Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Secure nonsecure


RonS

Recommended Posts

Hello all, Appreciate any help I can get on this one.

I have had installed the SSL Cert and have set all known parameters so that I can run a secure site. Unfortunately I receive an error of secure - nonsecure items on page in IE when trying to access the "My Account"page or for that matter any secure page. If I select to not show nonsecure items that page looks and appears to be identical to the page if I selected show nonsecure items. If I use Firefox to view the page I receive no such errors and all seems to work great.

I have read all kinds of threads out there on this issue but none seem to match my issue. Where do I start looking for a solution to this problem? I'm a novice at this and this is my first attempt at secure sites.

Below is my current configuration, is it accurate for a secure site? It looks different than the admin/includes/configure.php file. Does that matter?

 

includes/configure.php

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.store.surfcitycruiser.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://www.store.surfcitycruiser.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.store.surfcitycruiser.com');

define('HTTPS_COOKIE_DOMAIN', 'www.store.surfcitycruiser.com');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', '/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', '/home/surfcity/www/store/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

Why does it not match the configure file in the admin/includes/ directory?

 

I'm hoping that this is just one of those real stupid things that I'm overlooking due to lack of sleep. Perhaps a fresh eye on this will see it?

 

Ron

Link to comment
Share on other sites

Hello all, Appreciate any help I can get on this one.

I have had installed the SSL Cert and have set all known parameters so that I can run a secure site. Unfortunately I receive an error of secure - nonsecure items on page in IE when trying to access the "My Account"page or for that matter any secure page. If I select to not show nonsecure items that page looks and appears to be identical to the page if I selected show nonsecure items. If I use Firefox to view the page I receive no such errors and all seems to work great.

I have read all kinds of threads out there on this issue but none seem to match my issue. Where do I start looking for a solution to this problem? I'm a novice at this and this is my first attempt at secure sites.

Below is my current configuration, is it accurate for a secure site? It looks different than the admin/includes/configure.php file. Does that matter?

 

includes/configure.php

// Define the webserver and path parameters

// * DIR_FS_* = Filesystem directories (local/physical)

// * DIR_WS_* = Webserver directories (virtual/URL)

define('HTTP_SERVER', 'http://www.store.surfcitycruiser.com'); // eg, http://localhost - should not be empty for productive servers

define('HTTPS_SERVER', 'https://www.store.surfcitycruiser.com'); // eg, https://localhost - should not be empty for productive servers

define('ENABLE_SSL', true); // secure webserver for checkout procedure?

define('HTTP_COOKIE_DOMAIN', 'www.store.surfcitycruiser.com');

define('HTTPS_COOKIE_DOMAIN', 'www.store.surfcitycruiser.com');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', '/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', '/home/surfcity/www/store/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

Why does it not match the configure file in the admin/includes/ directory?

 

I'm hoping that this is just one of those real stupid things that I'm overlooking due to lack of sleep. Perhaps a fresh eye on this will see it?

 

Ron

 

 

Read the Documentation. It addresses this issue.

Link to comment
Share on other sites

Hi,

 

This is what my code looks like towards the bottom of the file in footer.php:

}

<?php

if ($request_type != 'SSL') {

<p><center><!--WEBBOT bot="Script" startspan PREVIEW="Site Meter" -->

<script type="text/javascript" language="JavaScript">var site="s19davikwebstore"</script>

<script type="text/javascript" language="JavaScript1.2" src="http://s19.sitemeter.com/js/counter.js?site=s19davikwebstore">

</script>

<noscript>

<a href="http://s19.sitemeter.com/stats.asp?site=s19davikwebstore" target="_top">

<img src="http://s19.sitemeter.com/meter.asp?site=s19davikwebstore" alt="Site Meter" border="0"/></a>

</noscript>

}

?>

<!-- Copyright ©2005 Site Meter -->

<!--WEBBOT bot="Script" Endspan -->

 

The 1st line that has a <?php is line 62 in my file.

 

This is the error msg I get in the store since I tried to try my own programing using what was in the documentation:

 

Parse error: parse error, unexpected '<' in /home/amerint/public_html/davikwebstore/includes/footer.php on line 62

/end of error msg.

 

The good news is that the annoying secure/nonsecure items msg is gone.

 

Now can someone please help me figure out how to get rid of the error msg, please? :)

 

Thanks!

Link to comment
Share on other sites

I found this and it worked for me!!! It's so simple, too!

 

"So, OK Keg. To be as clear as I can, this is what cyanide and stevel taught me.

Go to catalog/includes/application_top.php and find this:

$request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

in my case (our host is the same) my host was looking for a "1" where it says "on". I made this small change and everything works fine for me now. There was nothing wrong with my certificate or the way I had modified my cart or anything else. It was just a little difference in the way our host's software recognizes ssl requests. You may have more to do, as cyanide said, but try this first. It was so quick and simple!" Brushwood.

 

http://www.oscommerce.com/forums/lofiversion/i...hp/t118944.html

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...