Announcement

Collapse
No announcement yet.

IE problems with Add To Basket - is there a solution?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    #16
    Re: IE problems with Add To Basket - is there a solution?

    For the record, it turns out I had some hard-coded links in my navigation bar that weren't passing the Session IDs, so when cookies were blocked it created problems. Rick and his tech folks found the issue, and I thank them for doing that. Everything seems to be working well when I test the store in IE8 with all cookies blocked. Thanks again, Rick.

    Comment


      #17
      Re: IE problems with Add To Basket - is there a solution?

      As I am sure that most of us are aware, I just want to harp on the fact that you do need to practice your due diligence when working with exposed session IDs. Session hijacks can occur if they're hard-coded in links, or they can cause all sorts of funky issues which are difficult to track down.

      So, if you're adding an internal link to a page, just be sure to have Miva Merchant generate as much of the link as possible, especially things in the query string (http://www.example.com/mm5/merchant....string&is=here)
      PCINET, LLC

      Miva Merchant Design, Development, Integration & Support
      We built the most Miva Merchant stores!
      Miva shopping cart design & integration service and our Portfolio!

      e-mail: [email protected]
      web: www.pcinet.com

      "We who cut mere stones must always be envisioning cathedrals."
      Quarry Worker's Creed

      Comment


        #18
        Re: IE problems with Add To Basket - is there a solution?

        That's a good point. Another thing I learned--my error was not in hard-coding a Session ID into a link, but using the links that Miva supplies when you click on the Links button in the Admin's store page. I thought they could be used as the code for buttons linking to store pages, but apparently that's not the case, as they are hard coded and led to the problems I had. Probably well-known among Miva veterans, but new to me.

        Dan

        Comment


          #19
          Re: IE problems with Add To Basket - is there a solution?

          So, if you're adding an internal link to a page, just be sure to have Miva Merchant generate as much of the link as possible, especially things in the query string...
          Is that specific to things like checkout pages?

          What about us who use short links / SEO links (my site uses ToolKit SEO Links)???

          My product pages have the RELATIVE URL /product_code.html and my category pages have the RELATIVE path /category_code.html

          Is this going to cause problems?
          Mark Romero
          ~~~~~~~~

          Comment


            #20
            Re: IE problems with Add To Basket - is there a solution?

            Originally posted by Siamese-Dream.Com View Post
            Is that specific to things like checkout pages?

            What about us who use short links / SEO links (my site uses ToolKit SEO Links)???

            My product pages have the RELATIVE URL /product_code.html and my category pages have the RELATIVE path /category_code.html

            Is this going to cause problems?
            From my (limited) understanding of how Miva Merchant and Apache hold hands, shake hands, and work together, I think that if you're using "SEO links" / "Short Links" / Clean URLs / etc., the URL rewrites are taking care of these issues.

            I'm not exactly sure what you are referring to by "relative" or why it would have an impact. I mean, I understand the concept of relative URLs, but they're typically referring to a directory structure. Miva Merchant's "directory structure" is based on "screens" and subsequent parameters dealing with the screens. For example, CTGY and category codes, or PROD and product codes, which you referenced and gave an example of.

            From what I can tell, the different modules, or even short-links, are just different avenues for Miva Merchant (or a module that MM uses) to generate the URL.

            I really don't think it's going to cause problems. And if the Session ID getting passed is a necessity, and you want to keep your short links, I believe that there is a way to silently pass sessions IDs via Apache, which is handled through the rewrite process. I could be wrong, but I remember configuring some servers to do that.

            So, long-ish answer: If you're using a module within Miva Merchant to rewrite your links, you should be fine, as it will be on the developer to make sure it plays nice (or at least document the potential issues and/or trade-offs of using the module) with other URL rewriting and generating mechanisms.

            Short answer: No, it shouldn't be an issue.
            PCINET, LLC

            Miva Merchant Design, Development, Integration & Support
            We built the most Miva Merchant stores!
            Miva shopping cart design & integration service and our Portfolio!

            e-mail: [email protected]
            web: www.pcinet.com

            "We who cut mere stones must always be envisioning cathedrals."
            Quarry Worker's Creed

            Comment


              #21
              Re: IE problems with Add To Basket - is there a solution?

              Also in Dan's case, he had a link in his nav that was missing the "www" which is often the root cause of this issue.
              Thanks,

              Rick Wilson
              CEO
              Miva, Inc.
              [email protected]
              https://www.miva.com

              Comment


                #22
                Re: IE problems with Add To Basket - is there a solution?

                Hi ya, Tim:

                I'm not exactly sure what you are referring to by "relative" or why it would have an impact.
                In this case, I just pointed out the fact I was using relative links instead of absolute links so that readers would know that users weren't going to be moving from secure to non-secure pages (or from the https "server" to the http "server") if they have a session ID and are going to look at a product or category page.

                I guess I should have mentioned that with my setup, session IDs only appear in the URL once a customer has started the checkout process, and is on an "https:" page. That is ok, right?
                Mark Romero
                ~~~~~~~~

                Comment


                  #23
                  Re: IE problems with Add To Basket - is there a solution?

                  Originally posted by Siamese-Dream.Com View Post
                  Hi ya, Tim:



                  In this case, I just pointed out the fact I was using relative links instead of absolute links so that readers would know that users weren't going to be moving from secure to non-secure pages (or from the https "server" to the http "server") if they have a session ID and are going to look at a product or category page.

                  I guess I should have mentioned that with my setup, session IDs only appear in the URL once a customer has started the checkout process, and is on an "https:" page. That is ok, right?
                  Gotcha. Yeah, as much as I can tell, that really shouldn't be an issue. At the risk of over-explaining, the only reason why the Session ID is needed in the query string, is when there isn't a cookie or hidden input to store it on.

                  The conversation between the browser and the server is very short. And the server doesn't keep connections alive (let's ignore websockets and keep-alive headers) for very long. Just long enough to exchange some information. So, to take care of this, the server implements sessions, which is a unique identifier that a client can use to say, "Hey, this is what we talked about before. Here's what else I have, what do you have in response to that?" The browser remembers the conversation via cookies. So, the cookie can store the session id, and transmit it back to the browser, and we can create a "memento"-type of conversation, where we're writing down everything that has transpired (think of your shopping cart).

                  The reason why issues occur with WWW, browsers that aren't using persistent cookies, and user accounts getting hacked, is because there is an issue with the session ID. According to the RFCs and DNS: http://www.example.com and http://example.com are different domains. HTTP://www.example.com is a sub-domain of http://example.com, however, they're typically interchanged. So a store that has a link to "http://example.com/category/dns-books", but uses http://www.example.com for the rest of the site, is going to experience issues when a user goes to http://example.com/category/dns-books. Most likely, logged out, with nothing in the shopping cart.

                  When a user doesn't have persistent cookies enabled in their browser, they're not going to store their Session ID, and each time they talk to the server (who is similar to "Dori" from Finding Nemo, very short memory), the server is going to restart a conversation, issue a Session ID which will not be saved, and the person won't be able to log in, or add things to the cart (if it's all done by cookies).

                  So, that's why implementing a Session ID in the query string is a nice thing, because that information gets passed along, even if they don't have cookies set up. Another alternative is to store the session ID in a hidden input field on a form, however, that's typically only done if you're writing something that doesn't have built in session handling (i.e. NOT Miva). Or if you're teaching a class on PHP ;)

                  SO, to help answer the question.. I can't really say for sure. I'm not sure about how fully Miva Merchant is implementing the session IDs. But I would go with what was stated earlier with the defaults. I would also open IE 8, turn up my security settings, clear my cache, and try to process some test orders. That's really the only way to know for sure.

                  If you're having problems, I'd look over your analytic information, find out who is using IE 8, and where the abandoned shopping carts are most often found. If you find a common thread of those, then you might be losing some sales.

                  Also, anyone, please feel free to correct me on what I've said. This is all from memory, so I might have gotten some things backwards, left parts out, or even be wrong.
                  Last edited by titus; 11-09-11, 10:06 AM.
                  PCINET, LLC

                  Miva Merchant Design, Development, Integration & Support
                  We built the most Miva Merchant stores!
                  Miva shopping cart design & integration service and our Portfolio!

                  e-mail: [email protected]
                  web: www.pcinet.com

                  "We who cut mere stones must always be envisioning cathedrals."
                  Quarry Worker's Creed

                  Comment


                    #24
                    Re: IE problems with Add To Basket - is there a solution?

                    Thanks for the information, Tim:

                    Do we have any general information out there at all on the percentage of users who DON'T accept cookies???

