SSL Implementation Help

[germ]

No.

 

For dedicated SSL you have to purchase and install a dedciated SSL cert.

 

Before purchasing a cert talk to your host about server requirements.

[andrea.freddi]

hello germ

 

i'm trying to implement ssl for my site, but can't get it running and need some help.

i've read this post and also tried to change the "getenv" to "1" and also to "port 443" according to post #2, but with no success at all :-(

everything seems to work fine until i hit the "confirm order" button, which gives me the following error:

 

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

 

customers account is created and i also get the order-email

ssl-help is still on the server (www.schoof-betriebsausstattungen.com/shop)

 

my conf files are:

 

- shop/includes/configure.php

 

define('HTTP_SERVER', 'http://www.schoof-betriebsausstattungen.com');

define('HTTPS_SERVER', 'https://uranus.safe-order.ch/~schoof-betriebsausstattungen.com');

define('ENABLE_SSL', true);

define('HTTP_COOKIE_DOMAIN', 'schoof-betriebsausstattungen.com');

define('HTTPS_COOKIE_DOMAIN', 'uranus.safe-order.ch/~schoof-betriebsausstattungen.com');

 

- shop/admin/includes/configure.php (admin is renamed)

 

define('HTTP_SERVER', 'https://uranus.safe-order.ch/~schoof-betriebsausstattungen.com');

define('HTTP_CATALOG_SERVER', 'https://uranus.safe-order.ch/~schoof-betriebsausstattungen.com');

define('HTTPS_CATALOG_SERVER', 'https://uranus.safe-order.ch/~schoof-betriebsausstattungen.com');

define('ENABLE_SSL_CATALOG', 'true');

 

let me know if you need more information, any help would be greatly appreciated

thx

[germ]

That isn't caused by your SSL config. Looks like an error in a PHP fille to me.

 

Check your error log.

 

If you don't have one you can force the site to make one for you. Follow the posts by steve_s starting here

 

That thread is about the admin but you can do the same thing on the catalog side - I've tried it.

[andrea.freddi]

hi germ

 

thx for your quick reply :)

followed the instructions on the mentioned post (i've tried it in shop/include and also in shop/admin/includes), but its not working (even with the path replacement), the text file remains empty :(

may i pm you my ftp credentials so you'll have a look for me?

 

andrea

[germ]

Get your host to set up an error log for you.

[andrea.freddi]

thx once again

 

i had a look in my hosting admin panel and found the error log, how much time i could have saved watching from the beginning over there :-(

the error log tells me

 

Undefined variable: padding in /var/www/html/shop/includes/modules/boxes/bm_categories.php on line 40

 

so i looked in the php file and in line 40 i've found

 

$categories_string .= '<div class="mindCategory">'.$padding.'<a href="';

 

Now i'm not so familiar with php, so what's the next step?

 

andrea

 

 

PS: just in case it could be helpful, this is the content of bm_categories.php (the red text is line 40)

 

<?php

/*

$Id$

 

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2010 osCommerce

 

Released under the GNU General Public License

*/

 

class bm_categories {

var $code = 'bm_categories';

var $group = 'boxes';

var $title;

var $description;

var $sort_order;

var $enabled = false;

 

function bm_categories() {

$this->title = MODULE_BOXES_CATEGORIES_TITLE;

$this->description = MODULE_BOXES_CATEGORIES_DESCRIPTION;

 

if ( defined('MODULE_BOXES_CATEGORIES_STATUS') ) {

$this->sort_order = MODULE_BOXES_CATEGORIES_SORT_ORDER;

$this->enabled = (MODULE_BOXES_CATEGORIES_STATUS == 'True');

 

$this->group = ((MODULE_BOXES_CATEGORIES_CONTENT_PLACEMENT == 'Left Column') ? 'boxes_column_left' : 'boxes_column_right');

}

}

 

function tep_show_category($counter) {

global $tree, $categories_string, $cPath_array;

 

for ($i=0; $i<$tree[$counter]['level']; $i++) {

$padding= "  - ";

}

 

$categories_string .= '<div class="mindCategory">'.$padding.'<a href="';

 

if ($tree[$counter]['parent'] == 0) {

$cPath_new = 'cPath=' . $counter;

} else {

$cPath_new = 'cPath=' . $tree[$counter]['path'];

