Guest Posted October 26, 2006 Posted October 26, 2006 My site is hosted on Linux (and is working fine). My provider offers only Shared SSL which they host on Windows 2003. I have followed their instructions, but I am getting lots of errors when I access any SSL areas of the site: see errors below. (It's Fasthosts.co.uk for those in the know). I understand the problem must be with the /tmp directory as its different on each platform. I have read posts and set the following: define('STORE_SESSIONS', 'mysql'); but as I am not a developer, I am not sure this will help. I have been sending emails to their tech support and going around and around for almost two weeks and there is no resolution on the horizon. They said they don't know how to fix my problem, so I REALLY need help on this. Going Crazy!! Thanks
GemRock Posted October 26, 2006 Posted October 26, 2006 1. post some more info here (there's no error msg in your post), perhaps a link? 2. ask your host if there's any osc site hosted on their linux servers but shared ssl on a windows box; 3. if too much hassle, then consider switching host. Ken commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile). over 20 years of computer programming experience.
Guest Posted October 26, 2006 Posted October 26, 2006 Here is the site Link: http://www.supercanvas.com I have put the new configure files back on-line so you can see them This what I am getting on every SSL page accessed. Warning: session_save_path() [function.session-save-path]: open_basedir restriction in effect. File(/tmp) is not within the allowed path(s): (e:\sslroot;c:\winnt\temp;) in e:\sslroot\supercanvas\includes\functions\sessions.php on line 213 Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at e:\sslroot\supercanvas\includes\functions\sessions.php:213) in e:\sslroot\supercanvas\includes\functions\sessions.php on line 68 Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at e:\sslroot\supercanvas\includes\functions\sessions.php:213) in e:\sslroot\supercanvas\includes\functions\sessions.php on line 68 Warning: Cannot modify header information - headers already sent by (output started at e:\sslroot\supercanvas\includes\functions\sessions.php:213) in e:\sslroot\supercanvas\includes\functions\general.php on line 29 I have asked them if there are other customers on the same configuration and all they say is they don't know how to fix the problem. ask OsCommerce!! As for changing providers. I subscribed for a full year, on October 4th!! Thanks for answering the post.
digbydo Posted October 26, 2006 Posted October 26, 2006 Fasthosts have dozens if not hundreds of sites using OSC and shared certs. Technical *should* be able to assist, just pester them :) one-click installation.. Dave's info
GemRock Posted October 26, 2006 Posted October 26, 2006 If the error msg is anything to go by, try to create the /tmp folder at: e:\sslroot or c:\winnt\temp or both, or some more other places - it doesn't harm. Ken commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile). over 20 years of computer programming experience.
Guest Posted October 26, 2006 Posted October 26, 2006 If the error msg is anything to go by, try to create the /tmp folder at: e:\sslroot or c:\winnt\temp or both, or some more other places - it doesn't harm. Ken Hi Ken, Where would the e: be. My e: is my DVD and the shared SSL is at https://vault2.secured-url.com/supercanvas, so I am not sure where you mean. I am totally new to this and not a developer, so forgive me that I don't understand where I would put such a thing. Thanks - B
GemRock Posted October 26, 2006 Posted October 26, 2006 Hi Ken, Where would the e: be. My e: is my DVD and the shared SSL is at https://vault2.secured-url.com/supercanvas, so I am not sure where you mean. I am totally new to this and not a developer, so forgive me that I don't understand where I would put such a thing. Thanks - B Well they appear in the error msg: Warning: session_save_path() [function.session-save-path]: open_basedir restriction in effect. File(/tmp) is not within the allowed path(s): (e:\sslroot;c:\winnt\temp;) in e:\sslroot\supercanvas\includes\functions\sessions.php on line 213 As its a windows server then it'd have these drive letters. Use your ftp software to connect to the server, and try to create the folder tmp to as higher a level as possible as you may not see the drive letters via ftp. You have to believe what it says in the error msg first until proved otherwise. Or what about post your configure.php here (the first 10 or so lines will do)? commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile). over 20 years of computer programming experience.
