Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Paypal and SSL issues


Guest

Recommended Posts

Hi all,

 

I was looking for SSL solution for my site and found that my web host offers shared SSL (which is ok for testing purposes). Anyways I followed instructions found in these forums and it works almost perfectly until I noticed something not quite right.

 

When I access "My Account", the page becomes https, which is how it should be. When I log in, I can see the account information and orders etc etc. Then I select a product by going to a manufacturer (or by categories). All these other pages are not secured (no https) for some reason, even though I am still logged in. I don't think it's supposed to do that? Every page should be https after a user has logged in, is that right?

 

Regardless, I try and add a product to my cart and I find that even my shopping cart has no https. However, when I click on "Shopping Cart" from the navigation bar, it is secured (has https). Both pages are shopping_cart.php. I don't understand why one is secured and the other is not.

 

With regard to Paypal, I could see that a customer will have to register for a Paypal account if they want to continue. I remember doing my old site and clients didn't have to sign up for Paypal (they could choose). Is this something that I've done wrong or has Paypal made changes so now everyone that uses their site MUST be registered? I don't look forward to forcing new customers to register twice if they haven't got Paypal (one for my store, the other for Paypal)...

 

Thanks very much in advance.

Link to comment
Share on other sites

there is nothing wrong with your SSL. you only need https on pages with sensitive information (like their account, their checkout). the product pages have info that everybody who visits the site can see so https is not needed.

Link to comment
Share on other sites

Thanks, that explains the products pages, but what about the shopping cart pages? I think shopping carts should be https, correct?

 

At any rate, when I add a product to the cart, the shopping cart has no https, but when I click on the "Shopping Cart" link on the navigation bar, it does have https. Both are shopping_cart.php.

 

So any idea why that is?

Link to comment
Share on other sites

no, the shopping cart page does not have to be https. my site does not have it. if you look at the live shops page and check out other sites, they do not have https on their shopping cart. if you look at big company websites like walmart, they do not have it either. the shopping cart page does not have sensitive information. it's the same info anyone else will see if they add products to their cart.

Link to comment
Share on other sites

I suppose that for some customers, they'd like to have the whole thing encrypted. Say, I'm shopping on an "adult" oriented site, and never mind what I've got in my cart, I'm nervous about people finding out simply that I'm "here". Or, I'm shopping for adult diapers and Preparation H in 55 gallon drums because I, uh, have "problems". I could see SSL on everything might make potential customers a bit more comfortable about shopping there. Of course, that would slow down communications, but it might be worth it to gain a customer. Is there any way to put the entire site under SSL if I enter it https://www.store.com? The system would need to detect the use of https: and possibly (.htaccess?) set a flag somewhere to use SSL at all times.

 

Just some random thoughts...

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...