}

 

$categories_string .= tep_href_link(FILENAME_DEFAULT, $cPath_new) . '">';

 

if (isset($cPath_array) && in_array($counter, $cPath_array)) {

$categories_string .= '<strong>';

}

 

// display category name

$categories_string .= $tree[$counter]['name'];

 

if (isset($cPath_array) && in_array($counter, $cPath_array)) {

$categories_string .= '</strong>';

}

 

if (tep_has_category_subcategories($counter)) {

$categories_string .= ' ';

}

 

$categories_string .= '</a>';

 

if (SHOW_COUNTS == 'true') {

$products_in_category = tep_count_products_in_category($counter);

if ($products_in_category > 0) {

$categories_string .= ' (' . $products_in_category . ')';

}

}

 

$categories_string .= '</div>';

 

if ($tree[$counter]['next_id'] != false) {

$this->tep_show_category($tree[$counter]['next_id']);

}

}

 

function getData() {

global $categories_string, $tree, $languages_id, $cPath, $cPath_array;

 

$categories_string = '';

$tree = array();

 

$categories_query = tep_db_query("select c.categories_id, cd.categories_name, c.parent_id from " . TABLE_CATEGORIES . " c, " . TABLE_CATEGORIES_DESCRIPTION . " cd where c.parent_id = '0' and c.categories_id = cd.categories_id and cd.language_id='" . (int)$languages_id ."' order by sort_order, cd.categories_name");

while ($categories = tep_db_fetch_array($categories_query)) {

$tree[$categories['categories_id']] = array('name' => $categories['categories_name'],

'parent' => $categories['parent_id'],

'level' => 0,

'path' => $categories['categories_id'],

'next_id' => false);

 

if (isset($parent_id)) {

$tree[$parent_id]['next_id'] = $categories['categories_id'];

}

 

$parent_id = $categories['categories_id'];

 

if (!isset($first_element)) {

$first_element = $categories['categories_id'];

}

}

 

if (tep_not_null($cPath)) {

$new_path = '';

reset($cPath_array);

while (list($key, $value) = each($cPath_array)) {

unset($parent_id);

unset($first_id);

$categories_query = tep_db_query("select c.categories_id, cd.categories_name, c.parent_id from " . TABLE_CATEGORIES . " c, " . TABLE_CATEGORIES_DESCRIPTION . " cd where c.parent_id = '" . (int)$value . "' and c.categories_id = cd.categories_id and cd.language_id='" . (int)$languages_id ."' order by sort_order, cd.categories_name");

if (tep_db_num_rows($categories_query)) {

$new_path .= $value;

while ($row = tep_db_fetch_array($categories_query)) {

$tree[$row['categories_id']] = array('name' => $row['categories_name'],

'parent' => $row['parent_id'],

'level' => $key+1,

'path' => $new_path . '_' . $row['categories_id'],

'next_id' => false);

 

if (isset($parent_id)) {

$tree[$parent_id]['next_id'] = $row['categories_id'];

}

 

$parent_id = $row['categories_id'];

 

if (!isset($first_id)) {

$first_id = $row['categories_id'];

}

 

$last_id = $row['categories_id'];

}

$tree[$last_id]['next_id'] = $tree[$value]['next_id'];

$tree[$value]['next_id'] = $first_id;

$new_path .= '_';

} else {

break;

}

}

}

 

$this->tep_show_category($first_element);

 

$data = '<div class="ui-widget infoBoxContainer">' .

' <div class="c_bg c_bg1">' . MODULE_BOXES_CATEGORIES_BOX_TITLE . '</div>' .

' <div class="cm_bg cm_bg1">' . $categories_string . '</div>' .

' <div class="cb_bg cb_bg1"></div>' .

