Jump to content
  • Checkout
  • Login
  • Get in touch


The e-commerce.

Ok please calm me down cause i need help


Recommended Posts

:angry: I am so upset. Over a week long decipher session with my hosting company. whom has been utterly stellar until this point... i woke up to my website "not working" in the store areas because of register globals.


Let me start at the beginning.

They offer oscommerce installation. i waited three days and did it myself because i am impatient and like to do things myself.

There is a security warning that pops up when you enter my store. why??? because i the certificate doesnt "MATCH" my site. that is because it is through my hosting. therefore the CERT is registered to the hosting.com.

I emailed them tellign them i didnt like it, and the package included everythign i needed for a secure connection, blah blah and it would cost me money! it will literally drive customers AAY from my site.

I inquired how we could take care of it. i even offered to PAY for a cert in my name and have them install it (since ive never done that and thought id pay so i didnt have to learn it LOL)


i got a reply last night but didnt check my site. the guy didnt understand anything i said and said i was getting that error because i was mixing secure and insecure items on my pages (like pictures) im not----- everything is in the https folder. so ive declared his idiocy. He thought i meant a different security pop up. Please tell me now if i am being unclear(it could be me!)


So i email back and explain in excuricating detailt hat that was not my problem and reiterated everything in detail trying to explain it further and how i am not pleased as it would lose revenue.

They replied with:(this is paste!)

You definitely have to redo your website because your coding had been a mess. It is

happening because you have mixed up secure and non-secure items under one page. It's

either you have to recreate your site again or you'll have to hire a professional to

help you create your site. We have installed OS Commerce correctly and the problem

is just within your coding.

Let me say that i think this guy is a well lets jsut not say it. i felt insulted. my site worked perfectly and he cant understand that i just want a friggin cer that matches my site and i feel i should have been TOLd that it wouldnt. this is costing me 60 a quarter, and i have antoehr domain pointed there(more money), etc. they never said a shared CERT or a CERT in hosting companies name.



FAST FORWARD to this morning.

i woke up to my website "not working" int he store areas because of register globals.


a quick search here told me i needed those files in the store directories. Isntantly the sotre(s) started workign properly again.

so i go to the wholesale store(pass protected) i go RIGHT IN.

an open door.

WTF?? what happened to my htaccess?

there are multiple files missing and there is no reason for them to move or recreate any files!

am i out of order here or are they? i know they did something because i can see the date of the changes to the files. the main htpasswd was realigned. i can click view and see a previous or updated version with option to rewrite on the server.

the htpasswd (changed recently) had globals set to "1" whatever that means. it didnt even look like my file!!!!!


so i overwrit with my previous one( i backed up and just for giggles i overwrote witht he option(the previous file on server)


and guess what. that was my file




i know this was really long and drawn out. im sorry . but i have no where else to vent about this. Id like to know what you would do. Im steamign at this company and expecially at whoever thought it was a good idea to fluck with my files. the wholes situation only had to do with the cert files which are above the http and https directory! :ph34r: :ph34r:

Link to comment
Share on other sites

it seems to be working again, but just for giggles ill post it.


Man does that post have lots of typos :blink:

 osCommerce, Open Source E-Commerce Solutions

 Copyright (c) 2003 osCommerce

 Released under the GNU General Public License

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
 define('HTTP_SERVER', 'https://www.savorywholesale.com'); // eg, http://localhost - should not be empty for productive servers
 define('HTTPS_SERVER', 'https://www.savorywholesale.com'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', true); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', 'www.savorywholesale.com');
 define('HTTPS_COOKIE_DOMAIN', 'www.savorywholesale.com');
 define('HTTP_COOKIE_PATH', '/store/');
 define('HTTPS_COOKIE_PATH', '/store/');
 define('DIR_WS_HTTP_CATALOG', '/store/');
 define('DIR_WS_HTTPS_CATALOG', '/store/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
 define('DIR_FS_CATALOG', '/usr/local/psa/home/vhosts/savorywholesale.com/httpsdocs/store/');
 define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

// define our database connection
 define('DB_SERVER', 'corsica.inside.globat.com'); // eg, localhost - should not be empty for productive servers
 define('DB_SERVER_USERNAME', 'xxxx');
 define('DB_SERVER_PASSWORD', 'xxxx');
 define('DB_DATABASE', 'xxxx');
 define('USE_PCONNECT', 'false'); // use persistent connections?
 define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'


I have both stores entirely in https because thats my preference. ;)

Link to comment
Share on other sites

yeah it seems to be ok,,, consider new hosts dude, from the sounds of it the customer support sound like a bunch of a**holes... i don't think you shud pay for ur service to have the support team say its ur fault for a product that they set up, u no what i mean


have a sneak around the site and right click on images then goto properties... confirm that each picture starts of with a https:// infront of the URL, some people have Paypal logos and crap like that at the bottom which is externally linked (URL is someting like www.paypal.com/sucks/stupidlogo.gif :P ) and that can also give you the error problems...


let us know how u handle... im off 2 bed.. ill try and help ya next time im on (prolly tomm night)

Link to comment
Share on other sites

Thanks for the replies. there isnt even any osc files on the http. everythign is on https. the issue is with the cert. i might just spring for an external one and try to figure it out myself. :lol:


im irked they have obviously altered files and changed them with no regard to my htpasswds and stuff.


and they never isntalled it. i did. register globals dont change themselves, do they? is there a ghost on my host??



there is a money back guarentee (30 days) i have too much locked into this i guess. they have my url locked. and i pointed savorygifts there. ill stick it out this quarter(that i paid for.) and i might just call them up and tell them i felt insulted and guilt them into a freebie or something. i get paid to set up websites. just because this is my site doesnt make me less intelligent, does it? :lol: i was thinking of screen capturing the pop up for him.. although i pointed him tot he url and he could see for himself.. but apparently he is illiterate too :lol: :lol: im poking fun for my frustrations.... but ill wait it out. if they change my files again they are getting an angry phone call. :ph34r:

Link to comment
Share on other sites

They probably updated php and apache last night.


I'm not 100% sure why you are putting the blame on the host as you installed/configured it yourself anyway...


Or am I missing the point?

Link to comment
Share on other sites

yes. i bought an oscommerce package that included SSL and cert. i was under the assumptiont he cert would be in my domain name. its in theirs. thats my problem.


and also that they fudged the files on my server becuase they thought i had a different problem.


ive decided to get my own cert ebcause im not risking them looking through thema nd disturbing the files again.


however i was wondering if anyone could give me help on creating a CSR. how and where do i run the command? if its telnet- they have it disabled. :-\


apparently i am not clear enough. there is no error in the code at all its just that i want the ssl cert to say savorywholesale.com beause as of now its registered to my hosting company (obviously shared)


they werent consise with package contents when i purchased. i just want my own cert registered to my domain and i am willing to pay for it at this point. i think the 'cert doesnt match the site' warning on the browser will push customers away.


my best friend told me they would buy from me because they know me, but if it were any other place on the net, they wouldnt. I am not comfortable with that.

Link to comment
Share on other sites

Are you sure your secure url isn't https://savorywholesale.globat.com?


Actually when I go to your site at https://www.savorywholesale.com/

i do not get the error. I only get it at http://www.savorywholesale.com/

Maybe if you set your site up to use both secure and unsecure it will not give the error as it seems the problem is when the URL is Http it throws the error since the pics are all https

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...