Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Fantastico Foul-up? Admin URL's pointing outside of sub-folder


Guest

Recommended Posts

Posted

after a "successful" Fantastico installation of osCommerce on my Linux server, i proceeded to follow the initial link to view the installation, and in doing so, came upon the "What's New Here" page which has a "Log Yourself In" link near the top. I clicked that link only to receive a server error page which indicated a time-out. further investigation led me to believe that perhaps the SID was incorrect, or "timed out", but then i realized that the sub-directory designated for the osC installation wasn't even indicated in the URL!

 

thinking that perhaps this was a minor flaw, i added the correct subdirectory to that URL so that it read correctly, for example, https://oscommerce.mysite.com/login.php?osCsid=123xyz.... (instead of previously just https://mysite.com/login.php?osCsid=123xyz....), but that didn't work either. i tried removing the "s" from https:, and still nothing. Clicked "My Account", and again i receive the error page.

 

it wasn't until i went into cPanel File Manager, followed the folder structure to "Admin" folder, and finally navigated to: http://www.mysite.com/oscommerce/admin/index.php at which time i reached the "Admin" section of OSC. in the lower-left hand corner, there is a notice stating: You are not protected by a secure SSL connection.

 

any suggestions on what is wrong and how i should fix this?

 

thanks!

Posted

Regarding this which is now my 2nd non-functional, Fantastico-installed osCommerce application, what is it precisely that i should be looking for in, for example, in the files mentioned in the thread at the URL provided above? From what i've understood from this, the concern seems to focus on the SSL CRT moreso than the content of the PHP, however two files are cited, in my case those would be:

/home/mydomain/public_html/my-oscommerce-dir/includes/configure.php 

/home/mydomain/public_html/my-oscommerce-dir/admin/includes/configure.php

when i saw the obvious importance of this SSL variable (not PHP variable, but in terms of why this isn't working-- the very presence, or lack thereof an SSL CRT), i realized that i of course i didn't have a cert because i didn't realize i needed one before performing this installation-- (fantastico didn't tell me-- i should have looked at the manual installation instructions first thing-- Lesson Learned here, people!). so, i had no SSL Cert, so that's not goign to work. so, i went back and created one for the root and one for the sub-domain. the site still didn't work, albeit, i changed nothing else w/in that installation. it should be noted that the default fantastico referenced "hostname" address is the ROOT, yet this installation is going into a subdirectory (in the root of that subdirectory), so, being want to trust Fantastico, because it has been so darn Fantastic for me in the past, in this first unsuccessful installation, i left that variable as the default, so "secure hostname" was submitted in the Fantastico setup as my-(un)securehostname-root.com.

 

another peculiarity of this first unsuccessful install was that when i clicked from the OSCommerce "Welcome" screen, the first screen i'm directed to from Fantastico, the URL linked from the text

Welcome Guest! Would you like to log yourself in?
, i was taken to the web site root, only w/ a session id in the URL and the https: protocol. from this, i finally deduced that the seemingly (probably, most certainly) incorrect PATH was due to the fact that i allowed Fantastico to submit that default value of my-securehostname-root.com, instead of what it probably should have been my-catalog.my-securehostname-root.com. so, i removed that installation completely (but left the CRT's in place for good measure), and created a new sub-domain, and a new CRT for that subdomain. only, this time during installation, i modified that value for "Secure server hostname in case you use SSL" from my-securehostname-root.com to my-newsubdomain.my-securehostname-root.com

 

to further define my unique situation, while looking in admin/includes/configure.php, i see the following code (and more of course):

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
 define('HTTP_SERVER', 'http://my-oscommerce-dir.mydomain.com'); // eg, [url=http://localhost]http://localhost[/url] - should not be empty for productive servers
 define('HTTP_CATALOG_SERVER', 'http://my-oscommerce-dir.mydomain.com');
 define('HTTPS_CATALOG_SERVER', 'https://my-oscommerce-dir.mydomain.com');
 define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module

it's unfortunate that i didn't change only ONE variable in this, my second failed installation-- instead, not only did i first go into cPanel and create an SSL (KEY), then a (CSR), and finally, a (CRT) -- which i had NOT done upon the first installation, the second value which was different this time is that my-newsubdomain.my-securehostname-root.com

 

so, now that i'm still facing a "malfunctioning" osCommence app-- do you have any suggestions for my next step in troubleshooting? after all of this, i'd like to try at least a few things before removing this install-- and finally attempting a clean, completely manual installation (which is probably what i should have done in the first place!!)

 

thanks! oh, and sorry this was lengthy, i just figured i might as well describe everything as clearly as possible. thanks for your understanding, and your patience!

Posted

here's a little something i just noticed-- and i'm unsure if this is "correct" or "erroneous" (as i'm unsure whether this fits the definition of "absolute" or not) i mean, 6 months ago, i would have thought "hell, that's not an "absolute" URL! no wonder it's messing up!", but now i'm not so sure-- as a matter of fact, i think it IS, but i can't say for sure (it has to do w/ that leading slash, right? that makes it absolute?)

define('DIR_WS_ADMIN', '/admin/'); // absolute path required
 define('DIR_FS_ADMIN', '/home/myusername/public_html/dropzone/admin/'); // absolute pate required
 define('DIR_WS_CATALOG', '/'); // absolute path required
 define('DIR_FS_CATALOG', '/home/myusername/public_html/dropzone/'); // absolute path required

where "dropzone" is the "osCommerce" root directory (public_html being the site root).

 

does this look right?

Posted

I don't have time to wade through such a lengthy post (!) but can tell you that you don't need your own SSL in order to get Fantastico to work and your store to install properly. If your ISP is any good they should have provided you with a free, shared SSL for you to use.

 

You can simply use this when installing the store thru Fantastico rather than purchasing your own dedicated IP and security certificate.

 

Find out from your ISP what the URL of the shared SSL is for your account. Below is an example of a store using shared SSL and a store using it's own unique one:

 

SHARED

define('HTTP_SERVER', 'http://mystore.com');

define('HTTPS_SERVER', 'https://host393.ipowerweb.com/~mystore');

 

OWN/DEDICATED

define('HTTP_SERVER', 'http://mystore.com');

define('HTTPS_SERVER', 'https://mystore.com');

Posted
I don't have time to wade through such a lengthy post (!)
wow! no time to read a few paragraphs? how did you ever have time to learn anything about SSL?

 

If your ISP is any good
does something about my experience w/ oscommerce indicate otherwise? are you implying that i should expect more? i don't understand... i don't think that my hosting provider would have any idea what software i've installed. i feel like i'm missing something here...
Posted
wow! no time to read a few paragraphs? how did you ever have time to learn anything about SSL?

 

Because unlike bloated and unwieldy posts - SSL interests me. Try and keep your posts a bit more clear and concise. You'll get more responses that way.

 

i don't think that my hosting provider would have any idea what software i've installed.

 

No your ISP wouldn't - but they (again if they are any good) should have anticipated their customers' needs for an SSL and so should have provided them all (you included) with a free one. If you use this then you will find your store will work.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...