Rob is Busy Posted April 16, 2004 Share Posted April 16, 2004 It's looking for the images in https:// when they're at http:// address. I've tried fixing it in the includes/configure.php and admin/includes/configure.php and I've got nothing. http://www.robsdesign.com/explore/ If somebody knows something I don't, share the knowledge. ^^ I also get about 300 Security Alerts. How can I get rid of those? Link to comment Share on other sites More sharing options...
AlanR Posted April 16, 2004 Share Posted April 16, 2004 You need to post those files here. You've got something basic set wrong. I get an 'identity' alert on ssl which is not an osC fault. Something's off in your cert. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management) Link to comment Share on other sites More sharing options...
Rob is Busy Posted April 16, 2004 Author Share Posted April 16, 2004 includes/configure.php <?php /* ?osCommerce, Open Source E-Commerce Solutions ?http://www.oscommerce.com ?Copyright (c) 2003 osCommerce ?Released under the GNU General Public License */ // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) ?define('HTTP_SERVER', 'http://robsdesign.com'); // eg, http://localhost - should not be empty for productive servers ?define('HTTPS_SERVER', 'https://robsdesign.com'); // eg, https://localhost - should not be empty for productive servers ?define('ENABLE_SSL', false); // secure webserver for checkout procedure? ?define('HTTP_COOKIE_DOMAIN', 'robsdesign.com'); ?define('HTTPS_COOKIE_DOMAIN', 'robsdesign.com'); ?define('HTTP_COOKIE_PATH', '/explore/'); ?define('HTTPS_COOKIE_PATH', '/explore/'); ?define('DIR_WS_HTTP_CATALOG', '/explore/'); ?define('DIR_WS_HTTPS_CATALOG', '/explore/'); ?define('DIR_WS_IMAGES', 'images/'); ?define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); ?define('DIR_WS_INCLUDES', 'includes/'); ?define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); ?define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); ?define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); ?define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); ?define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); ?define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/'); ?define('DIR_FS_CATALOG', '/home/busyrob/public_html/explore/'); ?define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); ?define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/'); // define our database connection ?define('DB_SERVER', 'localhost'); // eg, localhost - should not be NULL for productive servers ?define('DB_SERVER_USERNAME', '******'); ?define('DB_SERVER_PASSWORD', '******'); ?define('DB_DATABASE', '******'); ?define('USE_PCONNECT', 'false'); // use persistent connections? ?define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql' ?> admin/includes/configure.php <?php /* ?osCommerce, Open Source E-Commerce Solutions ?http://www.oscommerce.com ?Copyright (c) 2003 osCommerce ?Released under the GNU General Public License */ // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) ?define('HTTP_SERVER', 'http://robsdesign.com'); // eg, http://localhost - should not be empty for productive servers ?define('HTTP_CATALOG_SERVER', 'http://robsdesign.com'); ?define('HTTPS_CATALOG_SERVER', 'https://robsdesign.com'); ?define('ENABLE_SSL_CATALOG', 'false'); // secure webserver for catalog module ?define('DIR_FS_DOCUMENT_ROOT', '/home/busyrob/public_html/explore/'); // where the pages are located on the server ?define('DIR_WS_ADMIN', '/explore/admin/'); // absolute path required ?define('DIR_FS_ADMIN', '/home/busyrob/public_html/explore/admin/'); // absolute pate required ?define('DIR_WS_CATALOG', '/explore/'); // absolute path required ?define('DIR_FS_CATALOG', '/home/busyrob/public_html/explore/'); // absolute path required ?define('DIR_WS_IMAGES', 'images/'); ?define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); ?define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); ?define('DIR_WS_INCLUDES', 'includes/'); ?define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); ?define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); ?define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); ?define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); ?define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); ?define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); ?define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); ?define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); ?define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); ?define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); // define our database connection ?define('DB_SERVER', 'localhost'); // eg, localhost - should not be empty for productive servers ?define('DB_SERVER_USERNAME', '******'); ?define('DB_SERVER_PASSWORD', '******'); ?define('DB_DATABASE', '******'); ?define('USE_PCONNECT', 'false'); // use persisstent connections? ?define('STORE_SESSIONS', 'mysql'); // leave empty '' for default handler or set to 'mysql' ?> Link to comment Share on other sites More sharing options...
