osmyrna Posted January 26, 2014 Posted January 26, 2014 I am wondering if anyone else has noticed that the latest version of Firefox - 26.0 - does not interpret the coding for the admin pages in 2.3.3.4 correctly. I get a line of text instead of buttons and text instead of buttons in my catalog item entries. I do not get these errors when I open the admin in Safari, and I do not get these errors on my laptop, which has Firefox 12.0. I am on Macs. My daughter downloaded Firefox 26.0 on her windows computer and got the same results of text all down the left instead of module buttons in admin. Any fix or just go to another browser for Admin??
♥kymation Posted January 26, 2014 Posted January 26, 2014 Starting with Version 26, Firefox silently fails to load any insecure items on a secure page. Some sort of notice would have been a nice idea. Thanks, Firefox. The solution is to not load all of the Admin pages in SSL mode. Or, as you say, just use a different browser. Regards Jim See my profile for a list of my addons and ways to get support.
osmyrna Posted January 26, 2014 Author Posted January 26, 2014 Can you have a "safe" Admin page not in SSL mode? Thank you for the answer - was driving me batty.
♥kymation Posted January 26, 2014 Posted January 26, 2014 Only the login page needs to be SSL, as that is the only one transmitting your credentials. Everything else is going up on the site anyway, so it's hardly sensitive. The default design of osCommerce is to only make the essential pages secure, as that adds quite a bit of overhead which slows things down. Regards Jim See my profile for a list of my addons and ways to get support.
osmyrna Posted January 26, 2014 Author Posted January 26, 2014 Is this something that would be accomplished on the admin/includes/configure.php page? If so (or not so), how? Thanks. By the way, it looks like Google Chrome does the same darned thing to the admin pages.
♥kymation Posted January 26, 2014 Posted January 26, 2014 Yes. The define for HTTP_SERVER should be a plain http:// and not https://. Regards Jim See my profile for a list of my addons and ways to get support.
osmyrna Posted January 26, 2014 Author Posted January 26, 2014 Thank you. That got the buttons back. The log-in page is not showing SSL now, either, though. Is there any way to have the "insecure items" be secure items so the admin could stay all SSL? Anyone working on this or is admin better off without it? Where are these "insecure items" coming from currently?
♥kymation Posted January 26, 2014 Posted January 26, 2014 The "insecure items" are the CSS and Javascript files loaded in the head. Possibly other files as well; I haven't done an exhaustive search. I'm not aware of any other fixes, but that doesn't mean there are none. Maybe somebody else will have something more useful. Regards Jim See my profile for a list of my addons and ways to get support.
mhsuffolk Posted January 26, 2014 Posted January 26, 2014 Interesting. I use Windows, Firefox 26, have a SSL site and every button and link displays and works correctly in admin. Am I missing something here? Martin Live shop Phoenix 1.0.8.4 on PHP 7.4 Working my way up the versions.
osmyrna Posted January 26, 2014 Author Posted January 26, 2014 Martin, what version of OSCommerce are you using?
mhsuffolk Posted January 26, 2014 Posted January 26, 2014 Martin, what version of OSCommerce are you using? 2.3.3.4 PHP 5.4.21 Hosted Live shop Phoenix 1.0.8.4 on PHP 7.4 Working my way up the versions.
osmyrna Posted January 26, 2014 Author Posted January 26, 2014 Hmmmm, and your catalog/admin/includes/configure.php starts off like this? <?php define('HTTP_SERVER', 'https://www.yourstore.com'); define('HTTP_CATALOG_SERVER', 'http://www.yourstore.com'); define('HTTPS_CATALOG_SERVER', 'https://www.yourstore.com'); define('ENABLE_SSL_CATALOG', 'true');
osmyrna Posted January 26, 2014 Author Posted January 26, 2014 Jim, what would happen if I changed <?php define('HTTP_SERVER', 'http://www.yourstore.com'); to <?php define('HTTP_SERVER', 'https://www.yourstore.com'); in catalog/includes/configure.php ?
