ShopSite Forums

[knucklehead]

Why is the store id different between these two ORDER ANYWHERE (OA) URLS…. See the store id in the links below…

http://_________.com/cgi-bin/sc/order.cgi?storeid=*1c368efac09b01d7802516fb49446636&dbname=products&sku=PURCHASE5519&function=add


http://--------.com/cgi-bin/sc/order.cgi?storeid=*104b8310940696e06fd5&dbname=products&sku=PURCHASE4254&function=add

This is a huge issue – we have a system that basically auto creates these add to cart urls for us – we were told that everything in a OA url is the same except the SKU –

[Jim]

The encrypted storeid is created using several components including the time that it is created. So any time that the encrypted storeid is generated it will be different. However any of the encrypted values for a particular storeid can be used in orderanywhere links and it will be properly decrypted by the software.

You could use the actual storeid instead of the encrypted value if you want to, but since the storeid is the actual Windows user on a windows system that would give a hacker half of the info they need to get into a server so encrypting it makes things safer. On Linux, FreeBSD and Solaris the storeid user is not an actual user on the system so there is not a server security issue there..

So if you have an automated system creating your OA buttons just stick with one of the encrypted values and everything will be ok.