WS Evolution Posted July 27, 2006 Posted July 27, 2006 Some customers seem to expect all pages to be secure after logging in. I am fully aware that this is not needed, but the loss of the padlock in your browser and a nice message highlighting the fact you are moving from a secure page does seem to worry the customer. Has anyone implemented any code, which secures all pages when logged in? I would guess that someone else would of thought of doing this????. If so how did you go about implimating the code? Any other suggestions and help would be much appreciated. If no one has writen code to achive this, I will be doing it my self, but theres no point reinventing the wheel so to speak! Thanks in advance, Gareth.
jpweber Posted July 27, 2006 Posted July 27, 2006 Gareth -- I don't have a solution, so I'm sorry, but I do think your idea is a good idea, and I'd like to implement any solution we find to this, as well. Excellent suggestion, and I'll keep tabs on this (and research on my own), as well, J Jason Simple 1-2-3 Intructions on how to get, install and configure SSL The Google Sandbox explained Simple to follow instructions on how to change the look of your OSC How To Make A Horrible OSC Website my toolbox: All things WordPress-related - All things Adobe-related - PHP Designer 2007 - Codecanyon Junkie - Crimson Editor - Winmerge - phpMyAdmin - WS_FTP my installed contributions: Category Banners, File Upload feature-.77, Header Tags, Sort_Product_Attributes_1, XSellv2.3, Price Break 1.11.2, wishlist 3.5, rollover_category_images_v1.2, Short_Description_v2.1, UPSXML_v1_2_3, quickbooks qbi_v2_10, allprods v4.4, Mouseover-effect for image-buttons 1.0, Ultimate_SEO, AAP 1.41, Auto Select State Value, Fast Easy Checkout, Dynamic SiteMap v2.0, Image Magic, Links Manager 1.14, Featured Products, Customer Testimonials, Article Manager, FAQ System, and I'm sure more ...
WS Evolution Posted July 27, 2006 Author Posted July 27, 2006 Gareth -- I don't have a solution, so I'm sorry, but I do think your idea is a good idea, and I'd like to implement any solution we find to this, as well. Excellent suggestion, and I'll keep tabs on this (and research on my own), as well, J Thanks Jason, Looks like there will be at least two of us working on this. Hopefully I will have time tomorrow to do some further research and have a peak at the SSL related code.
Jack_mcs Posted July 27, 2006 Posted July 27, 2006 There's no need for extra code. Just edit to your configure file to use https instead of http. You may get some error messages on some pages but that would be due to non-secure links on the page and you would have to fix those as you see them. Jack Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons
WS Evolution Posted August 4, 2006 Author Posted August 4, 2006 Changing the configure file would make the shop use SSL at all times, unless I am missing something. This is not what I am after. What I would like is to have is all pages set as https only when you?re logged in. Something like this in the application top: if (!tep_session_is_registered('customer_id')) { require('includes/configure_secure.php'); } else { require('includes/configure.php'); } or if (!tep_session_is_registered('customer_id')) { define('HTTP_SERVER', 'https://www.?????????.com'); } Yet to be tested!
Guest Posted August 4, 2006 Posted August 4, 2006 http://www.oscommerce.com/forums/index.php?s=&...st&p=908651
WS Evolution Posted August 4, 2006 Author Posted August 4, 2006 http://www.oscommerce.com/forums/index.php?s=&...st&p=908651 Perfect just the answer I was looking for. Thanks Mark :D For those who read this post try changing the HTML href link wrapper function to: function tep_href_link($page = '', $parameters = '', $connection = 'NONSSL', $add_session_id = true, $search_engine_safe = true) { global $request_type, $session_started, $SID; if( tep_session_is_registered('customer_id') ) { $connection = 'SSL'; } Found at the top of includes/html_output.php
WS Evolution Posted August 9, 2006 Author Posted August 9, 2006 Perfect just the answer I was looking for. Thanks Mark :D For those who read this post try changing the HTML href link wrapper function to: function tep_href_link($page = '', $parameters = '', $connection = 'NONSSL', $add_session_id = true, $search_engine_safe = true) { global $request_type, $session_started, $SID; if( tep_session_is_registered('customer_id') ) { $connection = 'SSL'; } Found at the top of includes/html_output.php If you have modified function tep_href_link try just adding the following at the top of the function: if( tep_session_is_registered('customer_id') ) { $connection = 'SSL'; } Works perfect :)
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.