LPM: Note from not-subscribed address

[Gregg Casillo]

I've done something similar to this recently including the use of 
non-secure and secure web servers to process orders. Could it be that 
you're setting your cookie with a domain that has the hostname in it? A 
cookie whose domain is "www.foobar.com" cannot be read by another web 
server at "secure.foobar.com" or "pub.foobar.com".

If this is the case, try setting your cookie using only the domain name 
so that different hosts (e.g. one that runs your non-secure web server 
and another that runs your secure server) can read the cookie. So in the 
above example, you want to set your cookie domain with ".foobar.com". 
This means both servers at "www.foobar.com" and "secure.foobar.com" can 
read the cookie.

Perhaps this explains why your secure server is balking and redirecting 
to your non-secure homepage where the cookie can be read and your 
shopping cart is flush once again.

Hope I'm reading you right and this helps,
Gregg Casillo
Kentucky Educational Television
gcasillo at ket.org


Rich Bowen wrote:
> From: "Billy Marlin" <res0bhnu at verizon.net>
> To: <lexington-pm-list at pm.org>
> Subject: Need some perl help
> Date: Tue, 14 Aug 2001 10:10:54 -0700
> 
> Ok well what I am going to give you might not be enough for anyone to =
> establish on what the problem is but here goes.
> 
> I am working with 3 websites which all use the same exact principle and =
> scripts.  The latest website I just finished and copied all the perl =
> files over for the shopping cart.  I went in and changed all the =
> required files to point to the right area.  This shopping cart uses =
> about 15 different files hence the reason for me not posting exactly =
> what is going on.
> 
> Anyways I got everything working except for one item.  After the =
> shopping cart is loaded and the person is going to check out.  They go =
> to the link that says you are entering a ssl section.  Up to this point =
> the program has a cookie base on the time the order was made and this =
> stays the same until you enter the ssl area.  I have been printing out =
> the cookie every page change and found this was when it gets lost.  Soon =
> as you come into the Secure area which works on the other the other 2 =
> websites which are exactly the same. The cookie vanishes!  I have it =
> redirect to the homepage if there is not a cookie.  Now from the home =
> page I click to go to my shopping cart and BAM it pulls up the info =
> using the cookie which now exists.
> 
> My current problems are due to a lot of limitations.  I do not have =
> access to my error log file which really hurts.  I also do not know the =
> complete configuration of the server.  I requested it be the same as the =
> other 2 we are using and like I said all the other scripts I am using =
> work fine.
> 
> Is there something that anyone can advise me to do  to solve what is the =
> problem here.  I know I have not given a lot of specifics but this is =
> all I have without going into a lot of detail.  If you need more let me =
> know. =20
> 
> Billy Marlin
> 
> Here is how the cookies are handled
> 
> ################################## Function =
> ##################################
> #
> #  Function: getCookie
> #
> #  Description:
> # Look for a cookie.  If one is not set, set one based on the current =
> time.
> #
> #  Notes:
> #
> #########################################################################=
> #####
> sub getCookie
> {
>  # Does a cookie exist?
>  my($cartkey) =3D cookie(-name=3D>&cart::CART_COOKIE);
> 
>  # If a cookie exists, an administrator is logged in
>     if (!$cartkey)
>  {
>   # Cookie doesn't exist
>   # Set a cookie based on the current time in seconds since the Epoch
>   $cartkey =3D time;
> 
>   # Prepare the cookie to go in the header
>   my($cookie) =3D cookie(-name=3D>&cart::CART_COOKIE, =
> -value=3D>$cartkey);
> 
>   # Set the cookie in the header
>   print header(-cookie=3D>$cookie);
>   &webpage::headerPrinted();
>  }
> =20
>  return $cartkey;
> } # getCookie
> 
> 
>