Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SSL loginbox help


Stevethehat

Recommended Posts

My site has a full SSL cert applied which is fine. However I also have a loginbox (contrib 2538) on my homepage. This is not showing as https on login.php or create_account.php. Does anyone know how to fix this so that it is fully ssl secure.

 

Any suggestions very welcome

Link to comment
Share on other sites

My site has a full SSL cert applied which is fine. However I also have a loginbox (contrib 2538) on my homepage. This is not showing as https on login.php or create_account.php. Does anyone know how to fix this so that it is fully ssl secure.

 

Any suggestions very welcome

 

Looking at the popularity of login boxes I would have thought that this would have been something of an issue. Here is the code for the loginbox which I have configured for SSL:

 

<?php

/*

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2002 osCommerce

 

Released under the GNU General Public License

 

Autologin added by DJ Downey http://www.liquidgfx.com

 

*/

 

// WebMakers.com Added: Do not show if on login or create account

if ( (!strstr($_SERVER['PHP_SELF'],'login.php')) and (!strstr($_SERVER['PHP_SELF'],'create_account.php')) and !tep_session_is_registered('customer_id') ) {

?>

<!-- loginbox //-->

<?php

if (!tep_session_is_registered('customer_id')){

 

?>

 

 

<tr>

<td>

<?php

$info_box_contents = array();

$info_box_contents[] = array('align' => 'left',

'text' => BOX_LOGINBOX_HEADING

);

new infoBoxHeading($info_box_contents, $newtheme, false, false);

$loginboxcontent = "

<form name=\"login\" method=\"post\" action=\"" . tep_href_link(FILENAME_LOGIN, 'action=process') . "\">

<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"0\">

<tr>

<td align=\"center\" class=\"infoBoxContents\">

" . tep_box_greeting_top() . "

</td>

</tr>

<tr>

<td align=\"center\" class=\"infoBoxContents\">

" . BOX_LOGINBOX_EMAIL . "

</td>

</tr>

<tr>

<td align=\"center\" class=\"infoBoxContents\">

<input type=\"text\" name=\"email_address\" maxlength=\"96\" size=\"15\" value=\"\">

</td>

</tr>

<tr>

<td align=\"center\" class=\"infoBoxContents\">

" . BOX_LOGINBOX_PASSWORD . "

</td>

</tr>

<tr>

<td align=\"center\" class=\"infoBoxContents\">

<input type=\"password\" name=\"password\" maxlength=\"40\" size=\"15\" value=\"\">

</td>

</tr>

<tr>

<td align=\"center\" class=\"infoBoxContents\">

<A HREF=\"" . tep_href_link(FILENAME_PASSWORD_FORGOTTEN, '', 'SSL') . "\">" . BOX_LOGINBOX_FORGOT_PASSWORD . "</A>

</td>

</tr>

<tr>

<td><br>

</td>

</tr>

<tr>

<td class=\"infoBoxContents\" align=\"center\">

" . tep_image_submit('button_login.gif', IMAGE_BUTTON_LOGIN) . "

 

</td>

</tr>

<tr>

<td><br>

</td>

</tr>

<tr>

<td align=\"center\" class=\"infoBoxContents\">

<A HREF=\"" . tep_href_link(FILENAME_CREATE_ACCOUNT, '', 'SSL') . "\">" . BOX_LOGINBOX_NEW . "</A>

</td>

</tr>

</table>

</form>

";

$info_box_contents = array();

$info_box_contents[] = array('align' => 'center',

'text' => $loginboxcontent

);

new infoBox($info_box_contents);

?>

</td>

</tr>

<?php

} else {

// If you want to display anything when the user IS logged in, put it

// in here... Possibly a "You are logged in as :" box or something.

}

?>

<!-- loginbox_eof //-->

<?php

// WebMakers.com Added: My Account Info Box

} else {

if (tep_session_is_registered('customer_id')) {

?>

 

<!-- my_account_info //-->

<tr>

<td>

<?php

$info_box_contents = array();

$info_box_contents[] = array('align' => 'left',

'text' => BOX_HEADING_LOGIN_BOX_MY_ACCOUNT

);

new infoBoxHeading($info_box_contents, $newtheme, false, false);

$loginboxcontent = "

<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"0\">

<tr>

<td align=\"center\" class=\"loginBoxGreeting\">

" . tep_box_greeting_top() . "

</td>

</tr>

<tr>

</table>

<br>

";

$info_box_contents = array();

$info_box_contents[] = array('align' => 'left',

'text' => $loginboxcontent .

'<a href="' . tep_href_link(FILENAME_ACCOUNT, '', 'SSL') . '">' . LOGIN_BOX_MY_ACCOUNT . '</a><br>' .

'<a href="' . tep_href_link(FILENAME_ACCOUNT_EDIT, '', 'SSL') . '">' . LOGIN_BOX_ACCOUNT_EDIT . '</a><br>' .

'<a href="' . tep_href_link(FILENAME_ACCOUNT_HISTORY, '', 'SSL') . '">' . LOGIN_BOX_ACCOUNT_HISTORY . '</a><br>' .