Guest Posted April 17, 2004 Share Posted April 17, 2004 Anyone have a solution to this issue? I am having the EXACT same troubles. wheels still spinning... :blink: Link to comment Share on other sites More sharing options...
AlanR Posted April 17, 2004 Share Posted April 17, 2004 I think this is a server set-up problem. If you look at the source in http://robsdesign.com you'll find at the top. <base href="https://robsdesign.com/explore/"> Someone may know more than me but that's coming from a system call to the server environment. Ask your host about this. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management) Link to comment Share on other sites More sharing options...
AlanR Posted April 17, 2004 Share Posted April 17, 2004 Line 40 of index.php is <base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>"> Try swapping these two around. ie: <base href="<?php echo (($request_type == 'SSL') ? HTTP_SERVER : HTTPS_SERVER) . DIR_WS_CATALOG; ?>"> Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management) Link to comment Share on other sites More sharing options...
Rob is Busy Posted April 17, 2004 Author Share Posted April 17, 2004 That was the fix. Thanks, Alan. Link to comment Share on other sites More sharing options...
Rob is Busy Posted April 17, 2004 Author Share Posted April 17, 2004 Ok... it didn't work completely. It worked for some of the pages. Product Reviews, Product Info, and Click to Enlarge links are all still pointing at https://. >_< Link to comment Share on other sites More sharing options...
AlanR Posted April 17, 2004 Share Posted April 17, 2004 I just looked and that base href definition occurs in a bunch of files. Give me a few minutes and I'll check for a single place to fix them. I could replace them all at once but you probably can't. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management) Link to comment Share on other sites More sharing options...
Guest Posted April 17, 2004 Share Posted April 17, 2004 what have you modified in the code, other than configure.php files? you should not have to modify anything at all relating to ssl in the code, except for the configure.php files. if you do modify other things, then all bets are off as far as the security/checking for your site. undo all changes you made regarding your ssl to get back to scratch, then look at your server error and log files to see what is going on there. also, enable sql logging in the admin section of osCommerce, then see what it is doing there after a few clicks. Link to comment Share on other sites More sharing options...
Guest Posted April 17, 2004 Share Posted April 17, 2004 just for grins, what are the property/attributes of your images folder? Link to comment Share on other sites More sharing options...
AlanR Posted April 17, 2004 Share Posted April 17, 2004 OK, I found it. I should have checked further last night but it was late. Line 41 of application top is where $request_type is defined. $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL'; Swap these around, ie: $request_type = (getenv('HTTPS') == 'on') ? 'NONSSL' : 'SSL'; Make sure to change the previous (non) fix back to what it was in index.php <base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>"> Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management) Link to comment Share on other sites More sharing options...
thecodingmonkey Posted April 17, 2004 Share Posted April 17, 2004 screw all that just download some code comparing software and compare your modifed version of those pages to a fresh install of oscommerce then just fixed the messed up lines nothing worse than having to start from scratch that or just download your intire site including database and find a less crappy host that knows how to install an ssl cert Link to comment Share on other sites More sharing options...
AlanR Posted April 17, 2004 Share Posted April 17, 2004 you should not have to modify anything at all relating to ssl in the code, except for the configure.php files. if you do modify other things, then all bets are off as far as the security/checking for your site. You're right, since the stock set-up works great on every site I've set-up. But I suspect that in this case we've got some sysadmin in the hosting company who's made some kind of mistake. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management) Link to comment Share on other sites More sharing options...