'</div>';

 

return $data;

}

 

function execute() {

global $SID, $oscTemplate;

 

if ((USE_CACHE == 'true') && empty($SID)) {

$output = tep_cache_categories_box();

} else {

$output = $this->getData();

}

 

$oscTemplate->addBlock($output, $this->group);

}

 

function isEnabled() {

return $this->enabled;

}

 

function check() {

return defined('MODULE_BOXES_CATEGORIES_STATUS');

}

 

function install() {

tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Enable Categories Module', 'MODULE_BOXES_CATEGORIES_STATUS', 'True', 'Do you want to add the module to your shop?', '6', '1', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())");

tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Content Placement', 'MODULE_BOXES_CATEGORIES_CONTENT_PLACEMENT', 'Left Column', 'Should the module be loaded in the left or right column?', '6', '1', 'tep_cfg_select_option(array(\'Left Column\', \'Right Column\'), ', now())");

tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Sort Order', 'MODULE_BOXES_CATEGORIES_SORT_ORDER', '0', 'Sort order of display. Lowest is displayed first.', '6', '0', now())");

}

 

function remove() {

tep_db_query("delete from " . TABLE_CONFIGURATION . " where configuration_key in ('" . implode("', '", $this->keys()) . "')");

}

 

function keys() {

return array('MODULE_BOXES_CATEGORIES_STATUS', 'MODULE_BOXES_CATEGORIES_CONTENT_PLACEMENT', 'MODULE_BOXES_CATEGORIES_SORT_ORDER');

}

}

?>

[germ]

I don't mean to rain on your parade but that isn't causing the problem when you click the "Confirm order" button. It's something else.

 

If that was the problem the whole site wouldn't work at all because that code displays the categories and with or without that variable defined they get displayed.

 

If you can find what's causing the error chance are together we can fix it.

 

Without an error message to help us we're basically flying blind in our attempts to fix it.

[MrPhil]

function tep_show_category($counter) {
global $tree, $categories_string, $cPath_array;

for ($i=0; $i<$tree[$counter]['level']; $i++) {
$padding= "  - ";
}

$categories_string .= '<div class="mindCategory">'.$padding.'<a href="';

 

What happens if $tree[$counter]['level'] is 0? It appears that $padding will never be set. The following would at least get you around that:

function tep_show_category($counter) {
global $tree, $categories_string, $cPath_array;

$padding = '';
for ($i=0; $i<$tree[$counter]['level']; $i++) {
$padding= "  - ";
}

$categories_string .= '<div class="mindCategory">'.$padding.'<a href="';

 

Actually, I'm not sure what the point of putting it in a loop is. Is it meant to build up a long string of  's before the -? In that case, you'd want

function tep_show_category($counter) {
global $tree, $categories_string, $cPath_array;

$padding = '';
for ($i=0; $i<$tree[$counter]['level']; $i++) {
$padding .= "  ";
}
if ($padding != '') $padding .= '- ';

$categories_string .= '<div class="mindCategory">'.$padding.'<a href="';

[germ]

Your checkout_process.php file seems to be the problem.

 

First be sure it has the same permissions as the other php files in the shop folder. They should probably be 644 permissions. I know that permissions can cause problems if they are incorrect.

 

If the permissions are OK you can post the code from the file. Maybe we'll get lucky and spot something. And I can put it on my online test area or my local WAMP server to test it.

 

On a different subject your W3C validator widget at the bototm of the page causes "unsecure items" popup on Internet Explorer. I posted a way here you can make it disappear on the SSL pages.

[andrea.freddi]

@@germ

 

on footer.php the code looks like this:

 

<?php

if ($banner = tep_banner_exists('dynamic', '468x50')) {

?>

 

<div id="mindWraperBanner" style="text-align:center; padding-bottom:30px;">

<?php echo tep_display_banner('static', $banner); ?> <p>

<a href="

http://validator.w3.org/check?uri=referer"><img

src="

http://www.w3.org/Icons/valid-xhtml10"

alt="Valid XHTML 1.0 Transitional" height="31" width="88" /></a>

</p>

 

</div>

 

<?php

}

?>

should i apply the non secure part like this?

 

<?php

if ($banner = tep_banner_exists('dynamic', '468x50')) {

?>

<?php

if ( $request_type != 'SSL' ) {

?>

 

<div id="mindWraperBanner" style="text-align:center; padding-bottom:30px;">

<?php echo tep_display_banner('static', $banner); ?> <p>

<a href="

http://validator.w3.org/check?uri=referer"><img

src="

http://www.w3.org/Icons/valid-xhtml10"

alt="Valid XHTML 1.0 Transitional" height="31" width="88" /></a>

</p>

 

</div>

<?php

}

?>

<?php

}

?>

the file permissions are set to 644, so i post my checkout_process.php, would be really great if we can get it work :-)