mhsuffolk Posted January 26, 2014 Posted January 26, 2014 Hmmmm, and your catalog/admin/includes/configure.php starts off like this? <?php define('HTTP_SERVER', 'https://www.yourstore.com'); define('HTTP_CATALOG_SERVER', 'http://www.yourstore.com'); define('HTTPS_CATALOG_SERVER', 'https://www.yourstore.com'); define('ENABLE_SSL_CATALOG', 'true'); No, all three of the urls start https Live shop Phoenix 1.0.8.4 on PHP 7.4 Working my way up the versions.
mhsuffolk Posted January 26, 2014 Posted January 26, 2014 define('HTTP_SERVER', 'https://www.yoursite.com'); define('HTTP_CATALOG_SERVER', 'https://www.yoursite.com'); define('HTTPS_CATALOG_SERVER', 'https://www.yoursite.com'); define('ENABLE_SSL_CATALOG', 'true'); define('DIR_FS_DOCUMENT_ROOT', '/home/xxxx/public_html/'); define('DIR_WS_ADMIN', '/admin/'); define('DIR_FS_ADMIN', '/home/xxxx/public_html/admin/'); define('DIR_WS_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', '/'); define('DIR_FS_CATALOG', '/home/xxxx/public_html/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); This is my admin configure.php file, I suggest you check the images and icon lines Martin Live shop Phoenix 1.0.8.4 on PHP 7.4 Working my way up the versions.
osmyrna Posted January 26, 2014 Author Posted January 26, 2014 Martin, What about catalog/includes/configure.php - mine is currently: <?php define('HTTP_SERVER', 'http://www.yourstore.com'); define('HTTPS_SERVER', 'https://www.yourstore.com'); define('ENABLE_SSL', true);
osmyrna Posted January 26, 2014 Author Posted January 26, 2014 Martin, My admin configure.php file looks just like yours except for the https start, but I have this at the end after backups: define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');
mhsuffolk Posted January 26, 2014 Posted January 26, 2014 This is my catalog configure.php define('HTTP_SERVER', 'http://www.yourstore.com'); define('HTTPS_SERVER', 'https://www.yourstore.com'); define('ENABLE_SSL', true); define('HTTP_COOKIE_DOMAIN', 'yourstore.com'); define('HTTPS_COOKIE_DOMAIN', 'yourstore.com'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); define('DIR_WS_HTTP_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', '/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/'); define('DIR_FS_CATALOG', '/home/xxxx/public_html/'); define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/'); I do not use the download facility but they are in this file, not the admin on my site Martin Live shop Phoenix 1.0.8.4 on PHP 7.4 Working my way up the versions.
♥kymation Posted January 26, 2014 Posted January 26, 2014 I think @ has found the solution. Change your admin side configure.php to this: define('HTTP_SERVER', 'https://www.example.com'); define('HTTP_CATALOG_SERVER', 'https://www.example.com'); define('HTTPS_CATALOG_SERVER', 'https://www.example.com'); define('ENABLE_SSL_CATALOG', 'true'); That tells the server to get everything in SSL mode, including the CSS and Javascript files that it pulls from the Catalog side. This will only affect the admin, so don't change anything in the catalog side configure file. Please tell us if this works for you. Also, please use http://www.example.com when you want an example of a URL. That's the only one that is guaranteed to not point to a real site. Regards Jim See my profile for a list of my addons and ways to get support.
osmyrna Posted January 26, 2014 Author Posted January 26, 2014 Yes, that does it. Thanks to all. And I hope this thread may help out some other confused peoples in future.
MrPhil Posted January 26, 2014 Posted January 26, 2014 That's not the right fix. You don't want to force the entire store into HTTPS mode unless you have some overwhelming need to do so. It sounds like the problem is that the graphics for the buttons are being requested specifically as http:// on an otherwise https:// page. The solution is to find out why certain page elements are being requested in non-SSL (http://) and either fix them to generate https:// or just give an href of the path (no protocol://domain_name/). I suspect that there's something wrong in your setup, and not basic osC as shipped. If it were normally producing http:// on an https:// page, we would be seeing a lot of reports from other browsers (IE especially) about them flagging such mixed usage.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.