Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

The SSL In OsCommerce Guide For The Innocent


Simplyeasier

Recommended Posts

Hi Chris/or anyone with advice,

 

Regarding your editing all 3 files (quote below) and I don't mean to sound dumb here, but I do not have the 3rd configure file. Any suggestions or reasons why not? I wanted to look at this includes/local/config, since I've tried tweaking every little thing I can to make the SSL work with the first 2 config files. I feel that I am getting warm :blush: .

 

Thanks in advance for the help!

Sincerely,

Sharon

 

I have a bit of info that may be useful to some.

 

There are 3 files that I had to edit in order for my SSL to work properly. So far (and i may be mistaken), I have only seen 2 main files being mentioned. (and of course catalog/includes/application_top.php for checking if ur server settings match the ur code.)

 

Here are the files I had to edit:

1. admin/includes/configure.php

2. catalog/includes/configure.php

3. catalog/includes/local/configure.php

 

Once I editted all three of them, it worked flawlessly.

 

My Conficuration:

Godaddy certificate.

Hosted with Hostexcellence.com

osCommerce 2.2

Link to comment
Share on other sites

  • Replies 401
  • Created
  • Last Reply

You still don't have it right - now ALL of your images are coming from an https connection. Below are the correct settings for your site for includes/configure.php.

 

define('HTTP_SERVER', 'http://www.sharonunlimited.com');
define('HTTPS_SERVER', 'https://server1.sslpage.com/~sharonu');
define('ENABLE_SSL', true);
define('HTTP_COOKIE_DOMAIN', 'www.sharonunlimited.com');
define('HTTPS_COOKIE_DOMAIN', 'server1.sslpage.com/~sharonu');
define('HTTP_COOKIE_PATH', '/');
define('HTTPS_COOKIE_PATH', '/');
define('DIR_WS_HTTP_CATALOG', '/');
define('DIR_WS_HTTPS_CATALOG', '/');
define('DIR_WS_IMAGES', 'images/');

 

You are correct about there not being 3 configure.php files. The one (if it exists) in the 'local' folder is for development work only and would override the includes/configure.php file if it was uploaded to the server.

 

Vger

Link to comment
Share on other sites

Hi Vger, thanks for your help in troubleshooting. Here's what the config file has. I haven't changed it since yesterday.

 

define('HTTP_SERVER', 'http://www.sharonunlimited.com');

define('HTTPS_SERVER', 'https://server1.sslpage.com/~sharonu'); define('ENABLE_SSL', true);

define('HTTP_COOKIE_DOMAIN', 'www.sharonunlimited.com');

define('HTTPS_COOKIE_DOMAIN', 'server1.sslpage.com/~sharonu');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', '/');

define('DIR_WS_IMAGES', 'images/');

 

I feel I'm getting warmer here. I also have changed my application_top (although those were not in your original tips) to see if I could get a padlock to stick. No luck.

 

Here are the critical parts of my admin/includes/configure:

define('HTTP_SERVER', 'https://server1.sslpage.com/~sharonu');

define('HTTP_CATALOG_SERVER', 'http://www.sharonunlimited.com');

define('HTTPS_CATALOG_SERVER', 'https://server1.sslpage.com/~sharonu');

define('ENABLE_SSL_CATALOG', 'true');

define('DIR_FS_DOCUMENT_ROOT', '/home/sharonu/public_html/'); define('DIR_WS_ADMIN', '/admin/');

define('DIR_FS_ADMIN', '/home/sharonu/public_html/admin/');

define('DIR_WS_CATALOG', '/'); // absolute path required

define('DIR_FS_CATALOG', '/home/sharonu/public_html/');

define('DIR_WS_IMAGES', 'images/');

 

Thank you so much, Vger.

Sincerely,

Sharon

Link to comment
Share on other sites

Hi again, this is in reply to Alan's tip below. I have tried various versions of the code in my application_top file after creating the test file. I'm still stumped because they don't produce the results. I do notice the base href when I reveal source code is not correct so the switch between SSL and non-SSL it not as it should be.

 

I'm still new here but this tells me I need to check the code in my configure files that directly relates to the <base href="https://..> or http://. Does someone know the relationship to the base? Maybe this is the key to my problem. I need to nail this down asap.

 

Sincerely,

Sharon

 

PS. I have a shared certif. for my SSL on alwayswebhosting.

 

 

I guess I should add one more thing. I'm so used to it that I forget that others might not know.