'<a href="' . tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL') . '">' . LOGIN_BOX_ADDRESS_BOOK . '</a><br>' .

'<a href="' . tep_href_link(FILENAME_LOGOFF, '', 'SSL') . '"><b>' . LOGIN_BOX_LOGOFF . '</b></a>'

);

new infoBox($info_box_contents);

?>

</td>

</tr>

<!-- my_account_info_eof //-->

 

<?php

}

}

?>

Am i missing something obvious? As I say everything is fine except on the homepage login.php & create_account.php which remain stubbornly on http. Does the index.php have to be tweaked in some way?

 

Any thoughts appreciated.

Link to comment
Share on other sites

If you look at the original post you made on UH you'll see my solution (yes, it is correct, and has been tested).

 

Vger

 

Many thanks. I thought you'd given up on me. Now I've altered

 

<form name=\"login\" method=\"post\" action=\"" . tep_href_link(FILENAME_LOGIN, 'action=process') . "\">

 

to this:

 

<form name=\"login\" method=\"post\" action=\"" . tep_href_link(FILENAME_LOGIN, 'action=process', 'SSL') . "\">

 

as suggested and indeed login.php and all the subcategories are now OK. The only issue remaining is that the loginbox password_forgotten.php & create_account.php continue to be http. Interestingly if you log in and then log off, the logoff.php page shows the password_forgotten.php & create_account.php links as https.

Link to comment
Share on other sites

Many thanks. I thought you'd given up on me. Now I've altered

 

<form name=\"login\" method=\"post\" action=\"" . tep_href_link(FILENAME_LOGIN, 'action=process') . "\">

 

to this:

 

<form name=\"login\" method=\"post\" action=\"" . tep_href_link(FILENAME_LOGIN, 'action=process', 'SSL') . "\">

 

as suggested and indeed login.php and all the subcategories are now OK. The only issue remaining is that the loginbox  password_forgotten.php & create_account.php continue to be http. Interestingly if you log in and then log off, the logoff.php page shows the password_forgotten.php & create_account.php links as https.

 

This is carrying me deeper into my non-existant PHP skills than I would ideally wish. Can somebody get me over the line with this one. I have now got the create_account.php link working from the home page. Unfortunately it shows in the loginbox as:

 

' . BOX_LOGINBOX_NEW .''

 

Can anybody tweak this to make it work.

 

The code is currently as:

 

</tr>

<tr>

<td align=\"center\" class=\"infoBoxContents\">

'<a href=". tep_href_link(FILENAME_CREATE_ACCOUNT, 'action=process', 'SSL'). ">' . BOX_LOGINBOX_NEW .'</a>'

</td>

</tr>

</table>

</form>

 

thanks :'(

Link to comment
Share on other sites

This is carrying me deeper into my non-existant PHP skills than I would ideally wish. Can somebody get me over the line with this one. I have now got the create_account.php link working from the home page. Unfortunately it shows in the loginbox as:

 

' . BOX_LOGINBOX_NEW .''

 

Can anybody tweak this to make it work.

 

The code is currently as:

 

</tr>

              <tr>

                <td align=\"center\" class=\"infoBoxContents\">

                '<a href=". tep_href_link(FILENAME_CREATE_ACCOUNT, 'action=process', 'SSL'). ">' . BOX_LOGINBOX_NEW .'</a>'

                </td>

              </tr>

            </table>

            </form>

 

thanks :'(

Link to comment
Share on other sites

 

While this has largely been a conversation with myself I suspect a solution to this might be of use to someone in the future. Basically to fix I edited loginbox.php as follows:

 

<?php

/*

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2002 osCommerce

 

Released under the GNU General Public License

 

Autologin added by DJ Downey http://www.liquidgfx.com

 

*/

 

// WebMakers.com Added: Do not show if on login or create account

if ( (!strstr($_SERVER['PHP_SELF'],'login.php')) and (!strstr($_SERVER['PHP_SELF'],'create_account.php')) and !tep_session_is_registered('customer_id') ) {

?>

<!-- loginbox //-->

<?php

if (!tep_session_is_registered('customer_id')){

 

?>

<tr>

<td>

<?php

$info_box_contents = array();

$info_box_contents[] = array('align' => 'left',

'text' => BOX_LOGINBOX_HEADING

);

new infoBoxHeading($info_box_contents, $newtheme, false, false);

$loginboxcontent = "

<form name=\"login\" method=\"post\" action=\"" . tep_href_link(FILENAME_LOGIN, 'action=process', 'SSL') . "\">

<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"0\">

<tr>

<td align=\"center\" class=\"infoBoxContents\">

" . tep_box_greeting_top() . "

</td>

</tr>

<tr>

<td align=\"center\" class=\"infoBoxContents\">

" . BOX_LOGINBOX_EMAIL . "

</td>

</tr>

<tr>

<td align=\"center\" class=\"infoBoxContents\">

<input type=\"text\" name=\"email_address\" maxlength=\"96\" size=\"15\" value=\"\">

</td>

</tr>

<tr>

<td align=\"center\" class=\"infoBoxContents\">

" . BOX_LOGINBOX_PASSWORD . "

