cookies error

[parma]

Hey,

I have been looking through the forums trying to find how I can get the cookies to work however, no luck so far. Below I have inserted my code for the includes/configure.php. When I log into the administration page it tells me the that the site is not protected by a secure ssl connection, what other steps need to be taken for this to be protected?

 

My hosting company "Bluehost" told me I need to buy a dedicated ip, is that the only way I can get the cookies to work and for the site to be protected by ssl?

 

Would really appreciate the help, everything else so far seems to be working so thats good :)

 

Thanks people.

 

parma

 

<?php
/*
 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com

 Copyright (c) 2003 osCommerce

 Released under the GNU General Public License
*/

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
 define('HTTP_SERVER', 'http://www.gloveclub.co.uk'); // eg, http://localhost - should not be empty for productive servers
 define('HTTPS_SERVER', 'https://secure.bluehost.com/~gloveclu'); // eg, https://localhost - should not be empty for productive servers
 define('ENABLE_SSL', true); // secure webserver for checkout procedure?
 define('HTTP_COOKIE_DOMAIN', 'www.gloveclub.co.uk');
 define('HTTPS_COOKIE_DOMAIN', 'secure.bluehost.com/~gloveclu');
 define('HTTP_COOKIE_PATH', '/');
 define('HTTPS_COOKIE_PATH', '/');
 define('DIR_WS_HTTP_CATALOG', '/');
 define('DIR_WS_HTTPS_CATALOG', '/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
 define('DIR_FS_CATALOG', '/home/gloveclu/public_html/');
 define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
 define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

// define our database connection
 define('DB_SERVER', 'localhost'); // eg, localhost - should not be NULL for productive servers
 define('DB_SERVER_USERNAME', '********);
 define('DB_SERVER_PASSWORD', '*******');
 define('DB_DATABASE', 'gloveclu_osc1');
 define('USE_PCONNECT', 'false'); // use persistent connections?
 define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql'
?>

[♥Vger]

The 'Force Cookie Use' feature in osCommerce requires that the http and https cookie domains match up. So you can use it if you have no ssl at all, and you can use it if you have a full ssl cert - but you can't use it with shared ssl (because the domains don't match).

 

Vger

[parma]

Im sorry im a noob, I read that the 'Force Cookie Use' would not work with shared ssl. Does this mean I have to get a dedicated ip for my ssl so that both my domain and ssl match up?

[parma]

I just contacted bluehost and they told me that it is possible to get the ssl working with their shared hosting as a few of their clients have done so already. The only real problem I get on the site now is "Cookie Usage" page when I go to checkout, I also get a secure and nonsecure items on a page message. Is there anyway I can get these sorted on my shared ssl?

[♥Vger]

Blue Host are wrong. The 'Force Cookie Use' feature will not work with a shared ssl. They are probably mistaking your request with info on their shared ssl working properly with osCommerce.

 

As long as you have 'Force Cookie Use' set to true with a shared ssl the cookie_usage.php page is the only one you're going to see.

 

Vger

[parma]

Thanks for your help Vger, I have now purchased a dedicated ip and a ful ssl certificate :) so hopefully I will be able to get it working.

 

If I require any more help I shall post, which is quite likely since im a noob lol.

 

Ciao

[zboyblue]

I too am seeing that some site visitors are seeing the cookie page but I have a ssl cert and dedicated IP. Is it just that some people do not have cookies enabled and that is it or could there be some problem?

 

Craig