We are experiencing an unusual error after launching our site.
We have two options of payment for our app, Credit Card (using Paypal to
process the payment) and Paypal Express Checkout (which for anyone who doesn't
know, involves redirecting the user to Paypal and then back to your site to
confirm the purchase).
My problem is happening with the Express Checkout method. I'll try and break
down what is happening is steps.
!I SHOULD NOTE THIS IS ALL PROCESSED OVER HTTPS!
1. User fills out sign up form on our site, then selects Paypal as payment
option, then submits form.
2. Session variables are set based on the data the user entered. A call is made
to to Paypal using the API to get a Token for the transaction.
3. Once the token is received, we apprend it to a paypal url and redirect the
user to that url (the Paypal site)
4. The user logs in, agree's to the transaction and is redirected back to our
site (Where their session should be waiting for them). This is really where the
problem is. Since launching we have had a few random (seemingly) errors from
someone who's session has been lost. I noted the user_agent of the user was an
iPad. Now, we have an iPad in the office but we are able to sign up fine on it.
As we can't replicate the error we are finding it incredibly difficult to fix.
I'm happy to provide any additional info anyone may think is useful, I'm just a
bit stumped as to what's going on and could use some advice.
Here are the relevant parts on my Application.cfc file.
<cfscript>
this.name = "Example";
this.setclientcookies="yes";
this.sessionmanagement="yes";
this.sessiontimeout= CreateTimeSpan(0,0,15,0);
this.setdomaincookies="yes";
</cfscript>
<!---
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: ::::::::
--->
<cffunction name="onSessionStart" returnType="void" output="false">
<!--- I have a feeling this could be the culprit but I'm not sure how. This is
legacy code from a previous developer. --->
<cfcookie name="CFID" value="#Session.CFID#"
domain=".example.com" httponly="true">
<cfcookie name="CFTOKEN" value="#Session.CFTOKEN#"
domain=".example.com" httponly="true">
</cffunction>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:351798
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
