Guest Posted December 11, 2006 Posted December 11, 2006 Hi, I just discovered that the OSC site I am working on is sending the source for the images to my SSL page. (ie. https://sslname.sitename.com/images/image.gif) I've looked at the configure.php and can't see anything obviously wrong....although I could be wrong. lol. My site is http://s185111225.onlinehome.us/ (nasty url, I know - gonna change it when I switch the site from where it is now.) Here is the section of the configure.php that pertains to the images.... define('HTTP_SERVER', 'http://s185111225.onlinehome.us'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://ssl.perfora.net'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 's185111225.onlinehome.us'); define('HTTPS_COOKIE_DOMAIN', 's185111225.onlinehome.us'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); define('DIR_WS_HTTP_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', '/s185111225.onlinehome.us/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); Any ideas as to what could be wrong? Thanks.
jdvb Posted December 11, 2006 Posted December 11, 2006 in your includes/header.php you need to remove the SSL from the tep_href_link function that is set to write the base href.
jdvb Posted December 11, 2006 Posted December 11, 2006 beter solution would be to not call the base href in the header.php file (where it would be set for both secure and non secure pages) but in the pages themselves. So on a non secure page, just before the include header part, you echo the base href without the SSL part, and on secure pages you do let it call for the SSL part. That way you can change all parts so that non secure pages can be totaly http and secure pages can be totally https
Guest Posted December 12, 2006 Posted December 12, 2006 How would I go about doing that? I looked through my header.php file and the only SSL reference I can see points to things like FILENAME_ACCOUNT - something that should be SSL protected.... If I did the second option, that would require going through and changing all the PHP files used by OSC, wouldn't it?
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.