 

<?php

/*

$Id$

 

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2007 osCommerce

 

Released under the GNU General Public License

*/

 

include('includes/application_top.php');

 

// if the customer is not logged on, redirect them to the login page

if (!tep_session_is_registered('customer_id')) {

$navigation->set_snapshot(array('mode' => 'SSL', 'page' => FILENAME_CHECKOUT_PAYMENT));

tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));

}

 

// if there is nothing in the customers cart, redirect them to the shopping cart page

if ($cart->count_contents() < 1) {

tep_redirect(tep_href_link(FILENAME_SHOPPING_CART));

}

 

// if no shipping method has been selected, redirect the customer to the shipping method selection page

if (!tep_session_is_registered('shipping') || !tep_session_is_registered('sendto')) {

tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));

}

 

if ( (tep_not_null(MODULE_PAYMENT_INSTALLED)) && (!tep_session_is_registered('payment')) ) {

tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));

}

 

// avoid hack attempts during the checkout procedure by checking the internal cartID

if (isset($cart->cartID) && tep_session_is_registered('cartID')) {

if ($cart->cartID != $cartID) {

tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));

}

}

 

include(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CHECKOUT_PROCESS);

 

// load selected payment module

require(DIR_WS_CLASSES . 'payment.php');

$payment_modules = new payment($payment);

 

// load the selected shipping module

require(DIR_WS_CLASSES . 'shipping.php');

$shipping_modules = new shipping($shipping);

 

require(DIR_WS_CLASSES . 'order.php');

$order = new order;

 

// Stock Check

$any_out_of_stock = false;

if (STOCK_CHECK == 'true') {

for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {

if (tep_check_stock($order->products[$i]['id'], $order->products[$i]['qty'])) {

$any_out_of_stock = true;

}

}

// Out of Stock

if ( (STOCK_ALLOW_CHECKOUT != 'true') && ($any_out_of_stock == true) ) {

tep_redirect(tep_href_link(FILENAME_SHOPPING_CART));

}

}

 

$payment_modules->update_status();

 

if ( ($payment_modules->selected_module != $payment) || ( is_array($payment_modules->modules) && (sizeof($payment_modules->modules) > 1) && !is_object($$payment) ) || (is_object($$payment) && ($$payment->enabled == false)) ) {

tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(ERROR_NO_PAYMENT_MODULE_SELECTED), 'SSL'));

}

 

require(DIR_WS_CLASSES . 'order_total.php');

$order_total_modules = new order_total;

 

$order_totals = $order_total_modules->process();

 

// load the before_process function from the payment modules

$payment_modules->before_process();

 

$sql_data_array = array('customers_id' => $customer_id,

'customers_name' => $order->customer['firstname'] . ' ' . $order->customer['lastname'],

'customers_company' => $order->customer['company'],

'customers_street_address' => $order->customer['street_address'],

'customers_suburb' => $order->customer['suburb'],

'customers_city' => $order->customer['city'],

'customers_postcode' => $order->customer['postcode'],

'customers_state' => $order->customer['state'],

'customers_country' => $order->customer['country']['title'],

'customers_telephone' => $order->customer['telephone'],

'customers_email_address' => $order->customer['email_address'],

'customers_address_format_id' => $order->customer['format_id'],

'delivery_name' => trim($order->delivery['firstname'] . ' ' . $order->delivery['lastname']),

'delivery_company' => $order->delivery['company'],

'delivery_street_address' => $order->delivery['street_address'],

'delivery_suburb' => $order->delivery['suburb'],

'delivery_city' => $order->delivery['city'],

'delivery_postcode' => $order->delivery['postcode'],

'delivery_state' => $order->delivery['state'],

'delivery_country' => $order->delivery['country']['title'],

'delivery_address_format_id' => $order->delivery['format_id'],

'billing_name' => $order->billing['firstname'] . ' ' . $order->billing['lastname'],