Guest Posted October 26, 2006 Posted October 26, 2006 Well they appear in the error msg: Warning: session_save_path() [function.session-save-path]: open_basedir restriction in effect. File(/tmp) is not within the allowed path(s): (e:\sslroot;c:\winnt\temp;) in e:\sslroot\supercanvas\includes\functions\sessions.php on line 213 As its a windows server then it'd have these drive letters. Use your ftp software to connect to the server, and try to create the folder tmp to as higher a level as possible as you may not see the drive letters via ftp. You have to believe what it says in the error msg first until proved otherwise. Or what about post your configure.php here (the first 10 or so lines will do)? HI, I created a /tmp on the Linux server under the htdocs folder and on the shared SSL folder, where I have access to. Here is the configure.php I put it in the includes folder on Linux and also in the includes folder on the shared SSL. <?php /* osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright © 2003 osCommerce Released under the GNU General Public License */ // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', 'http://www.supercanvas.com'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://vault2.secured-url.com/supercanvas'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'www.supercanvas.com'); define('HTTPS_COOKIE_DOMAIN', 'https://vault2.secured-url.com/supercanvas'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); define('DIR_WS_HTTP_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', '/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/'); define('DIR_FS_CATALOG', '/home/nas03l/s/supercanvas.com/user/htdocs/'); define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/'); // define our database connection define('DB_SERVER', '*********'); // eg, localhost - should not be empty for productive servers define('DB_SERVER_USERNAME', '*********'); define('DB_SERVER_PASSWORD', '********'); define('DB_DATABASE', '********'); define('USE_PCONNECT', 'false'); // use persistent connections? define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql' define('WARN_CONFIG_WRITEABLE','false'); ?> The last define in the configure file was required by Fasthosts as part of their instructions, but I am not sure what it does, as they never explained it. Thanks for your help, I REALLY appreciate it. B.
GemRock Posted October 26, 2006 Posted October 26, 2006 A couple of things to try: The cookie domain does not normally have the https:// in it. So define('HTTPS_COOKIE_DOMAIN', 'https://vault2.secured-url.com/supercanvas'); should be: define('HTTPS_COOKIE_DOMAIN', 'vault2.secured-url.com/supercanvas'); or define('HTTPS_COOKIE_DOMAIN', 'vault2.secured-url.com/supercanvas.com'); Did your host told you the set the https server the following way: define('HTTPS_SERVER', 'https://vault2.secured-url.com/supercanvas'); It'd have been: define('HTTPS_SERVER', 'https://vault2.secured-url.com/supercanvas.com'); The last define has nothing to do the with problem. Ken commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile). over 20 years of computer programming experience.
Guest Posted October 27, 2006 Posted October 27, 2006 A couple of things to try: The cookie domain does not normally have the https:// in it. So define('HTTPS_COOKIE_DOMAIN', 'https://vault2.secured-url.com/supercanvas'); should be: define('HTTPS_COOKIE_DOMAIN', 'vault2.secured-url.com/supercanvas'); or define('HTTPS_COOKIE_DOMAIN', 'vault2.secured-url.com/supercanvas.com'); Did your host told you the set the https server the following way: define('HTTPS_SERVER', 'https://vault2.secured-url.com/supercanvas'); It'd have been: define('HTTPS_SERVER', 'https://vault2.secured-url.com/supercanvas.com'); The last define has nothing to do the with problem. Ken Tried both - one at a time and still the same error. The instructions on Fasthosts site does NOT tell me the correct syntax to use, I just copied it from the information in my control panel on the location of my SSL folder. Thanks again, I am wits end at this error. Belinda
GemRock Posted October 27, 2006 Posted October 27, 2006 Tried both - one at a time and still the same error. The instructions on Fasthosts site does NOT tell me the correct syntax to use, I just copied it from the information in my control panel on the location of my SSL folder. Thanks again, I am wits end at this error. Belinda I can not re-produce the error. You may need someone to actually login your site to fix it if your host refuses to help you, i am afraid. Or you switch to a linux only host, on grounds of services do not fit for purpose. Ken commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile). over 20 years of computer programming experience.
crash3903 Posted October 27, 2006 Posted October 27, 2006 I can not re-produce the error. You may need someone to actually login your site to fix it if your host refuses to help you, i am afraid. Or you switch to a linux only host, on grounds of services do not fit for purpose. Ken One thing to bear in mind with fasthosts also is that they use load balacing so your sessions are being balanced across different servers Can you not switch your box from linux to windows and set your site up on a windows box with fasthosts? HTH Regards Mark A Reynolds
Guest Posted October 27, 2006 Posted October 27, 2006 I can not re-produce the error. You may need someone to actually login your site to fix it if your host refuses to help you, i am afraid. Or you switch to a linux only host, on grounds of services do not fit for purpose. Ken I replaced the configure files, so the error would not show. I am putting the SSL configure.php files back now, so if you get a chance you can see the error in all its glory. The last reply I received from Fasthosts support was: "According to someone I spoke to who has used OSCommerce, he tells me that the configuraion options have an entry for the temporary folder. This will be what needs to be changed for it to stop trying to use /tmp, and for it to use C:/WinNT/Temp instead" Do you think they are referring to the define('STORE_SESSIONS', 'mysql'); setting in the /includes/configure.php. Thanks - Belinda
digbydo Posted October 27, 2006 Posted October 27, 2006 The last reply I received from Fasthosts support was: "According to someone I spoke to who has used OSCommerce, he tells me that the configuraion options have an entry for the temporary folder. This will be what needs to be changed for it to stop trying to use /tmp, and for it to use C:/WinNT/Temp instead" Strangely you said in your first post that you were on their Windows 2003 servers, not the old NT ones... as I said: strange? one-click installation.. Dave's info
Guest Posted October 27, 2006 Posted October 27, 2006 Strangely you said in your first post that you were on their Windows 2003 servers, not the old NT ones...as I said: strange? The post says my site is working fine on a Linux server but the shared SSL offered by Fasthosts is on Windows 2003. There lies the problem, I think.
