Ubercart

I think as long as /cart and /cart/checkout are both SSL, you shouldn't see this problem? That's what fixed it for us (and some others) without having to edit base_url stuff. But if you have a multisite setup spanning different domains, that is most likely a cookie issue. When you are testing, make sure you have deleted your cookies first, since you might be having them stored locally and caching rather than becoming updated with your new Drupal settings. Those are my thoughts anyway.

Hi Brad,

Were you able to get this resolved? I am working on a Drupal site with the EXACT same problem. The SSL certificate is on a shared domain that's different than the client domain and the HTTPS redirect sends users to an empty cart. Please let me know if you've had any success and good luck!

We've got an issue very similar, if not the same. We're running fully updated versions of Ubercart, SecurePages (with our SSL cert) Node Checkout and Masquerade to troubleshoot. There's one product type, photo submission.

Every once and a while we get either a) someone who says their cart is empty, but when we Masquerade as them, shows the products (they use IE) or b) someone running Safari on a Mac is having issues where they will go in, buy a photo, and it will empty their cart.

We're thinking it's something with their session getting destroyed...honestly I'm not sure WHAT is going on with a). We've set the domain on settings.php, and login is SSL'ed (you can't buy products anonymously) and we have turned off "revert to HTTP", so once they're SSL'ed, it's for good.

Any idea what's up? Thanks!

Every now and then users on IE8 lose the session when switching from http to https (I'm using secure pages), and I don't know what's causing it.

In some instances I think that users who visit too frequently are getting tripped up in non expiring user sessions, so I've just changed the default expiry from 23 days to 3 hours. in secure pages i've got both cart/* and cart/checkout* listed as secure, and I'm about the check my cookie base setting as mentioned in this thread.

I'm using crossbrowsertesting.com since i'm on a mac, and everything tests out fine. so i'm not sure where else to look for the error. all i can say is that i'm not thrilled about using secure pages (no offense), I'd like to use an htaccess re-write so i can feel like i have more control but i'm not sure how t do it.

I had the same problem for about a year now, and it's really been bothering me, because I couldn't consistently duplicate the problem.

The issue that I had, I believe stems from some inconsistencies in the session, regarding the domain name. Now I'm not entirely sure how this happens, but I believe that if someone went to http://example.com, adding a product to their cart, and went to the checkout page, they were being directed to http://www.example.com/cart/checkout (note the www). If I manually stripped out the www in the url, the cart was magically restored.

So the simple solution I used was to uncomment the rewrite rules, and redirected everyone to the www version of the url, regardless of what page they were on.

Now I'm not sure how this is going to affect sites with subdomains, but I think as long as it's kept consistent, that should take care of the problem.

I'm setting up a Drupal 6.20 site with Ubercart 6.x-2.4 for one domain on a multisite setup, with SSL installed for the relevant domain only. I'm not using any subdomains. Secure Pages is installed and I'm getting the "hosed cart" problem going from http: to https: described here. (I was referred to this thread after first posting here which has more details.)

I've followed all the tips here for setting the $cookie_domain and matching the $base_url. I've tried doing this in the settings.php file for both the specific site domain and default and it's made no difference. I originally had cart/checkout and cart/checkout/review in the list of pages to be secure but adding /cart didn't fix it - formerly you put an item in your basket in http: and viewed it in your cart and when you went to cart/checkout you got the empty cart message, but adding /cart to the list of secure pages simply means you get the empty cart message as soon as you put something in the cart instead of when you check out.

I've also tried both ticking and unticking "Switch back to http pages when there are no matches" in the Secure Pages settings to no avail.

I am tearing my hair out. It seems my only option is to force the entire site into https: just so that the few pages that need it can run over it

Its been awhile since I looked at this issue, but the pieces and parts above seem to be the stuff a fix is made of:

1. Make sure your base URL and cookie domain settings are correct in settings.php
2. Make sure both the htttp://example.com and http://www.example.com URLs are dealt with in .htaccess? (did I read the posts above correctly?)
3. Make sure sessions are expiring?
I think one of the issues I'd had was related to whether or not authenticated users had logged into the site. If they added to cart, then logged in before checking out, their cart went empty as I recall.

Lastly, on some shared hosting plans, are there .htaccess files that deal with the www vs. no www issue at the root? Just wondering if there is a conflict of statements in separate htaccess files???

Hope this helps. KC

http://data.agaric.com/node/1586

Brilliant, thank you so much All http://www.example.com pages now redirect to http://example.com, the transition between http: and https: and back is working fine and the cart contents are staying as they should right from beginning to end. Fantastic!

There is only one outstanding problem... As per my original post,when going to https://example.com/cart/checkout, in the "payment method" pane the credit card details form fields don't load - I get the animated "progress" bar which never resolves (screenshot attached). No other panes in the checkout are affected. If I complete all the other (mandatory) fields and then click the "review order" button, the page submits and I get a pink message box at the top saying I need to enter my card details. Now when I scroll down, the credit card fields are all there, and I can fill these in and proceed to review order, confirm and complete.

Any ideas as to how to get the fields to appear first time? As I say it only happens if you go to the checkout in https: (which is essential).