eCart checkout success page clear cart

Jason / Support,

I have followed this thread on how to clear the cart after checkout success, but still having issues.

Thread i followed:
showthread.php?p=41655&posted=1#post41655

My checkout success destroys the sessions, but I am still logged out. The reset does not appear to be taking effect as I do not get logged back in. I have double-checked that my session var name is in fact "id_users", so I have that correct.

Any ideas what is wrong (please see attached code).

Thanks for any help.
D

I'm not sure that all parts of that code are needed to delete the session. As a test of what is going on you can copy this code to a new page. Where this code was on the success page you should print out the session variable you are trying to retain. Finally you should try updating the new page to display the entire session with a var_dump($_SESSION) in it.

When you get to the success page you should see the value of this variable. Then when you visit the new page it should clear all session values except for this one. You should then be able to see what variables are set and their values.

Eric,

Not sure if I am following you correctly, but I did the following:

1. removed the code from the bottom of my checkout_success page and replaced with <?php echo $_SESSION['id_users']; ?>

2. Created a second page called "new.php and pasted all the code that was originally on the bottom of the checkout_success page into the bottom of new.php. And then followed it with <?php echo var_dump($_SESSION); ?>

Results were as follows:
When I got to checkout success:
2126

When I navigated away from success to new.php:
array(1) { ["id_users"]=> string(4) "2126" }

Still logged out after this. Issue remains. Any further help is appreciated.

It looks like your id_users variable is still set to the same value. Is this the session variable you use to determine if a user is logged in or not? If so then it seems that you would be logged in when you get to the success page and again when you visit the new page. How is your login rule setup? If it is based on this session variable being present and the value is correct then it seems that you should still be passing the logged in rule.

Eric,

I do not understand what is happening.

checkout_success.php has the following code at the bottom:

id_users:<br />
<?php echo $_SESSION['id_users']; ?><br /><br />
userActivity:<br />
<?php echo $_SESSION['userActivity']; ?><br /><br />
userLevel:<br />
<?php echo $_SESSION['userLevel']; ?><br /><br />
userEmail:<br />
<?php echo $_SESSION['userEmail']; ?>

new.php has the following code at the bottom to store the session variable, clear the cart, then reassign the session vars:

<?php
// Initialize the session.
// If you are using session_name("something"), don't forget it now!
session_start();

//store the user session
$userSession = $_SESSION['id_users'];
$userSession2 = $_SESSION['userActivity'];
$userSession3 = $_SESSION['userLevel'];
$userSession4 = $_SESSION['userEmail'];

// Unset all of the session variables.
$_SESSION = array();

// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}

// Finally, destroy the session.
session_destroy();
unset($_SESSION);
session_regenerate_id();

//reset user session
$_SESSION['id_users'] = $userSession;
$_SESSION['userActivity'] = $userSession2;
$_SESSION['userLevel'] = $userSession3;
$_SESSION['userEmail'] = $userSession4;
?>

<?php echo var_dump($_SESSION); ?>

id_users:<br />
<?php echo $_SESSION['id_users']; ?><br /><br />
userActivity:<br />
<?php echo $_SESSION['userActivity']; ?><br /><br />
userLevel:<br />
<?php echo $_SESSION['userLevel']; ?><br /><br />
userEmail:<br />
<?php echo $_SESSION['userEmail']; ?>

--
When I am logged in and make a purchase and get to checkout_sucess.php all session variable are still stored BUT so is all the cart session. When I goto new.php (which has the session reseting/cart clearing code) the session variables still hold value the first time it loads, but if I refresh the page, sessions loose value even though I have the code to regenerate/reassign values.

My login page sets the above 4 mentioned session vars on login

My SA Rule to determine logged in/out is set up as follows:

AdminsUsers
restrict if <?php echo $_SESSION['userActivity']; ?> = 0
allow if <?php echo $_SESSION['userLevel']; ?> In Group "AdminsUsers" which holds values of 1, 2 (1 is for admins, and 2 is for basic users)

My access rules work great for all other application stuff so I want to keep them as is if possible.

I would be willing to set you up a login and email you my paypal sandbox CC# for testing if this helps and you could run a purchase, but would need to send in a private message.

Let me know if this is helpful in finding a resolution? Your help is much appreciated. D

Thanks for all of the details. This is all very helpful information but I'm more confused by the result you report about the new page. If the code on this page preserves the session value for the user id then it should not delete it when it is refreshed. With links and copies of the pages I will be able to look into this further.

I have opened a ticket for you on this, to update the ticket login and visit your support history:

supporthistory.php

I found that there was a problem with the code that was being used to reset the session. In this code the session was not being started again. I added a session_start() just after the unset($_SESSION) line.

Eric,

That worked. Thank you.

My final code looks as follows after the closing html tag:

</html>

<!-- CLEAR CART SESSIONS -->
<?php

// Initialize the session.
// If you are using session_name("something"), don't forget it now!
session_start();

//store the user session
$userSession = $_SESSION['id_users'];
$userSession2 = $_SESSION['userActivity'];
$userSession3 = $_SESSION['userLevel'];
$userSession4 = $_SESSION['userEmail'];

// Unset all of the session variables.
$_SESSION = array();

// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}

// Finally, destroy the session.
session_destroy();
unset($_SESSION);
session_start();
session_regenerate_id();

//reset user session
$_SESSION['id_users'] = $userSession;
$_SESSION['userActivity'] = $userSession2;
$_SESSION['userLevel'] = $userSession3;
$_SESSION['userEmail'] = $userSession4;
?>

--
I was missing the session_start(); as you mentioned.

Thanks. D

I'm glad it worked out for you. In general when I'm doing this type of thing in the session I will set the values to variables then have just these lines of code:

session_destroy(); 

unset($_SESSION);

session_start();

session_regenerate_id();

This would kill off the current session and create a new one for you. Yours is just doing a little more than this.