 

How do you know if your ssl is switching on and off as it should? Simple, in source view, near the top of every page you'll see in your browser you'll find this line:

 

In http (no ssl engaged, regular pages)

 

<base href="http://www.somedomain.com/catalog/"> (assuming you're using the catalog folder)

 

In https (ssl engaged - my account, checkout, etc.)

 

<base href="https://www.somedomain.com/catalog/">

 

or for shared ssl something like this:

 

<base href="https://ssl.myhost.com/somedomain/catalog/">

 

That's it. That's what line 41 is all about, it sets that line. So when you find a broken padlock or the images aren't loading that's the first place you need to look. The goal is to get that switching back and forth as you change from http to https and back.

Link to comment
Share on other sites

There's something very wrong here - because your base href on an http page is https://, and it should not be. This is why your images are loading from https links on an http page. And your base href on an https page is http:// - very odd.

 

I think it is time that you took a look in both of your 'local' folders to see if they contain any alternative configure.php files. They are:

includes/local/

admin/includes/local/

 

If you find any configure.php files in either of those 'local' folders then either rename or delete them. If they exist they override the other configure.php files in the includes and admin/includes folders.

 

Vger

Link to comment
Share on other sites

You are awesome for getting back to me so many times, and for taking time to visit my site. Thank you thank you.

 

I checked my includes/local and there is a cvs ignore and a readme. txt, which says:

 

This directory contains local configuration information.

It also must contain a file named configure.php that can be used to override the defaults set in application_top.php

Remember to execute PHP commands the file needs to start with <?php and end with ?>

 

There are no other files configure files unless they are hidden-??? Also, there are no files in the admin/includes/local.

 

I've checked my full dir backup from 1/21 and there are only 2 configure files that I see.

 

Anything else you can suggest? I'm going nutso!!

Sincerely,

Sharon

Link to comment
Share on other sites

I guess I better add this tip here, it's the logical place after all.

ine 41 line as below does the trick (I'm commenting out the original line for reference).

 

// $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

$request_type = (getenv('HTTP_X_FORWARDED_HOST') == 'ssl.perfora.net') ? 'SSL' : 'NONSSL';

 

I have made these changes discussed previously to get my SSL switching to work. I have one situation where it still doesn't function correctly. I hope that someone can help me.

 

I have stock_check = true, and stock_allow_checkout != true. If my customer ignores the insufficient stock warnings on the shopping cart, and proceeds to checkout, eventually he/she is redirected to the shopping cart again. In this situation the shopping cart is now an SSL page. However, going to the shopping cart directly by clicking on the link in the breadcrumb works correctly.

 

If I am correct, this redirection happens as the checkout_payment.php file runs. It contains a check_stock routine which calls the tep_redirect function.

 

In all other situations, the SSL switching appears to work, that is after I modified the checks in includes/application_top.php and includes/functions/general.php from getenv('HTTPS') == 'on', to getenv('SERVER_PORT') == '443'.

 

I hope someone can assist, as I have read posts until my eyes hurt, and I have not seen this specific error.

 

Ron West

Link to comment
Share on other sites

What is the code in tep_redirect for?

 

This bit of code from checkout_payment.php seems to redirect to login as a SSL page or to the shopping cart as a non-SSL page:

 

<quote>

// if the customer is not logged on, redirect them to the login page

if (!tep_session_is_registered('customer_id')) {

$navigation->set_snapshot();

tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));

}

 

// if there is nothing in the customers cart, redirect them to the shopping cart page

if ($cart->count_contents() < 1) {

tep_redirect(tep_href_link(FILENAME_SHOPPING_CART));

}

</quote>

 

<b>But it doesn't work!</b>

 

Most of the code in tep_redirect seems to be there simply to force the SSL page, overriding the SSL (or null) arguments as shown above. If I make the following change to tep_redirect in includes/functions/general.php, everything seems to work:

 

change this:

 

<quote>

function tep_redirect($url) {

if ( (ENABLE_SSL == true) && (getenv('SERVER_PORT') == '443') ) { // We are loading an SSL page

if (substr($url, 0, strlen(HTTP_SERVER)) == HTTP_SERVER) { // NONSSL url

$url = HTTPS_SERVER . substr($url, strlen(HTTP_SERVER)); // Change it to SSL

}

}

</quote>

 

to this:

 

<quote>

function tep_redirect($url) {

// if ( (ENABLE_SSL == true) && (getenv('SERVER_PORT') == '443') ) { // We are loading an SSL page

// if (substr($url, 0, strlen(HTTP_SERVER)) == HTTP_SERVER) { // NONSSL url

// $url = HTTPS_SERVER . substr($url, strlen(HTTP_SERVER)); // Change it to SSL

// }

// }

</quote>

 

I want to know if I can safely do this? All SSL seems to be flipping on or off correctly now that I have made this change. Are there any 'gotchas' I need to be aware of?