AlanR Posted April 17, 2004 Share Posted April 17, 2004 screw all that just download some code comparing software and compare your modifed version of those pages to a fresh install of oscommerce then just fixed the messed up lines nothing worse than having to start from scratch that or just download your intire site including database and find a less crappy host that knows how to install an ssl cert He's made no changes at all, except for one. This is a new install. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management) Link to comment Share on other sites More sharing options...
AlanR Posted April 17, 2004 Share Posted April 17, 2004 and find a less crappy host that knows how to install an ssl cert Good point! :lol: http://www.robsdesign.com/ https://www.robsdesign.com/ Read their company profile. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management) Link to comment Share on other sites More sharing options...
Guest Posted April 17, 2004 Share Posted April 17, 2004 Interesting ideas and comments. My first thought was that it definately had to be the server set up. I have setup several builds and flavors of oscommerce - never have I had this issue. However, other applications such as gallery and help center live, installed under the same account dont have this (default to https) issue. I even set up help center live to use ssl with no trouble at all. I have searched through several groups looking for anyhone having similar issues - but everything I found lead me back to the application itself. I put together a temporary hack to work around the ssl images problem: Rplacing: $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL'; With: if(getenv('SERVER_PORT') == 80) { $request_type = 'NONSSL'; } elseif(getenv('SERVER_PORT') == 443) { $request_type = 'SSL'; } It's a nasty hack - but it's doing the trick Image wise - for the moment. All form submissions are still going to https - regardless of their setting (NONSSL). I continue to search for the solution to this issue - my gut still tells me it's a server issue... damn WHM.. Link to comment Share on other sites More sharing options...
Rob is Busy Posted April 17, 2004 Author Share Posted April 17, 2004 BOOM!! That all worked. Alan = Hero of the Day Link to comment Share on other sites More sharing options...
Guest Posted April 17, 2004 Share Posted April 17, 2004 curious to know if you are having form submit issues? Link to comment Share on other sites More sharing options...
AlanR Posted April 17, 2004 Share Posted April 17, 2004 BOOM!! That all worked. Alan = Hero of the Day Yeah, but remember that this is a cludge to get around an error in your hosting set-up. If they fix their system it should break again and you'll need to set it up the original way which works 99% of the time. Save a link to this thread somewhere so that you can see what you've done. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management) Link to comment Share on other sites More sharing options...
Christian Lescuyer Posted April 19, 2004 Share Posted April 19, 2004 Line 40 of index.php is <base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>"> Try swapping these two around. This seems quite wrong. If $request_type is indeed 'SSL', you do need to use the HTTPS server. The question is, why do we get 'SSL'? $request_type is set in application_top.php (line 41) with getenv('HTTPS'). Which server do you use? IIS, Apache? If Apache, is PHP used as a module or CGI? Christian Lescuyer Link to comment Share on other sites More sharing options...
AlanR Posted April 19, 2004 Share Posted April 19, 2004 Line 40 of index.php is This seems quite wrong. If $request_type is indeed 'SSL', you do need to use the HTTPS server. The question is, why do we get 'SSL'? This has been addressed, read backwards through the thread. It's alomost certainly an error on the part of the server admin setting up ssl. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management) Link to comment Share on other sites More sharing options...
Christian Lescuyer Posted April 19, 2004 Share Posted April 19, 2004 Oops, you're right. :blink: I'd still like to know the server config, though. Christian Lescuyer Link to comment Share on other sites More sharing options...
Guest Posted April 19, 2004 Share Posted April 19, 2004 I am using apache / RHE / PHP module. More info on my situation. I have installed an additional ssl oscommerce site on this same server for another client. The new oscommerce install is functioning perfectly with ssl in every way. However the original shop I posted about is still having this (defaulting to SSL issue) issue. To further my frustration, this same (defaulting to ssl) shop code works perfectly on the original server it came from with no modification. I just dont get it.. Maybe Alan is right - maybe it is a problem with the cert? Link to comment Share on other sites More sharing options...
Guest Posted April 19, 2004 Share Posted April 19, 2004 recompiled apache/php - all better now. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.