slc02722 Posted December 11, 2005 Posted December 11, 2005 When I create a new account everything works fine. The padlock appears when I?m on a secure page and it goes away if I?m not. The problem is when I log in as a returning customer. I get the following message from Internet Explorer: You are about to be redirected to a connection that is not secure. The information you are sending to the current site might be retransmitted to a nonsecure site. Do you wish to continue? I choose ?yes? and I?m sent to index.php (non-secure). I?m logged in and everything else works fine. I don?t want returning customers to have this message. Any ideas? thanks
mi_jaiten Posted December 11, 2005 Posted December 11, 2005 When I create a new account everything works fine. The padlock appears when I?m on a secure page and it goes away if I?m not. The problem is when I log in as a returning customer. I get the following message from Internet Explorer: You are about to be redirected to a connection that is not secure. The information you are sending to the current site might be retransmitted to a nonsecure site. Do you wish to continue? I choose ?yes? and I?m sent to index.php (non-secure). I?m logged in and everything else works fine. I don?t want returning customers to have this message. Any ideas? thanks I think you'll find that as you are re-opening the site on the same PC it is remembering your cookies from the last visit was an https page so to test delete cookies then go to your site home page again (It shouldn't give the warnings) Kind Regards, Michelle.
slc02722 Posted December 11, 2005 Author Posted December 11, 2005 Deleting the cookies didn?t work. I?ve also tried from another computer with the same results.
AlanR Posted December 11, 2005 Posted December 11, 2005 Did you make any change to application_top.php to get the ssl working correctly? Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)
slc02722 Posted December 11, 2005 Author Posted December 11, 2005 I set it up application_top.php like this: $request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL'; the results of myenv.php: http: HTTP HOST: www.paintballtx.com Server Port: 80 SSL Status: Fowarded Server: Fowarded Host: Fowarded By: https: HTTP HOST: www.paintballtx.com Server Port: 443 SSL Status: Fowarded Server: Fowarded Host: Fowarded By:
AlanR Posted December 11, 2005 Posted December 11, 2005 I set it up application_top.php like this: $request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL'; That's what I figured. See my post at: http://www.oscommerce.com/forums/index.php?s=&...ndpost&p=748409 Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)
slc02722 Posted December 11, 2005 Author Posted December 11, 2005 After a lot of reading I made this change to catalog/includes/functions/general.php: if ( (ENABLE_SSL == true) && (getenv('HTTP_X_FORWARDED_HOST') == '') ) { // We are loading an SSL page It works fine now, but I think I could have saved a lot of time if I knew what a 1&1 server is. I felt too dumb to ask b/c it?s used over and over in this forum.
AlanR Posted December 11, 2005 Posted December 11, 2005 After a lot of reading I made this change to catalog/includes/functions/general.php: if ( (ENABLE_SSL == true) && (getenv('HTTP_X_FORWARDED_HOST') == '') ) { // We are loading an SSL page It works fine now, but I think I could have saved a lot of time if I knew what a 1&1 server is. I felt too dumb to ask b/c it’s used over and over in this forum. Nope, you should make it like so: if ( (ENABLE_SSL == true) && (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';) ) { // We are loading an SSL page Just think through it, I can't describe every eventuality in the posts. 1&1 is a hosting company. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)
AlanR Posted December 11, 2005 Posted December 11, 2005 Too many parenthesis in that post, ignore it. if ( (ENABLE_SSL == true) && (getenv('SERVER_PORT') == '443') ) { // We are loading an SSL page Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)
slc02722 Posted December 12, 2005 Author Posted December 12, 2005 if ( (ENABLE_SSL == true) && (getenv('SERVER_PORT') == '443') ) { // We are loading an SSL page That was the first thing I tried. It seemed obvious. It didn't work. This worked perfectly: if ( (ENABLE_SSL == true) && (getenv('HTTP_X_FORWARDED_HOST') == '') ) In fact I tried about a dozen combinations before I got the one that worked. If I've still made a mistake, please let me know what it is. Also - thanks for all your help. :thumbsup:
AlanR Posted December 12, 2005 Posted December 12, 2005 That was the first thing I tried. It seemed obvious. It didn't work. This worked perfectly: if ( (ENABLE_SSL == true) && (getenv('HTTP_X_FORWARDED_HOST') == '') ) In fact I tried about a dozen combinations before I got the one that worked. If I've still made a mistake, please let me know what it is. Well, since you're on dedicated ssl and (getenv('HTTP_X_FORWARDED_HOST') == '') will always be true you could just replace that line with: if (ENABLE_SSL == true) { // We are loading an SSL page which is kind of counterproductive. ;) Basically what you are doing is setting: <base href="https://www.paintballtx.com/"> for every redirect whether you're coming from an http link or an https link. It will eliminate any warnings for sure but it also means you're pulling images from https when you don't need to. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)
Recommended Posts
Archived
This topic is now archived and is closed to further replies.