Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

Security/Encryption, and HTTPS

fireboy63

By fireboy63
in General Support

Recommended Posts

fireboy63

fireboy63

Posted
Posted

Hello all!

 

I am working with osCommerce and PHP for the first time, but pick things up rather quickly. Here's my issue: I have built a great looking shopping cart for Uncle Jess's BBQ Sauces and Rubs which can be seen at Uncle Jess's osCommerce shopping cart. When I check out the information about the page, it says that the cart is not secure or encrypted (which, from my research, is not good.)

 

However, when I change the address to https://unclejess.net/catalog/index.php, it shows me a page where everything is secure...however, it is missing images and formatting and everything. Click here to see Uncle Jess's MESSED UP shopping cart!

 

So, I need to know what to do to fix the appearance of the "https" page so that I can link the website to it, therefore allowing our valued customers to finally shop online in a secure environment. ;)

 

Thanks for any help you guys can give!

 

Derek

fireboy63

fireboy63

Posted
  • Author
Posted

Wow - can I not get a response from ANYBODY on here?

 

I realize that it may be a simple answer, but I have searched through tons of threads on this forum and not found a real answer to this issue. I'd sure appreciate at least ONE person's help.

 

Ignoring is not a good way to welcome somebody to a forum... :blush:

 

The cart I'm working on is for an actual client (not for my own personal gain), so I need help ASAP. Thanks!

fireboy63

fireboy63

Posted
  • Author
Posted

I forgot to post my configure.php file for you all to scrutinize. Here goes:

 

================================================

 

define('HTTP_SERVER', 'http://unclejess.net'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://unclejess.net'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'http://www.unclejess.net');

define('HTTPS_COOKIE_DOMAIN', 'https://www.unclejess.net');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

define('DIR_WS_HTTP_CATALOG', '/catalog/');

define('DIR_WS_HTTPS_CATALOG', '/catalog/');

define('DIR_WS_IMAGES', '/catalog/images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', dirname($HTTP_SERVER_VARS['SCRIPT_FILENAME']));

 

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

// define our database connection

define('DB_SERVER', ''); // eg, localhost - should not be empty for productive servers

define('DB_SERVER_USERNAME', '');

define('DB_SERVER_PASSWORD', '');

define('DB_DATABASE', 'osCommerce');

define('USE_PCONNECT', 'false'); // use persistent connections?

define('STORE_SESSIONS', ''); // leave empty '' for default handler or set to 'mysql'

?>

===============================================

By changing some things up, I was able to get my images going on the https:// version of my cart, but when you click on any buttons (i.e. checkout, add to cart), it takes you to pages that are http:// (non-secure) to complete your order.

 

Farkin' encryption! What I am doing wrong?!?!? ARGH! :angry:

 

(I use H-Sphere as my hosting, if that helps.) :blush:

rjohnson

rjohnson

Posted
Posted

looks like your settings are ok, I think you need to just make an image directory on your ssl server and copy all the images over. That might do it for you.

Guest

Guest

Posted
Posted

this part is wrong:

 

define('DIR_WS_IMAGES', '/catalog/images/');

 

should be:

 

define('DIR_WS_IMAGES', 'images/');

 

also remove the http:// and https:// from your cookie settings

fireboy63

fireboy63

Posted
  • Author
Posted
this part is wrong:

 

define('DIR_WS_IMAGES', '/catalog/images/');

 

should be:

 

define('DIR_WS_IMAGES', 'images/');

 

also remove the http:// and https:// from your cookie settings

 

Thanks to you both for a reply finally!!! :D

 

I changed the '/catalog/images/' to just 'images/' as Mibble suggested, but that didn't seem to unbreak my images - it still says that there are secure/nonsecure images, and asks if I want to display them.

 

I'm not sure how to make an image directory on my SSL server, as rjohnson suggested. I am using Dreamweaver MX, and this site is on a shared server as part of a webhosting reseller program through VIP Hosting (using H-Sphere control panel).

 

I also found another little line I had a question about:

 

============================================

<?

define('HTTP_SERVER', 'http://unclejess.net');

 

define('DIR_FS_DOCUMENT_ROOT', $DOCUMENT_ROOT . '../');

define('DIR_FS_LOGS', '../admin/logs');

 

define('ENABLE_SSL', 0);

// define our database connection

define('DB_SERVER', 'mysql.4ssihosting.com');

define('DB_SERVER_USERNAME', 'XXXXXXX');

define('DB_SERVER_PASSWORD', 'XXXXXXX');

define('DB_DATABASE', 'XXXXXXX');

define('CONFIGURE_STATUS_COMPLETED', 1);

define('USE_PCONNECT', 'false');

define('STORE_SESSIONS', 'mysql');

?>

===========================================

 

The line that reads "define('ENABLE_SSL', 0)" is what concerned me...should that zero be a one, or a two or something? Is that turning secure socket layers on, and what does that mean to my website/shopping cart?

 

Here is the current configuration.php setup as of this posting:

 

===========================================

define('HTTP_SERVER', 'https://unclejess.net'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://unclejess.net'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'unclejess.net');

define('HTTPS_COOKIE_DOMAIN', 'unclejess.net');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

define('DIR_WS_HTTP_CATALOG', '/catalog/');

define('DIR_WS_HTTPS_CATALOG', '/catalog/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', dirname($HTTP_SERVER_VARS['SCRIPT_FILENAME']));

 

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

// define our database connection

define('DB_SERVER', ''); // eg, localhost - should not be empty for productive servers

define('DB_SERVER_USERNAME', '');

define('DB_SERVER_PASSWORD', '');

define('DB_DATABASE', 'osCommerce');

define('USE_PCONNECT', 'false'); // use persistent connections?

define('STORE_SESSIONS', ''); // leave empty '' for default handler or set to 'mysql'

===========================================

 

Can anyone make sense of my error messages yet? Hope so. Thanks again!

Guest

Guest

Posted
Posted

why are you doing this?

 

 

define('DIR_FS_DOCUMENT_ROOT', $DOCUMENT_ROOT . '../');

 

this is wrong and is causing your error

 

define('DIR_FS_DOCUMENT_ROOT', $DOCUMENT_ROOT);

 

if you want it to define something else, then it screws up the whole program as everything is based upon your document root

fireboy63

fireboy63

Posted
  • Author
Posted
why are you doing this?

define('DIR_FS_DOCUMENT_ROOT', $DOCUMENT_ROOT . '../');

 

this is wrong and is causing your error

 

define('DIR_FS_DOCUMENT_ROOT', $DOCUMENT_ROOT);

 

if you want it to define something else, then it screws up the whole program as everything is based upon your document root

 

I fixed the Document Root issue and it seemed to help. Now I am getting the "secure/non-secure" message only. I'll try and find a solution for that, too, now. Thanks for the help Mibble, et. al.!

Guest

Guest

Posted
Posted

there is something in your code doing that, try placing a generic index.php (no modifications, etc) in place of the current one.

dont forget to back up the one you are currently using.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...