'billing_company' => $order->billing['company'],

'billing_street_address' => $order->billing['street_address'],

'billing_suburb' => $order->billing['suburb'],

'billing_city' => $order->billing['city'],

'billing_postcode' => $order->billing['postcode'],

'billing_state' => $order->billing['state'],

'billing_country' => $order->billing['country']['title'],

'billing_address_format_id' => $order->billing['format_id'],

'payment_method' => $order->info['payment_method'],

'cc_type' => $order->info['cc_type'],

'cc_owner' => $order->info['cc_owner'],

'cc_number' => $order->info['cc_number'],

'cc_expires' => $order->info['cc_expires'],

'date_purchased' => 'now()',

'orders_status' => $order->info['order_status'],

'currency' => $order->info['currency'],

'currency_value' => $order->info['currency_value']);

tep_db_perform(TABLE_ORDERS, $sql_data_array);

$insert_id = tep_db_insert_id();

for ($i=0, $n=sizeof($order_totals); $i<$n; $i++) {

$sql_data_array = array('orders_id' => $insert_id,

'title' => $order_totals[$i]['title'],

'text' => $order_totals[$i]['text'],

'value' => $order_totals[$i]['value'],

'class' => $order_totals[$i]['code'],

'sort_order' => $order_totals[$i]['sort_order']);

tep_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array);

}

 

$customer_notification = (SEND_EMAILS == 'true') ? '1' : '0';

$sql_data_array = array('orders_id' => $insert_id,

'orders_status_id' => $order->info['order_status'],

'date_added' => 'now()',

'customer_notified' => $customer_notification,

'comments' => $order->info['comments']);

tep_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);

 

// initialized for the email confirmation

$products_ordered = '';

 

for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {

// Stock Update - Joao Correia

if (STOCK_LIMITED == 'true') {

if (DOWNLOAD_ENABLED == 'true') {

$stock_query_raw = "SELECT products_quantity, pad.products_attributes_filename

FROM " . TABLE_PRODUCTS . " p

LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES . " pa

ON p.products_id=pa.products_id

LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad

ON pa.products_attributes_id=pad.products_attributes_id

WHERE p.products_id = '" . tep_get_prid($order->products[$i]['id']) . "'";

// Will work with only one option for downloadable products

// otherwise, we have to build the query dynamically with a loop

$products_attributes = $order->products[$i]['attributes'];

if (is_array($products_attributes)) {

$stock_query_raw .= " AND pa.options_id = '" . $products_attributes[0]['option_id'] . "' AND pa.options_values_id = '" . $products_attributes[0]['value_id'] . "'";

}

$stock_query = tep_db_query($stock_query_raw);

} else {

$stock_query = tep_db_query("select products_quantity from " . TABLE_PRODUCTS . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");

}

if (tep_db_num_rows($stock_query) > 0) {

$stock_values = tep_db_fetch_array($stock_query);

// do not decrement quantities if products_attributes_filename exists

if ((DOWNLOAD_ENABLED != 'true') || (!$stock_values['products_attributes_filename'])) {

$stock_left = $stock_values['products_quantity'] - $order->products[$i]['qty'];

} else {

$stock_left = $stock_values['products_quantity'];

}

tep_db_query("update " . TABLE_PRODUCTS . " set products_quantity = '" . $stock_left . "' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");

if ( ($stock_left < 1) && (STOCK_ALLOW_CHECKOUT == 'false') ) {

tep_db_query("update " . TABLE_PRODUCTS . " set products_status = '0' where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");

}

}

}

 

// Update products_ordered (for bestsellers list)

tep_db_query("update " . TABLE_PRODUCTS . " set products_ordered = products_ordered + " . sprintf('%d', $order->products[$i]['qty']) . " where products_id = '" . tep_get_prid($order->products[$i]['id']) . "'");

 

$sql_data_array = array('orders_id' => $insert_id,

'products_id' => tep_get_prid($order->products[$i]['id']),

'products_model' => $order->products[$i]['model'],

'products_name' => $order->products[$i]['name'],

'products_price' => $order->products[$i]['price'],

'final_price' => $order->products[$i]['final_price'],

'products_tax' => $order->products[$i]['tax'],

'products_quantity' => $order->products[$i]['qty']);

tep_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array);

$order_products_id = tep_db_insert_id();

 

//------insert customer choosen option to order--------

$attributes_exist = '0';