GemRock Posted October 27, 2006 Posted October 27, 2006 Strangely you said in your first post that you were on their Windows 2003 servers, not the old NT ones...as I said: strange? RE: /tmp, and for it to use C:/WinNT/Temp instead" This refers to Configuration -> Sessions and cache -> session directory and cache directory, respectively. Windows 2003 still uses winNT as the name of the system directory, as far as I remember. Ken commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile). over 20 years of computer programming experience.
Guest Posted October 27, 2006 Posted October 27, 2006 I replaced the configure files, so the error would not show. I am putting the SSL configure.php files back now, so if you get a chance you can see the error in all its glory. The last reply I received from Fasthosts support was: "According to someone I spoke to who has used OSCommerce, he tells me that the configuraion options have an entry for the temporary folder. This will be what needs to be changed for it to stop trying to use /tmp, and for it to use C:/WinNT/Temp instead" Do you think they are referring to the define('STORE_SESSIONS', 'mysql'); setting in the /includes/configure.php. Thanks - Belinda I am getting newer errors, it appears that they may be doing some work on it!! Fingers Crossed
Guest Posted October 27, 2006 Posted October 27, 2006 RE: /tmp, and for it to use C:/WinNT/Temp instead" This refers to Configuration -> Sessions and cache -> session directory and cache directory, respectively. Windows 2003 still uses winNT as the name of the system directory, as far as I remember. Ken Yes that is correct. Windows Server 2003 has the same basic kernal.
Guest Posted October 27, 2006 Posted October 27, 2006 The Shared SSL is now working to perfection, I just need to see if I can find out what was done on the hosts side. Some of the new errors that appeared while they were working on it were related to CGI, which I don't understand. These Forums are a fantastic source of learning. THANK YOU ALL for your help. Belinda
GemRock Posted October 27, 2006 Posted October 27, 2006 Good to hear it's working now! Your create account link from the top (logo, right) should also be SSL as well, just like when you click from th elogin page. Would be interested to know what was going on behind the error earlier on. Ken commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile). over 20 years of computer programming experience.
Guest Posted October 27, 2006 Posted October 27, 2006 Good to hear it's working now! Your create account link from the top (logo, right) should also be SSL as well, just like when you click from th elogin page. Would be interested to know what was going on behind the error earlier on. Ken Yea THANKS I can see that the create account is NOT secure, probably one of the most important areas to have secure. I tried to change it in the header.php by adding the absolute path to the secure Create_Account.php, but it just appended to the http://www.supercanvas.com. I know no programming so, I am not sure what variables to use in place of an absolute path. If you can help, that would be great, if not I will keep plodding along. Thanks - Belinda
GemRock Posted October 27, 2006 Posted October 27, 2006 Yea THANKS I can see that the create account is NOT secure, probably one of the most important areas to have secure. I tried to change it in the header.php by adding the absolute path to the secure Create_Account.php, but it just appended to the http://www.supercanvas.com. I know no programming so, I am not sure what variables to use in place of an absolute path. If you can help, that would be great, if not I will keep plodding along. Thanks - Belinda I guess you simply gave it direct http:// link to the create account text. The right way to do it is, for example: this line is taken from th elogin page: <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_CREATE_ACCOUNT, '', 'SSL') . '">' . tep_image_button('button_create_account.gif', IMAGE_BUTTON_CREATE_ACCOUNT) . '</a>'; ?></td> but obviously you do not use a button there, therefore: <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_CREATE_ACCOUNT, '', 'SSL') . '">' . 'Create Account' . '</a>'; ?></td> Notice that the 'SSL' param in the above two lines, which tell it to use the secure page link. You may need to edit it bit to fit into your code. Or you could post that part of code (just a few line, not the whole header.php file. Curiously though who did the customisation for you if you know little about php programming? HTH Ken commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile). over 20 years of computer programming experience.
