disabling cookies and javascript - Just what I thought when I saw your post.

Im not too sure how youd get around this some of teh more technical bods here will be able to help, however id seriously consider terminating your relationship with your cart firm.

Appears that they didnt even bother to look for teh problem.

I can't terminate the relationship with them. They designed our whole ecommerce suit. They are the only firm that write web applications for the software that we run in the company.

I just need feedback from you guys if you think my suspicion of what is causing the problems are correct?

Thanks

We get days when customers moan because they get tossed out after they've logged in and browser crashes when they are about to pay. We've never managed to establish what is causing it, but there is a pattern where several customers on the trot experience difficulties.
I've had to put it down to server connectivity since nobody seems to know what is causing it.

Essex_boy hit the nail on the head.

skuba- you don't have to settle just because they wrote your application. If you have the source code, you can ask someone else for maintenance help; if not, you can use another cart, or get someone to decompile their work (assuming that's legal).

I think your situation is an excellent example of what can happen with closed source. If you decide to change carts, definitely consider going open-source!

Guys, please no more recommendations to drop our developer company. They are not completely responsible to finding problems on the site and fixing them. They are programmers. I AM THE WEB MANAGER, and the reason I come to this forum is to get feedback if you guys also think that an increase in cookie and javascript disabling could be the cause of the errors.
Maybe other stores are seeing similar problems.
We have a great relationship with the developer and they build an excelent tool for us taht is completely integrated with our local system.
Try to stick to the point of the topic.
Thanks

Wow, I just tested my cart, and with cookies turned off, the results aren't great... everything predictably gets lost. None of the testers disabled cookies, so no one caught this. Wow.

I suppose the only reasonnable thing to do is to ask people to allow cookies for the site at least for that session... a trivial thing to do, but I wonder how many sales were lost over this.

My site depends on cookies to handle the checkout process. That's how we know what is in the shopping cart. When cookies are disabled, we use a session ID, but this doesn't guarantee the ID won't be lost

This sounds like negligence on the part of your developers. It is entirely on-topic for your discussion. You pay them to give you a 100% functional shopping cart solution. You're not getting it.

This sounds like negligence on the part of your developers. It is entirely on-topic for your discussion. You pay them to give you a 100% functional shopping cart solution. You're not getting it.

So, please tell me how you identify what is on the users shopping cart without using cookies or a session ID? Or how you identify who is the shopper?

Thanks

I've seen sites that assign a unique ID to each visitor and pass that along in the querystring on each page. If you do it that way, no cookies or session ID's needed.

geez, will we get off skuba's case about his programmers? By using both cookies and session id's, they're doing everything that can reasonnably be done or expected.

Besides, we (programmers) often get absolutely ridiculous specs, and are sometimes expected to code for them despite our concerns.

And even if they did not foresee this situation, it still wouldn't be a sign of negligence. A lot of people honestly recommended such an approach.

Finally, even with good specs and no malice, bugs happen, or people forget things. We're human and no coder is above bugs.

My opinion - people should be expected to use cookies. If skuba agrees, he can ask his programmers to change the application's behaviour. You can then judge their worth by how they react to the request.

wackal- you seem to be missing some of the technical aspects. A session id is nothing but a unique id that is passed along with each URL. If a person visits another site and comes back, you've lost their id and they lost their cart.

Could this be a server overload problem?

When cookies are disabled, we use a session ID

As I understand it, the server maintains the session ID. If the volume of users with cookies disabled has increased significantly, the server is working harder. Could the server be losing IDs during peak loads?

It is trivial to detect a browser that is not accepting your cookies. In this case you need to switch to a session ID (which seems to work ok), but you should also warn the user that without cookies enabled you some portions of the site may not work perfectly.

There's nothing you can do if the user comes back with a virgin URL.

If somebody wanted to buy something from you, couldn't, then bothered to email you about it they probably didn't leave your site. You can examine the server logs to see if this is the case.

skuba

I have had the same problem with a custom cart. If a user has cookies completely disabled they can't add anything to their cart, but the cart does generate and an error that informs them that they must enable their cookies. So that solves that problem.

But I still had users who got all the way through and order and when they hit submit they got an error that tells them their cart is empty. Yikes! All data gone.

My host said it was due to high traffic and suggested we upgrade our server, which we did and it hardly ever happens anymore. But once in awhile it does. I think either the server or the database hiccups... and wipes everything out.

Wackal

How hard would it be to modify our carts to issue unique ID to each visitor? Are their any cons to this route?

But I still had users who got all the way through and order and when they hit submit they got an error that tells them their cart is empty. Yikes! All data gone.

This happens a lot too. I think this is when the user was able to get to checkout carrying the info on their session ID, but then they loose it during checkout.

>>I think this is when the user was able to get to checkout carrying the info on their session ID, but then they loose it during checkout.<<

I agree with you skuba because we also use user sessions.

Upgrading our server did eliminate 90% - 95% of these errors. But even a few are too many. Recently, we had one client try to place a HUGE order and this happened. I felt so bad because it probably took him a couple hours of typing. Thankfully he called and he was willing to fax the info rather then resubmit. Now he will only fax because he doesn't trust our cart. Not that I can blame him.

I’d be very interested in finding a fix to this.

See what you think.
Sometimes we have 2500 users shopping at the same time, and all orders go throught fine.

But then sometimes, we have 500 users and 1 of the orders will get lost because of the session ID/cookie problem.

So you guys think that increased traffic can play a strong role in those errors problems, even if normally it's not a problem if everybody has cookies?

I mean, do you think that althoug traffic is not that big or nor a problem if all users have problems, it CAN be a problem if 1 of the users don't have cookies?

DO you know what I mean?

Thanks

Some things to consider... Is this a dedicated or shared server? If shared, what is going on with the other sites it hosts when cart data is lost?

The cart is designed to use cookies and "fall back" to session IDs. Has it been load tested with multiple (hopefully many) ID based shoppers active? Has it been tested with many of both types of shoppers active? Has it been tested to insure it doesn't wipe out cookie based shoppers when an ID based shopper fails? And vice versa?

danieljean,

I guess I was confused as I thought the post was referring to a session ID stored in an ASP session. This still wouldn't work in ASP with cookies disabled and thats why I made the post about putting something in the URL. Sorry!

Do you use authorize.net?
They're under a real ddos attack. We havent been able to put anything through all day...