Increase Session Timeout

Tired of working in the Admin, taking a break and then having to sign back in. Want to accommodate customers who sign on, put stuff in the cart then go watch a movie before checking out? Well, just increase the session timeout period. You’ll need to do it separately for the catalog and the admin.

For the admin, open admin/includes/functions/sessions.php, find the code below and change the number, which is the seconds before you are timed-out, to something larger:

if (STORE_SESSIONS == 'mysql') {
if (!$SESS_LIFE = get_cfg_var('session.gc_maxlifetime')) {
$SESS_LIFE = 1440;
}

For the catalog do the same thing in includes/functions/sessions.php.

Copied from the OSCommerce forum:
session timeout

Secure Your Images file

Protect your images folder with this simple .htaccess file.

Create a blank file, add this code to it, name it .htaccess and upload to your images file:

<FilesMatch "\.(php(&#91;0-9&#93;|s)?|s?p?html|cgi|pl|exe){:content:}quot;>
Order Deny,Allow
Deny from all
</FilesMatch>

This prevents any files with .php or .exe or .cgi to be executed. In other words unauthorized hacker files. For a little bit more read the full thread on the oscommerce site.

Parsing a URL

    • Parsing a url

    • Echo a url. Here is an example of a webpage with a query string attached:
      $url = "http://".$_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME']."?".$_SERVER['QUERY_STRING'];
      echo $url;

      example result: http://www.mywebsite.com/mail.php?f2fc1b9ecc1986f34588fd=listAudience&modulemail

    • Echo just the query string of the url:
      echo $_SERVER['QUERY_STRING'];

      example result: f2fc1b9ecc1986f34588fd=listAudience&modulemail

    • Echo just some portion of the query string of the url, in this case everything after the ‘=’
      echo preg_match('/listAudience&modulemail$/i', $_SERVER['QUERY_STRING'];

      example result: listAudience&modulemail

      courtesy of: http://www.daniweb.com/forums/thread16687.html

Registering, or Setting, a Value in OSCommerce.

Set a value on one page that is available for another page, or anywhere on the site:

  1. For example, to set the value of $myvar as ‘delorum ipsum’:
    <?php
      $myvar = 'delorum ipsum'; // give it a value here
      if ( ! tep_session_is_registered('myvar') ) {
        tep_session_register('myvar');
      }
    ?>
    

    In plain english this says:
    Make $myvar equal delorum ipsum, and if $myvar is not already registered or been set to equal delorum ipsum in the website, make it equal to delorum ipsum everywhere in the website.

  2. One the page you wish to carry that value to, simply echo the variable, ‘$myvar’ . In other words, below will print ‘delorum ipsum’.
    echo $myvar;
    
  3. When you no longer need the value, unregister it like so:
    tep_session_unregister('myvar');

This is done to allow information, that can come from the database or a form, to follow a customer as they navigate unpredictably through the shop. Here are some examples from OSCommerce:

  • Open login.php
    near the top you see these lines:

    tep_session_register('customer_id');
            tep_session_register('customer_default_address_id');
            tep_session_register('customer_first_name');
            tep_session_register('customer_country_id');
            tep_session_register('customer_zone_id');</code>
    </li>These are all values pulled from the database. 
    <li>Later on in catalog/checkout_shipping.php if the customer makes some comments on the form on that page, the comments get registered, and becomes the value of the variable  '$comments'.</li>
    tep_session_register('comments');
  • Open catalog/logoff.php: When the customer signs out, all this happens.
     tep_session_unregister('customer_id');
      tep_session_unregister('customer_default_address_id');
      tep_session_unregister('customer_first_name');
      tep_session_unregister('customer_country_id');
      tep_session_unregister('customer_zone_id');
      tep_session_unregister('comments');
  • This unregisters all the values that have been attached to those variables, because they are no longer needed.