6

In header.phtml file using 

Mage::getSingleton('customer/session')->isLoggedIn()

we can check user is logged in or not.

If SSL is active on frontend then above function works fine if accessing page using https request but for all non secure pages using http request it fails.

How we can check user is logged in or not on all pages ie with http and https request in header.phtml?

Improve this question
6
  • 2
    The code you mentioned should work independent from the protocol you are using. If it doesn't work for you it may mean that you may have an issue with the session management. For example, the welcome message in the header is shown depending on the state of the customer (logged in or not) and it works on a default installation. Check Mage_Page_Block_Html_Header::getWelcome() for confirmation. Commented Jul 9, 2013 at 6:48
  • Nice thought - the welcome block is a really good example of the logged in layout handle. Commented Jul 9, 2013 at 6:50
  • welcome block is not working even if cache is disable. Commented Jul 9, 2013 at 7:24
  • 1
    Then my bet is on a server problem, mostly on a session management issue. Commented Jul 9, 2013 at 8:08
  • It will really helpful if you describe little bit in detail. thanks in advance... Commented Jul 9, 2013 at 8:17

3 Answers 3

Reset to default
3

This should work for all page types - my guess is a cached block. Try the following:

  • Append ?no_cache=true to the end of your HTTP-only url
  • Disable all caches and retry
  • Relocate your check to another region - e.g. place it in page/3columns.phtml to verify that it is working as expected.
Improve this answer
2
  • I tried all above your suggestions even welcome block suggested by Marius but still not working... Commented Jul 9, 2013 at 7:28
  • I am not using any other domain for https. My current settings for secure and unsecure URL are as follows unsecure: domain.com and secure: domain.com will this www secure URL will make any difference? Commented Jul 9, 2013 at 10:19
2

Make sure your session cookies are accessible via both http and https.

You will need to enter in .domain.com in Magentos admin->system->configuration->web->cookie domain. You will need to make the cookie available to your other domains in order for it to be read. This is the same with all web applications.

Reference:

Improve this answer
2
  • I am not using any other domain for https. My current settings for secure and unsecure URL are as follows unsecure: http://domain.com/ and secure: https://www.domain.com/ will this www secure URL will make any difference? Commented Jul 9, 2013 at 9:35
  • 1
    Yes, the missing www from http could be the root cause. Commented Jul 9, 2013 at 23:45
0

I am unsure if you are still in need for the question to be answered, but may be any new visitor may find it answering to concerning issues.

Such issues usually come up with cookie settings sometimes. You can change the settings from

System > Settings > Web > Session Cookie Management

And set the value for 'Use HTTP Only' to No and save, afterward clear cache and test. Hope this helps.

Improve this answer

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.