 

Please, can somebody help me on this? I am new to php and I am trying to learn as I go.

 

Ron West

Link to comment
Share on other sites

I want to know if I can safely do this? All SSL seems to be flipping on or off correctly now that I have made this change. Are there any 'gotchas' I need to be aware of?

 

Please, can somebody help me on this? I am new to php and I am trying to learn as I go.

 

Ron West

I discuss that change to /functions/general.php in this thread twice. Once in passing and very explicitly on page 6.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

I discuss that change to /functions/general.php in this thread twice. Once in passing and very explicitly on page 6.

My profound appologies. I have read that section on page 6 many times, but I did not recognize it's application to my current situation. I have modified my includes/functions/general.php to the following and it works perfectly:

 

if ( (ENABLE_SSL == true) && ($request_type == 'SSL') && (getenv('SERVER_PORT') == '443') ) { // We are loading an SSL page

 

thank you Alan,

 

Ron West

Link to comment
Share on other sites

Hi, This may be a stupid question, but please bare with me as im just learning as i go along.

 

I have a hosting package in the UK with streamlinenet. I have applied to have SSL enabled on the account and they tell me this has been carried out, and the sent me some details. These i dont quite understand. What they sent me was:

 

FTP username: SSL_********** Stars are my domain name bit

FTP server (host address): ftp.secured-url.com

 

And a Password.

 

I have followed the instructions here for installing SSL, but the padlock still dosen't appear. Also on the admin main page it says i am NOT SSL protected.

 

Can anyone help? Do i need more info from my hosts?

 

Thanks

Link to comment
Share on other sites

THis was a great post and has helped me get everything in working order except one thing. When I go to my site for the first time, I get a security message stating that a certificate has been issued for mydomain.com and not www.mydomain.com. When I signed up for the cert, I used just mydomain.com. So now whenever someone accesses my site using www.mydomain.com, hey receive a warning. Is there anything I can do to avoid this? Please let me know. I would appreciate any help. Thanks.

Link to comment
Share on other sites

In continuation of the above post, can I change the website so that everything points to mydomain.com instead of www.mydomain.com? Would that be advisable? Should I obtain a wildcard SSL cert? That is something that I would like to avoid. Sorry for all the questions.

Link to comment
Share on other sites

Vger is spreading lies,

 

http://www.streamline.net/kb_results.php?k...tion=&ssection=

 

is a guide that will help you setup oscommerce on streamlinenet/fasthosts.

 

he's in other topics saying the same things I bet he is a hosting company himself and is spreading lies to get your cusom!

I don't think she ever said that you couldn't get osC to run on streamline, I think she said that getting the ssl to work correctly was impossible or nearly so.

 

Nothing in the link you posted implies anything to the contrary.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

I erroneously posted this in General Support -

Hoping to have more luck here.

 

Maybe the solution will be really obvious to someone who's not so new (and stupid) at this.

 

I have two SSL related problems:

1. Annoying Security Alert - "redirect to connection that's not secure" - after login when returning to index.php.

 

2. checkout_shipping.php won't load - 404 error.

 

 

I don't even know enough to know whether index.php should be running under https -- all the time, only after login, when ?

 

my site is www.kicksonastring.com/catalog

 

 

Here's what I've done so far.

 

My server does not have separate httpdocs and httpsdocs folders - just one.

I don't have any FLASH animations or hotlinks to other sites. My image paths are relative.

 

I have followed the advice in this thread on changing application_top.php and general.php.

When I ran myenv.php the only variable that showed up was SERVER_PORT = 443 so I used that as the test in both files.

 

My catalog/includes/configure.php is as follows:

(My SSL certificate was issued with the www.)

define('HTTP_SERVER', 'http://www.kicksonastring.com'); // eg, http://localhost - should not be empty for productive servers
 define('HTTPS_SERVER', 'https://www.kicksonastring.com'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', true); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', 'www.kicksonastring.com');
 define('HTTPS_COOKIE_DOMAIN', 'www.kicksonastring.com');
 define('HTTP_COOKIE_PATH', '/catalog/');
 define('HTTPS_COOKIE_PATH', '/catalog/');
 define('DIR_WS_HTTP_CATALOG', '/catalog/');
 define('DIR_WS_HTTPS_CATALOG', '/catalog/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

 

Any help would be much appreciated. I'm stucker than stuck.