Guest Posted October 27, 2006 Posted October 27, 2006 I guess you simply gave it direct http:// link to the create account text. The right way to do it is, for example: this line is taken from th elogin page: <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_CREATE_ACCOUNT, '', 'SSL') . '">' . tep_image_button('button_create_account.gif', IMAGE_BUTTON_CREATE_ACCOUNT) . '</a>'; ?></td> but obviously you do not use a button there, therefore: <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_CREATE_ACCOUNT, '', 'SSL') . '">' . 'Create Account' . '</a>'; ?></td> Notice that the 'SSL' param in the above two lines, which tell it to use the secure page link. You may need to edit it bit to fit into your code. Or you could post that part of code (just a few line, not the whole header.php file. Curiously though who did the customisation for you if you know little about php programming? HTH Ken I have operating system experience from years ago and know my way around a PC. I bought a Template from Template Monster, Read the installation documentation until it made sense, studied the directory structure of OsCommerce, taught myself Photoshop, learned how to BACKUP, BACKUP and BACKUP :-) and can follow all of this Forum's wonderful contributions and instructions. I have installed many of the contributions and bspoked my OsCommerce to the n'th degree. I suppose with a template to begin with and the willingness to RTFM, anyone can install and configure OsCommerce. But I DO need help with the actual code as I really don't understand it. Here is the offending lines from my header.php </td> <td width=1 background=images/m13.gif></td> <td valign=top style="padding-left: 13px" width=108> <table cellspacing=0 cellpadding=0> <tr><td height=8></td></tr> <tr><td height=14><img src=images/m14.gif width=4 height=4 aling=absmiddle> <a href=<?=tep_href_link('specials.php')?> class=ml1>Specials</a></td></tr> <tr><td height=14><img src=images/m14.gif width=4 height=4 aling=absmiddle> <a href=<?=tep_href_link('advanced_search.php')?> class=ml1>Search</a></td></tr> <tr><td height=14><img src=images/m14.gif width=4 height=4 aling=absmiddle> <a href=<?=tep_href_link('contact_us.php')?> class=ml1>Contact US</a></td></tr> <tr><td height=14><img src=images/m14.gif width=4 height=4 aling=absmiddle> <a href=<?=tep_href_link('create_account.php')?> class=ml1>Create an account</a></td></tr> <tr><td height=14><img src=images/m14.gif width=4 height=4 aling=absmiddle> <?=(!tep_session_is_registered('customer_id') ? '<a href='.tep_href_link('login.php').' class=ml1>Customer login</a>' : '<a href='.tep_href_link('logoff.php').' class=ml1>Sign out</a>')?></td></tr> </table> </td> THANKS for helping me, your a STAR!!
GemRock Posted October 27, 2006 Posted October 27, 2006 This line: <tr><td height=14><img src=images/m14.gif width=4 height=4 aling=absmiddle> <a href=<?=tep_href_link('create_account.php')?> class=ml1>Create an account</a></td></tr> change it to: (back up first!) <tr><td height=14><img src=images/m14.gif width=4 height=4 align=absmiddle> <?php echo '<a href="' . tep_href_link('create_account.php', '', 'ssl') . '">' . '<class=ml1>Create an account' . '</a>'; ?></td></tr> Note that the '' before 'SSL' is two single quote. The cod eyou quoted here looks a bit strange. To play it safe I changed it to way osc does. I don't know how much they've changed in th etemplate. All the 'aling=absmiddle' were wrong - there's not such tag as 'aling'. It got to be 'align', unless they've invented their own html engine! Ken You tryit see if it works. After a pint or two lagar, not sure if I typed everything right. commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile). over 20 years of computer programming experience.
Guest Posted October 27, 2006 Posted October 27, 2006 This line: <tr><td height=14><img src=images/m14.gif width=4 height=4 aling=absmiddle> <a href=<?=tep_href_link('create_account.php')?> class=ml1>Create an account</a></td></tr> change it to: (back up first!) <tr><td height=14><img src=images/m14.gif width=4 height=4 align=absmiddle> <?php echo '<a href="' . tep_href_link('create_account.php', '', 'ssl') . '">' . '<class=ml1>Create an account' . '</a>'; ?></td></tr> Note that the '' before 'SSL' is two single quote. The cod eyou quoted here looks a bit strange. To play it safe I changed it to way osc does. I don't know how much they've changed in th etemplate. All the 'aling=absmiddle' were wrong - there's not such tag as 'aling'. It got to be 'align', unless they've invented their own html engine! Ken You tryit see if it works. After a pint or two lagar, not sure if I typed everything right. Hi Ken, It didn't work, I got a really weird error (sorry, but I didn't capture the error). On 2nd glass of wine, so could be my problem :-) Rather than leave it, I added a cheat for the time being and pointed the link to the login.php, which in turn will lead to the secure create_account.php. I will try your code again tomorrow to see if it will work then. Thanks Again and enjoy your lagers!!
Recommended Posts
Archived
This topic is now archived and is closed to further replies.