Seems like the session length is now cut dramatically since upgrading to 1.1.8 (the cookie length is still the same value in admin). If I leave a page for 60 seconds or so, then click (for example) Add to cart, I get redirected to index.php. Same with the admin pages.
We are getting a lot of customers complaining of not being able to access category and product pages and always being redirected back to home page.
People are buying successfully - so I know it is not everyone but we are getting a lot of phone calls about the “redirect” issue - not sure if redirect is the correct wording to use in this case - but it fits.
Also a few customers cannot add anything to the cart (although I am putting this down to javascript issues)
I think the new “Session Validation Setting” in the system/web must had creating new bugs. I have the ‘redirect to index.php’ symptom all over the place.
Thought I saw it in the bug report, but couldn’t find it now.
I had one customer who desperately wanted to buy a product but for the life of her could not log onto her account or access checkout.
She kept being redirected to the home page!
Well it does not happen from any machines I’ve tried it from (FFox / IE mainly). As stated it has however happened for at least 1 customer (who got in touch).
I do have https:// enabled for customer login and orders etc. in the front end. I suspected that to be the culprit and am glad you have the same hunch.
In my demo sites, this happens mainly in the customer login area and admin. I do not have SSL setup so no HTTPS.
customer login area: click ‘back’ in My Tags, Address Books, Account Information, My Product Reviews, Newsletter Subscriptions and My Wishlist pages all triggered this error. Strange that it does not happen in the My Order Page.
The same goes to the frontend in the multi-address checkout.
admin: removing notification message results the same error.
update: “back’ means the back link text, not the back button from browser menu.
However, he doesn’t elaborate on the fix. I’d like to know exactly what needs to be done to address this issue.
We don’t have HTTPS turned on on our site, so I don’t believe that’s the issue. And the problem seems to occur most often in the backend admin area, which doesn’t use HTTPS. It’s hard to recreate the problem because it seems to happen randomly. We’ve had quite a few customers call over the last few days to place orders over the phone because they couldn’t place an order over the web due to this problem, so it must happen quite often.
As for a real-life example: here’s our website - feel free to play around with it and see if you can recreate the problem. I use FireFox and have the issue in the Admin area, but I suspect most of our customers are using IE and having the same problem:
I realized I forgot to test it out in different browsers since the upgrade of v1.1.8. First of all, I experienced the same problem in v1.14 and maybe v1.16 before (remember I tested it in FF and Safari Mac version), mostly the ‘remove notification message” in the admin, and add to cart from product view page. The problem went away in v1.1.7.
Just tested it in Mac and PC, the problem in the customer account login area is isolated to Firefox (v3.04 and v3.05) Mac version only. I deleted all notification messages in the admin, so no way to test it now.