$products_ordered_attributes = '';

if (isset($order->products[$i]['attributes'])) {

$attributes_exist = '1';

for ($j=0, $n2=sizeof($order->products[$i]['attributes']); $j<$n2; $j++) {

if (DOWNLOAD_ENABLED == 'true') {

$attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename

from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa

left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad

on pa.products_attributes_id=pad.products_attributes_id

where pa.products_id = '" . $order->products[$i]['id'] . "'

and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'

and pa.options_id = popt.products_options_id

and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'

and pa.options_values_id = poval.products_options_values_id

and popt.language_id = '" . $languages_id . "'

and poval.language_id = '" . $languages_id . "'";

$attributes = tep_db_query($attributes_query);

} else {

$attributes = tep_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $languages_id . "' and poval.language_id = '" . $languages_id . "'");

}

$attributes_values = tep_db_fetch_array($attributes);

 

$sql_data_array = array('orders_id' => $insert_id,

'orders_products_id' => $order_products_id,

'products_options' => $attributes_values['products_options_name'],

'products_options_values' => $attributes_values['products_options_values_name'],

'options_values_price' => $attributes_values['options_values_price'],

'price_prefix' => $attributes_values['price_prefix']);

tep_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array);

 

if ((DOWNLOAD_ENABLED == 'true') && isset($attributes_values['products_attributes_filename']) && tep_not_null($attributes_values['products_attributes_filename'])) {

$sql_data_array = array('orders_id' => $insert_id,

'orders_products_id' => $order_products_id,

'orders_products_filename' => $attributes_values['products_attributes_filename'],

'download_maxdays' => $attributes_values['products_attributes_maxdays'],

'download_count' => $attributes_values['products_attributes_maxcount']);

tep_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array);

}

$products_ordered_attributes .= "\n\t" . $attributes_values['products_options_name'] . ' ' . $attributes_values['products_options_values_name'];

}

}

//------insert customer choosen option eof ----

$products_ordered .= $order->products[$i]['qty'] . ' x ' . $order->products[$i]['name'] . ' (' . $order->products[$i]['model'] . ') = ' . $currencies->display_price($order->products[$i]['final_price'], $order->products[$i]['tax'], $order->products[$i]['qty']) . $products_ordered_attributes . "\n";

}

 

// lets start with the email confirmation

$email_order = STORE_NAME . "\n" .

EMAIL_SEPARATOR . "\n" .

EMAIL_TEXT_ORDER_NUMBER . ' ' . $insert_id . "\n" .

EMAIL_TEXT_INVOICE_URL . ' ' . tep_href_link(FILENAME_ACCOUNT_HISTORY_INFO, 'order_id=' . $insert_id, 'SSL', false) . "\n" .

EMAIL_TEXT_DATE_ORDERED . ' ' . strftime(DATE_FORMAT_LONG) . "\n\n";

if ($order->info['comments']) {

$email_order .= tep_db_output($order->info['comments']) . "\n\n";

}

$email_order .= EMAIL_TEXT_PRODUCTS . "\n" .

EMAIL_SEPARATOR . "\n" .

$products_ordered .

EMAIL_SEPARATOR . "\n";

 

for ($i=0, $n=sizeof($order_totals); $i<$n; $i++) {

$email_order .= strip_tags($order_totals[$i]['title']) . ' ' . strip_tags($order_totals[$i]['text']) . "\n";

}

 

if ($order->content_type != 'virtual') {

$email_order .= "\n" . EMAIL_TEXT_DELIVERY_ADDRESS . "\n" .

EMAIL_SEPARATOR . "\n" .

tep_address_label($customer_id, $sendto, 0, '', "\n") . "\n";

}

 

$email_order .= "\n" . EMAIL_TEXT_BILLING_ADDRESS . "\n" .

EMAIL_SEPARATOR . "\n" .

tep_address_label($customer_id, $billto, 0, '', "\n") . "\n\n";

if (is_object($$payment)) {

$email_order .= EMAIL_TEXT_PAYMENT_METHOD . "\n" .

