Zencart 1.5.X – login does not work – session / cookie problem – explained

Zencart 1.5.X – login does not work – session / cookie problem – explained

Share on facebookShare on twitterShare on emailShare on pinterest_shareMore Sharing Services1

This post is a consequence of an hour long pain in the …. finding a weird session issue in the latest Zencart 1.5. I had a subdomain for development version like (dev.blahbla.com). Everything was good except login does not work – whereas I can even add products to cart (which should mean my session is working!!). So it took me an hour to figure out Zencart has made some change regarding the cookie domain in the latest version (I don’t want to explain as it does not matter to most of us). Read this post if you are having any of the following issues:

• You cannot add to cart or login, your session does not work at all
• You can add to cart but cannot checkout as it ask you to login again and again saying your session expired
• Your live site works perfect but the development site (a subdomain) does not work with the exact same code (my case)

For Zencart version >= 1.5.X

Things are made easier now removing the option from configuration file to save your session in file. Now there is nothing to check in ‘includes/configure.php’. Everything is in Admin. By default there is almost no reason to have session issue if your database username/password is correct (which is something you can’t miss)

Login to admin. Go to Configuration >> Sessions

• The first thing I would ask you to try is setting “Add period prefix to cookie domain” to false. This harmless looking configuration creates issues in subdomains. Latest version has thought of only www.blahblah.com but if you have a domain dev.blahblah.com, it will put 2 dots in front of your cookie domain and your session will not work until you turn “Recreate Session” to false.
• If your login is still not working, the second option is to set “Recreate Session” to false. But this would be the worst thing you would want to do as it adds a security leak into your website of hijacking anyone’s session. Except very few hosting, this has never been needed.

You may play with the rest of the configurations, but I don’t think any Zencart 1.5.X user will need anything else.

For Zencart version < 1.5

For older versions of Zencart, do the following:

• Open the configuration file ‘includes/configure.php’. Check the definition STORE_SESSIONS. Remember the value.
• If STORE_SESSIONS value is db, login in to admin and follow the instructions given above for version 1.5.
• If STORE_SESSIONS value is blank (”), login to admin. Go to Configuration >> Sessions and check if the “Session Directory” is set to correct path. If the path is correct, make sure the session directory has been made writable by webserver.
  Easy way to do it is, make the directory permission 777.
  (Linux command for permission: chmod -R 777 /your/session/directory/path/)
  If you are still having issue with session, follow the instructions given above for version 1.5.

Hope this saves you some time.

cookie, session, Zencart, zencart login problem