</td>

</tr>

<tr>

<td align=\"center\" class=\"infoBoxContents\">

<input type=\"password\" name=\"password\" maxlength=\"40\" size=\"15\" value=\"\">

</td>

</tr>

<tr>

<td align=\"center\" class=\"infoBoxContents\">

<A HREF=" . tep_href_link(FILENAME_PASSWORD_FORGOTTEN, 'action=process', 'SSL') . ">" . BOX_LOGINBOX_FORGOT_PASSWORD . "</A>

</td>

</tr>

<tr>

<td><br>

</td>

</tr>

<tr>

<td class=\"infoBoxContents\" align=\"center\">

" . tep_image_submit('button_login.gif', IMAGE_BUTTON_LOGIN) . "

 

</td>

</tr>

<tr>

<td><br>

</td>

</tr>

<tr>

<td align=\"center\" class=\"infoBoxContents\">

<a href=". tep_href_link(FILENAME_CREATE_ACCOUNT, 'action=process', 'SSL'). ">" . BOX_LOGINBOX_NEW ."</a>

</td>

</tr>

</table>

</form>

";

$info_box_contents = array();

$info_box_contents[] = array('align' => 'center',

'text' => $loginboxcontent

);

new infoBox($info_box_contents);

?>

</td>

</tr>

<?php

} else {

// If you want to display anything when the user IS logged in, put it

// in here... Possibly a "You are logged in as :" box or something.

}

?>

<!-- loginbox_eof //-->

<?php

// WebMakers.com Added: My Account Info Box

} else {

if (tep_session_is_registered('customer_id')) {

?>

 

<!-- my_account_info //-->

<tr>

<td>

<?php

$info_box_contents = array();

$info_box_contents[] = array('align' => 'left',

'text' => BOX_HEADING_LOGIN_BOX_MY_ACCOUNT

);

new infoBoxHeading($info_box_contents, $newtheme, false, false);

$loginboxcontent = "

<table border=\"0\" width=\"100%\" cellspacing=\"0\" cellpadding=\"0\">

<tr>

<td align=\"center\" class=\"loginBoxGreeting\">

" . tep_box_greeting_top() . "

</td>

</tr>

<tr>

</table>

<br>

";

$info_box_contents = array();

$info_box_contents[] = array('align' => 'left',

'text' => $loginboxcontent .

'<a href="' . tep_href_link(FILENAME_ACCOUNT, '', 'SSL') . '">' . LOGIN_BOX_MY_ACCOUNT . '</a><br>' .

'<a href="' . tep_href_link(FILENAME_ACCOUNT_EDIT, '', 'SSL') . '">' . LOGIN_BOX_ACCOUNT_EDIT . '</a><br>' .

'<a href="' . tep_href_link(FILENAME_ACCOUNT_HISTORY, '', 'SSL') . '">' . LOGIN_BOX_ACCOUNT_HISTORY . '</a><br>' .

'<a href="' . tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL') . '">' . LOGIN_BOX_ADDRESS_BOOK . '</a><br>' .

'<a href="' . tep_href_link(FILENAME_LOGOFF, '', 'SSL') . '"><b>' . LOGIN_BOX_LOGOFF . '</b></a>'

);

new infoBox($info_box_contents);

?>

</td>

</tr>

<!-- my_account_info_eof //-->

 

<?php

}

}

?>

 

and then edited includes/languages/english/loginbox.php as follows:

 

<?php

/*

WebMakers.com Added: loginbox.php

Originally written by: Aubrey Kilian <[email protected]>

Re-written by Linda McGrath [email protected]

http://www.thewebmakerscorner.com

 

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2002 osCommerce

 

Released under the GNU General Public License

*/

define('BOX_GREETING_TOP_GUEST', 'Welcome <span class="greetUser">Guest!</span><br><br></small>');

define('BOX_GREETING_TOP_PERSONAL', '<small>Welcome back<br><span class="greetUser">%s!</span><br></small>');

define('BOX_LOGINBOX_HEADING', 'Login Here');

define('BOX_LOGINBOX_EMAIL', 'E-Mail address:');

define('BOX_LOGINBOX_PASSWORD', 'Password:');

define('BOX_LOGINBOX_NEW', '<center><u>create an account</u><center>');

define('BOX_LOGINBOX_FORGOT_PASSWORD', '<center><u>(forgotten password?)</u></center><br>');

define('IMAGE_BUTTON_LOGIN', 'Login');

 

define('BOX_HEADING_LOGIN_BOX_MY_ACCOUNT','My Profile Info');

define('LOGIN_BOX_ACCOUNT_EDIT','Edit Profile Info.');

define('LOGIN_BOX_ACCOUNT_HISTORY','Profile History');

define('LOGIN_BOX_ADDRESS_BOOK','My Address Book');

define('LOGIN_BOX_PRODUCT_NOTIFICATIONS','Product Notifications');

define('LOGIN_BOX_MY_ACCOUNT','General Information');

define('LOGIN_BOX_LOGOFF','<b>Log Off</b>');

?>

 

Remember this applies only to loginbox contrib 2538 (wish I'd never heard of it!). Anyway always nice to see a happy ending.

:D

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...