSharedBasket = 1
But the shared basket do not work. If you are in subshop 1 and put an article in basket and change to the other subshop, the basket is empty.
|Loading of articles is not performed in other subshops
|Product over the URL is accessible even if product is not assigned to the shop
|User remains logged in when switching between subshobs, although "Allow users from other stores" is disabled
Clsoing as "not a bug". This is what I wrote in the email:
I‘ve spent some time on this bug now. The situation is better than expected. After spending some time I actually achieved session sharing in the standard shop. And made the shared basket working here localy. I‘ve used the lates standard 4.6.
This is what I do:
1. I set up two subshops under two differnt subdomains: http://mnt.eshop and http://mnt.subshop_b , set $this->blMallSharedBasket = 1 config option.
2. As there is no way to share cookie data between different host in order to identify the session you have to pass the URL parameter in order to share the session. The parameter name which works is force_sid.
3. So what I do I add something to basket, take the active session id. (Could be taken from php by echo session_id() or so.) from http://mnt.eshop/ and pass force_sid parameter to another subshop: e.g.: http://mnt.subshop_b/?force_sid=[oldsid]
Now i see the same basket contents in another page.
The problem why it didn‘t work before was that I tried to change shops over the first page, might be it had some cookie collisions then.
One more tip for experimenting: there is another config parameter: „blSessionUseCookies“ which could be set in config.inc.php. you can trie to set it to true and see if it makes any difference.
|Do not forget to activate "Allow users from other subshops" in the Mall settings of the master shop (ID 1).