Link to comment
Share on other sites

Holy Moly - I think I fixed my above-mentioned Security Alert problem. Is this work-around going to bite me later on?

 

In AlanR's fabulous fix for general.php, I just eliminated the $request_type test.

 

I changed it (in sheer desperation) from:

 

if ( (ENABLE_SSL == true) && ($request_type == 'SSL') && (getenv('SERVER_PORT') == '443') ) { // We are loading an SSL page

 

TO:

 

if ( (ENABLE_SSL == true) && (getenv('SERVER_PORT') == '443') ) { // We are loading an SSL page

 

 

and it seems to work okay - no security alerts, padlock popping on and off nicely.

 

 

I still have my other problem, however:

It can't load checkout_shipping.php, nowever Error 404. Any ideas?

Link to comment
Share on other sites

  • 2 weeks later...

Please help :o

Does anone here have any ideas how to fix this?

I am pulling no external images, have no affiliates, have changed admin/includes/configure.php to https and searching +SSL+godaddy results in 26,243 results!

 

Hi all.

 

Thanks in advance for your help!

 

I have tried alot of SSL solutions for other problems but none have worked for mine.

 

When browsing the main catalog the site is partially encrypted as seen in the 1st address bar.

 

Going to AlanR's great script and the site is fully encrypted as is the admin area (2nd and 3rd address bars). However the main admin page says that it is not.

 

encrypt.gif

 

Clicking the lock from the 1st address bar gives this info box.

 

part-encrypt.gif

 

This hosted with godaddy.

Link to comment
Share on other sites

  • 2 weeks later...

Hello,

 

this problem has been driving me crazy for few weeks now and I don't seem to be able to figure it out. The following comments from my visitors are different but might all be related:

now I finally got logged in, and upon checking out, the page: https://originalabsinthe.com/checkout_shipping.php has a "continue" link that only returns me to the same page continously.
So far I have been unable to recreate the above situation.
I was trying to purchase some absinthe off of your site but every time I went to checkout it never would let me past the address screen if you could help me with my purchase or tell me what I might have done wrong...
The reason I've not completed the transaction is because I'm having some sort of odd browser failure. When I hit the 'transmit' button on the payment screen, it 'flashes' my browser and remains on the page.
I tried to complete my purchase, but when I went to checkout the computer let me to a site which it said was unavailable. I tried several times, but the same thing happened. I would very much like to purchase your product...

 

I tested the checkout process using Netscape and all seems to be working fine, however in IE during the checkout process if I hit continue button on checkout_shipping, checkout_payment or checkout_confirmation, I receive "page not found" message. I go back, hit the continue button again and all is fine. Sometimes I need to go back two or three times.

 

This is output from myenv:

 

https://originalabsinthe.com/myenv.php

 

HTTP HOST: originalabsinthe.com

Server Port: 443

SSL Status: on

Fowarded Server:

Fowarded Host:

Fowarded By:

 

http://www.originalabsinthe.com/myenv.php

 

HTTP HOST: www.originalabsinthe.com

Server Port: 80

SSL Status:

Fowarded Server:

Fowarded Host:

Fowarded By:

 

And this is my configure.php

 

define('HTTP_SERVER', 'http://www.originalabsinthe.com');

define('HTTPS_SERVER', 'https://originalabsinthe.com');

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', '.originalabsinthe.com');

define('HTTPS_COOKIE_DOMAIN', '.originalabsinthe.com');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', '/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_CACHE', DIR_WS_IMAGES . 'imagecache/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', '/home/httpd/vhosts/originalabsinthe.com/httpdocs/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

I'm using .originalabsinthe.com in cookie path as suggested by Chemo and Clarocque quite a few times here.

 

I'm not 100% sure if this is the right thread but there must be somebody who could help me nail it down, please. My site is here.

Absinthe Original Liquor Store

Link to comment
Share on other sites

Hello,

 

I'm not 100% sure if this is the right thread but there must be somebody who could help me nail it down, please. My site is here.

If you're using http://www.originalabsinthe.com as the http server the cookie domain should match.

 

ie: define('HTTP_COOKIE_DOMAIN', '.www.originalabsinthe.com');

 

If I were you I'd just switch the http server to:

 

define('HTTP_SERVER', 'http://originalabsinthe.com');

 

It's more consistent.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

I have read through most of these messages and forgive me if I'm missing the obvious, but I'm having just a small amount of trouble with the SSL.