                    I now you gave me the steps for seeing if it is possibly affecting sales, but since time is at a premium this part of the year, I hope we might have a general idea of how big the problem COULD be before digging around through the server logs...
                    Mark Romero
                    ~~~~~~~~

                    Comment


                      #25
                      Re: IE problems with Add To Basket - is there a solution?

                      I can't specifically say. I've read anywhere from 2% to 10%. BUT, keep this in mind too: those studies were based on all types of sites. I don't know what the rate is for ecommerce sites. Also, the information for your site should be pretty accessible if you're using Google Analytics. Parsing server logs isn't fun, especially if you're doing it by hand.

                      AWStats, Webalizer and Google Analytics will be your best bet for quick results. If you don't already have Google Analytics installed then you won't really be able to track abandoned shopping carts (that I know of! Let me know if I'm wrong). But just check on the amount of IE8 users and such. But that's about all I can say for a quick answer. Also, before doing anything drastic, talk to other people too.
                      PCINET, LLC

                      Miva Merchant Design, Development, Integration & Support
                      We built the most Miva Merchant stores!
                      Miva shopping cart design & integration service and our Portfolio!

                      e-mail: [email protected]
                      web: www.pcinet.com

                      "We who cut mere stones must always be envisioning cathedrals."
                      Quarry Worker's Creed

                      Comment


                        #26
                        Re: IE problems with Add To Basket - is there a solution?

                        Here is the quickest workaround we have found regarding the Internet Explorer issue "Cannot Add More than One Item to the Basket..."

                        In the upper right hand corner of later versions of Internet Explorer is a "Safety" Tab. Click this tab. The second choice down is "InPrivate Browsing," also accessible by CTRL+Shift+P. Selecting InPrivate Browsing will open a new Internet Explorer window with an "InPrivate" icon in the URL bar.

                        Have the customer return to your website in this new window and everything will work properly.
                        Last edited by whona; 12-17-11, 01:27 PM.

                        Comment


                          #27
                          Re: IE problems with Add To Basket - is there a solution?

                          This would still be a matter of asking a customer to mess with their browser in order for them to shop on your site. They should not have to do that. The best bet is some kind of internal fix on the site, for IE specifically, that does not require a customer to alter browser settings in order to shop, at which time there is none.

                          Originally posted by whona View Post
                          In the upper right hand corner of later versions of Internet Explorer is a "Safety" Tab. Click this tab. The second choice down is "InPrivate Browsing," also accessible by CTRL+Shift+P. Selecting InPrivate Browsing will open a new Internet Explorer window with an "InPrivate" icon in the URL bar. Have the customer return to your website in this new window and everything will work properly.
                          Jamie
                          Jamie Donaldson
                          JSDVS Web Design / Development
                          Web Design | Web Development | E-commerce Design & Integration

                          Comment


                            #28
                            Re: IE problems with Add To Basket - is there a solution?

                            Though I agree with Jamie for the most part, if the site is setup correctly (i.e., all links use the same domain and Session Ids are used in URLs) then there is nothing else left to "fix". On the upside, if those customers are still having issues with your site, then they have issues with every other site as well. So, you might was well tell them how to "fix" it.
                            Bruce Golub
                            Phosphor Media - "Your Success is our Business"

                            Improve Your Customer Service | Get MORE Customers | Edit CSS/Javascript/HTML Easily | Make Your Site Faster | Get Indexed by Google | Free Modules | Follow Us on Facebook
                            phosphormedia.com

                            Comment


                              #29
                              Re: IE problems with Add To Basket - is there a solution?

                              Originally posted by Bruce - PhosphorMedia View Post
                              Though I agree with Jamie for the most part, if the site is setup correctly (i.e., all links use the same domain and Session Ids are used in URLs) then there is nothing else left to "fix". On the upside, if those customers are still having issues with your site, then they have issues with every other site as well. So, you might was well tell them how to "fix" it.
                              The problem with Session IDs in the URLs is that whenever a Bot (like Google) comes along and spiders your website, they archive in their online search engine links to your site with the session ID. As a result, if a customer who follows that link logs in, every person who follows that link will have access to their personal information (they will still be logged in, even if they leave the site).

                              We had this happen, where people were following Google into our site and seeing who was currently logged in and they had full access to their address and order history.

                              Don't EVER EVER EVER use session IDs in your links, unless you want to open yourself up to a lawsuit.
                              Last edited by whona; 12-18-11, 12:07 PM.

                              Comment

                              Working...
                              X