The Foxy forums are on the move!

We're in the process of moving our forums over to a new system, and so these forums are now read-only.
If you have a question about your store in the meantime, please don't hesitate to reach out to us via email.

Passing my $_SESSION to the SSO

in Help edited May 2013
Hi guys,

Last question I think forever. My store requires users to have an account, so during the account creation I pass all the user info to the API. This is working fine. My problem is coming from the SSO. I'm trying to get the user's email or username to grab the foxycart_customer_id from my database, but I'm having trouble knowing how to run the SQL query on the currently logged in user. I wanted to pass a $_SESSION, but it seems that when I go to the checkout the $_SESSION is not longer available. So I'm wondering how to pass some form of who is logged in, to my SSO file. I know I can make a hidden input with the value of their username, but I still don't know how to access this on the SSO file.

Here's the code I got from the wiki.
$user_is_authenticated = true;
// Put in your FoxyCart api / datafeed access key here.
// This value should match the value setup in your
// FoxyCart admin under "advanced".
$foxycart_api_key = '#########';
// Put in your full foxycart store domain here.
$foxycart_domain = '';
// If the user is not logged in, do you still want to
// allow them to proceed to checkout?
$allow_non_auth_checkout = false;
// if not, you must specify a redirect page (such as your login page?)
$redirect_url = '';
// Put in your database query or session variable here
// for the current logged in user's FoxyCart customer_id

$host = localhost;
$dbshop = ###;
$user = ###;
$pass = ###;


// Does not work
//$u_user = $_SESSION['user'];

$dbh = new PDO("mysql:host=$host;dbname=$dbshop",$user,$pass);
$stmt = $dbh -> prepare('SELECT foxy_customer_id FROM customers WHERE u_user = "'.$u_user.'"');
$stmt -> execute();
$row = $stmt -> fetch();

$foxycart_customer_id = $row['foxy_customer_id'];

Any thoughts on how to grab this?

  • fc_adamfc_adam FoxyCart Team

    Is $_SESSION how you access the details of the logged in user elsewhere in your site? When the SSO endpoint is hit, it's effectively FoxyCart redirecting back to your own site - so you should definitely have access to the users session information for your site. One thing you may need to consider is if there is some additional code that needs to be included in your SSO endpoint to have access to the session data from your website?

    Otherwise, if you do include the email of the logged in user as a hidden session attribute of the cart, you'd need to send off a request to get the cart like you do for a JSONP request. We have an example of requesting the cart object in our example code here:
  • @fc_adam,
    I thought that the $_SESSION should work, I kept thinking that for some reason the SESSION was getting killed by foxycart. In fact it was just me not understanding Wordpress sessions. My SSO file wasn't included in the Wordpress theme, it was just a php file that I had made to handle the exchange. That's why the session wasn't carrying over. I sorted it. It's almost launch time.

    Thank for the help!

  • fc_adamfc_adam FoxyCart Team

    Awesome - glad you were able to get it sorted.
Sign In or Register to comment.