 

I have everything working, I can access images using both HTTP & HTTPS.

 

I go to the webpage, it loads the HTTP version, I click "My Account" which redirects me to my https://www.intotheoven.com/login.php, I proceed to login, so far so good....

 

I can then click on the catalog, home page, add items to the cart, etc... I'm still logged in but using HTTP pages at this point...

 

Then when I hit "Checkout", this is where the problem happens. It redirects me to the "https://www.intotheoven.com/checkout_shipping.php" page and anywhere from 20% - 70% of the time, I will get a blank page. There are no errors in my Apache log files and if I just go up to the URL bar of the browser and hit return (or reload button), it will pull it up correctly everytime.

 

I have verified this problem on Firefox, Safari, and IE.

 

Any ideas?

Link to comment
Share on other sites

Hi

 

I know this has been discussed a lot but I have done everything.

 

Domain: www.adultmallusa.com

Certificate: www.adultmallusa.com (Trial from thawte)

 

*Sorry if you do not like site contents.. it is just business

 

The catalog directory is in the root, that means site/catalog is accessible via http://www.adultmallusa.com/

Checkout shipping page gives 404.

 

 

This is includes/configure.php

--------------------------------------------------------

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.adultmallusa.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://www.adultmallusa.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.adultmallusa.com');

define('HTTPS_COOKIE_DOMAIN', 'www.adultmallusa.com');

define('HTTP_COOKIE_PATH', 'www.adultmallusa.com');

define('HTTPS_COOKIE_PATH', 'www.adultmallusa.com');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', '/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

 

 

This is includes/admin/configure.php

--------------------------------------------------------

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.adultmallusa.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTP_CATALOG_SERVER', 'http://www.adultmallusa.com');

define('HTTPS_CATALOG_SERVER', 'https://www.adultmallusa.com');

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

define('DIR_FS_DOCUMENT_ROOT', '/home/rishtaco/public_html/adultmallusa/'); // where the pages are located on the server

define('DIR_WS_ADMIN', '/admin/'); // absolute path required

define('DIR_FS_ADMIN', '/home/rishtaco/public_html/adultmallusa/admin/'); // absolute pate required

define('DIR_WS_CATALOG', '/'); // absolute path required

define('DIR_FS_CATALOG', '/home/rishtaco/public_html/adultmallusa/'); // absolute path required

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

 

 

Thanks for your help

 

Anil

Link to comment
Share on other sites

My SSL for my checkout is working fine, but when i try it for the admin control panel it doesn't work.

 

define('HTTP_SERVER', 'http://www.chapelradiocontrol.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTP_CATALOG_SERVER', 'http://www.chapelradiocontrol.com');

define('HTTPS_CATALOG_SERVER', 'https://chapelradiocontrol.com');

define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

 

This is how my admin/include/configure.php looks. When i go to the admin URL it logs me in ok with SSL, but when i click any of the "action" buttons it takes me back to an unsecure page. Any ideas what im doing wrong

 

Cheers

 

Daz

Link to comment
Share on other sites

  • 2 weeks later...
I have read through most of these messages and forgive me if I'm missing the obvious, but I'm having just a small amount of trouble with the SSL.

 

I have everything working, I can access images using both HTTP & HTTPS.

 

I go to the webpage, it loads the HTTP version, I click "My Account" which redirects me to my https://www.intotheoven.com/login.php, I proceed to login, so far so good....

 

I can then click on the catalog, home page, add items to the cart, etc... I'm still logged in but using HTTP pages at this point...

 

Then when I hit "Checkout", this is where the problem happens. It redirects me to the "https://www.intotheoven.com/checkout_shipping.php" page and anywhere from 20% - 70% of the time, I will get a blank page. There are no errors in my Apache log files and if I just go up to the URL bar of the browser and hit return (or reload button), it will pull it up correctly everytime.

 

I have verified this problem on Firefox, Safari, and IE.

 

Any ideas?

 

xao,

 

I am a newbie with OScommerce, and am having the same issue or similar issue. Just added the SSL to my config file.

 

With is added:

Can add product, when checkout asks me to log-in. I log in and everything in my cart is gone. States "Your Shopping Cart is empty!"

 

Without SSL:

can ad product, when checkout asks me to log-in. I log in and everything I added to my cart is still there and I can proceed with check out.

 

Any ideas? This post is awesome by the way. Thanks for all your help!

 

Sincerely, TK421

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...