Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

admin buttons - firefox 26.0


osmyrna

Recommended Posts

Posted

I am wondering if anyone else has noticed that the latest version of Firefox - 26.0 - does not interpret the coding for the admin pages in 2.3.3.4 correctly. I get a line of text instead of buttons and text instead of buttons in my catalog item entries. I do not get these errors when I open the admin in Safari, and I do not get these errors on my laptop, which has Firefox 12.0. I am on Macs. My daughter downloaded Firefox 26.0 on her windows computer and got the same results of text all down the left instead of module buttons in admin. Any fix or just go to another browser for Admin??

Posted

Starting with Version 26, Firefox silently fails to load any insecure items on a secure page. Some sort of notice would have been a nice idea. Thanks, Firefox.

 

The solution is to not load all of the Admin pages in SSL mode. Or, as you say, just use a different browser.

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

Posted

Can you have a "safe" Admin page not in SSL mode? Thank you for the answer - was driving me batty.

Posted

Only the login page needs to be SSL, as that is the only one transmitting your credentials. Everything else is going up on the site anyway, so it's hardly sensitive. The default design of osCommerce is to only make the essential pages secure, as that adds quite a bit of overhead which slows things down.

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

Posted

Is this something that would be accomplished on the admin/includes/configure.php page? If so (or not so), how? Thanks.

 

By the way, it looks like Google Chrome does the same darned thing to the admin pages.

Posted

Yes. The define for HTTP_SERVER should be a plain http:// and not https://.

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

Posted

Thank you. That got the buttons back. The log-in page is not showing SSL now, either, though. Is there any way to have the "insecure items" be secure items so the admin could stay all SSL? Anyone working on this or is admin better off without it? Where are these "insecure items" coming from currently?

Posted

The "insecure items" are the CSS and Javascript files loaded in the head. Possibly other files as well; I haven't done an exhaustive search. I'm not aware of any other fixes, but that doesn't mean there are none. Maybe somebody else will have something more useful.

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

Posted

Interesting. I use Windows, Firefox 26, have a SSL site and every button and link displays and works correctly in admin. Am I missing something here?

 

Martin

Live shop Phoenix 1.0.8.4 on PHP 7.4 Working my way up the versions.

Posted

Martin, what version of OSCommerce are you using?

 

2.3.3.4 PHP 5.4.21 Hosted

Live shop Phoenix 1.0.8.4 on PHP 7.4 Working my way up the versions.

Posted

Hmmmm, and your catalog/admin/includes/configure.php starts off like this?

<?php

define('HTTP_SERVER', 'https://www.yourstore.com');

define('HTTP_CATALOG_SERVER', 'http://www.yourstore.com');

define('HTTPS_CATALOG_SERVER', 'https://www.yourstore.com');

define('ENABLE_SSL_CATALOG', 'true');

Posted

Hmmmm, and your catalog/admin/includes/configure.php starts off like this?

<?php

define('HTTP_SERVER', 'https://www.yourstore.com');

define('HTTP_CATALOG_SERVER', 'http://www.yourstore.com');

define('HTTPS_CATALOG_SERVER', 'https://www.yourstore.com');

define('ENABLE_SSL_CATALOG', 'true');

 

No, all three of the urls start https

Live shop Phoenix 1.0.8.4 on PHP 7.4 Working my way up the versions.

Posted

define('HTTP_SERVER', 'https://www.yoursite.com');

define('HTTP_CATALOG_SERVER', 'https://www.yoursite.com');

define('HTTPS_CATALOG_SERVER', 'https://www.yoursite.com');

define('ENABLE_SSL_CATALOG', 'true');

define('DIR_FS_DOCUMENT_ROOT', '/home/xxxx/public_html/');

define('DIR_WS_ADMIN', '/admin/');

define('DIR_FS_ADMIN', '/home/xxxx/public_html/admin/');

define('DIR_WS_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', '/');

define('DIR_FS_CATALOG', '/home/xxxx/public_html/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');

define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');

define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');

define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

 

This is my admin configure.php file, I suggest you check the images and icon lines

 

Martin

Live shop Phoenix 1.0.8.4 on PHP 7.4 Working my way up the versions.

Posted

Martin,

What about catalog/includes/configure.php -

mine is currently:

<?php

define('HTTP_SERVER', 'http://www.yourstore.com');

define('HTTPS_SERVER', 'https://www.yourstore.com');

define('ENABLE_SSL', true);

Posted

Martin,

My admin configure.php file looks just like yours except for the https start, but I have this at the end after backups:

 

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

Posted

This is my catalog configure.php

 

define('HTTP_SERVER', 'http://www.yourstore.com');

define('HTTPS_SERVER', 'https://www.yourstore.com');

define('ENABLE_SSL', true);

define('HTTP_COOKIE_DOMAIN', 'yourstore.com');

define('HTTPS_COOKIE_DOMAIN', 'yourstore.com');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', '/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

define('DIR_WS_INCLUDES', 'includes/');

define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');

define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');

define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');

define('DIR_FS_CATALOG', '/home/xxxx/public_html/');

define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');

define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

I do not use the download facility but they are in this file, not the admin on my site

 

Martin

Live shop Phoenix 1.0.8.4 on PHP 7.4 Working my way up the versions.

Posted

I think @ has found the solution. Change your admin side configure.php to this:

 

 define('HTTP_SERVER', 'https://www.example.com');
define('HTTP_CATALOG_SERVER', 'https://www.example.com');
define('HTTPS_CATALOG_SERVER', 'https://www.example.com');
define('ENABLE_SSL_CATALOG', 'true'); 

 

That tells the server to get everything in SSL mode, including the CSS and Javascript files that it pulls from the Catalog side. This will only affect the admin, so don't change anything in the catalog side configure file. Please tell us if this works for you.

 

Also, please use http://www.example.com when you want an example of a URL. That's the only one that is guaranteed to not point to a real site.

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

Posted

Yes, that does it. Thanks to all. And I hope this thread may help out some other confused peoples in future.

Posted

That's not the right fix. You don't want to force the entire store into HTTPS mode unless you have some overwhelming need to do so. It sounds like the problem is that the graphics for the buttons are being requested specifically as http:// on an otherwise https:// page. The solution is to find out why certain page elements are being requested in non-SSL (http://) and either fix them to generate https:// or just give an href of the path (no protocol://domain_name/).

 

I suspect that there's something wrong in your setup, and not basic osC as shipped. If it were normally producing http:// on an https:// page, we would be seeing a lot of reports from other browsers (IE especially) about them flagging such mixed usage.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...