EMAIL_SEPARATOR . "\n";

$payment_class = $$payment;

$email_order .= $order->info['payment_method'] . "\n\n";

if (isset($payment_class->email_footer)) {

$email_order .= $payment_class->email_footer . "\n\n";

}

}

tep_mail($order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address'], EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);

 

// send emails to other people

if (SEND_EXTRA_ORDER_EMAILS_TO != '') {

tep_mail('', SEND_EXTRA_ORDER_EMAILS_TO, EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);

}

 

// load the after_process function from the payment modules

$payment_modules->after_process();

 

$cart->reset(true);

 

// unregister session variables used during checkout

tep_session_unregister('sendto');

tep_session_unregister('billto');

tep_session_unregister('shipping');

tep_session_unregister('payment');

tep_session_unregister('comments');

 

tep_redirect(tep_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL'));

 

require(DIR_WS_INCLUDES . 'application_bottom.php');

?>

 

 

@@MrPhil

 

to not modify the function, am i right assuming your second version of $padding is the proper one for me?

 

 

 

@@germ @@MrPhil

 

i'm really happy to get your help, hope my english is ok as it's not my mother language

[germ]

This is the unsecure code:

 

<a href="http://validator.w3.org/check?uri=referer"><img
src="http://www.w3.org/Icons/valid-xhtml10"
alt="Valid XHTML 1.0 Transitional" height="31" width="88" /></a>

 

I'll try the checkout_process file on my WAMP and online server this evening when I get home and let you know the results.

[andrea.freddi]

thx a lot, i really appreciate your help

[MrPhil]

am i right assuming your second version of $padding is the proper one for me?

I'm not sure what the intent is of the original code. If it's to output

(nothing for level 0)
  - (for level 1)
    - (for level 2)
etc.

then the second version would be correct. If it's supposed to output

(nothing for level 0)
  - (for level 1)
  -   - (for level 2)
etc.

(a series of dashes) you would want to use the first version.

 

P.S. please use the [ code ] tag around code examples.

[germ]

Tried your file locally - No problems. That's what I expected,

 

You're going to have to get some kind of useful error message before I can be any help.

 

You've got something wrong somewhere but it's not the code in the file as it works for me "as is".

[catlover]

Jim,

Many thanks for the post, your help and the perfect explanation to many of the common SSL problems!

 

Regards,

Joe

[andrea.freddi]

@@germ @@MrPhil

 

sorry for my late replay, i was in holiday ...

 

after all i decided to begin with a fresh install and, oh wonder, now it seems to work as expected :-)

so, thx a lot for your help and your time, it was really appreciated

 

andrea

[deiana38]

hi, i am trying to get my ssl seal to show up on my site and can not figure out what is wrong i went through fatcow and they loaded my geo trust certificate for me all i need to do is put the seal on my site. www.delightfulcouponclipper.com i also installed the ssl help. but still can not figure out what is wrong. Could you take a look and see if you can figure out what is wrong. thanks

[www.in.no]

@@deiana38

 

I see some problems when using www or not.

 

When using www i see the geotrust image, but when i change to without www it wont show.

 

Also when clicking on create a account i am redirected to https without www and no geotrust image,

[deiana38]

Thanks Arild I see what you mean any clues to why this is doing this? Thanks

[www.in.no]

@@deiana38

I am not sure, but it might be that the script used to show the image is checking your url. Maybe you should add som rewrigthing in htaccess to only use www.

Or ask geotrust support if there are any checks against url.

[www.in.no]

@@germ

 

Hi Jim,

 

Could you have a look at osc.allmedia.no

 

I have the session problem loosing cart content, and have to re login between ssl and nonssl pages

 

Have tried most of the samples described in this tread, i have re installed a stock osc 2.3.3 to test with and still same problem.

Your tools are installed at the server.

Have tried the application_top variants.

Have tried different SSL settings in config for cookie domain.

The server has dedicated ip and a real ssl certificate bought for this test site.

 

Thanks..

[germ]

Try putting a period at the begiining of your define for HTTPS_COOKIE_DOMAIN like this:

 

define('HTTPS_COOKIE_DOMAIN', '.osc.allmedia.no');

[germ]

Try these for the cookie domains in the catalog config file:

 

define('HTTP_COOKIE_DOMAIN', '.osc.allmedia.no');
define('HTTPS_COOKIE_DOMAIN', '.osc.allmedia.no');

[www.in.no]

@@germ

 

I have changed it now. But i have tried it before with no help...

[germ]

The site is making cookies on the SSL and NONSSL sides, and they contain the session ID, so the domain names and paths are correct.

 

In the admin be sure Force Cookie Usage is False and Recreate Session is True.

 

Vereify / correct those settings and post and I'll look again.

 

I do see a few things that just don't add up...

:unsure: