Guest Posted June 22, 2004 Posted June 22, 2004 Just dug around osCommerce site and forum for answers... nothing so far. I need to secure (ssl - https) the login info and user data. I read on the configure.php and set everything up as they say. osCommerce is suppost to automatically direct you to a secure connection..but, it doesn't. I can manually add the 's' on http:// to secure it and it works fine. Anyone figure out how to automate this and make the ssl active on account login? When someone initialy visits the catalog...it should be unsecure... crusin around...collecting goods in their cart. But, when they log in or check out, it should automatically take them to a secure page. If I do it manually, it works... what gives? here is the catalog configure.php (top portion)---------------------------------- define('HTTP_SERVER', 'http://zonewave.com'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://zonewave.com'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', 'true'); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'zonewave.com'); define('HTTPS_COOKIE_DOMAIN', 'zonewave.com'); define('HTTP_COOKIE_PATH', '/catalog/'); define('HTTPS_COOKIE_PATH', '/catalog/'); define('DIR_WS_HTTP_CATALOG', '/catalog/'); define('DIR_WS_HTTPS_CATALOG', '/catalog/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/'); define('DIR_FS_CATALOG', 'D:/hshome/zonewave/zonewave.com/catalog/'); define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/'); define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/'); HERE IS THE ADMIN configure.php------------------------------------------ define('HTTP_SERVER', 'http://zonewave.com'); // eg, http://localhost or - https://localhost should not be NULL for productive servers define('HTTP_CATALOG_SERVER', 'http://zonewave.com'); define('HTTPS_CATALOG_SERVER', 'https://zonewave.com'); define('ENABLE_SSL_CATALOG', 'true'); // secure webserver for catalog module define('DIR_FS_DOCUMENT_ROOT', $DOCUMENT_ROOT); // where your pages are located on the server. if $DOCUMENT_ROOT doesnt suit you, replace with your local path. (eg, /usr/local/apache/htdocs) define('DIR_WS_ADMIN', '/admin/'); define('DIR_FS_ADMIN', DIR_FS_DOCUMENT_ROOT . DIR_WS_ADMIN); define('DIR_WS_CATALOG', '/catalog/'); define('DIR_FS_CATALOG', DIR_FS_DOCUMENT_ROOT . DIR_WS_CATALOG); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/'); define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/'); define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/'); define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/'); Thanks in advance if someone know this one? Zonewave
vasttech Posted June 22, 2004 Posted June 22, 2004 Do you have a certificate or access to a shared one from your host? If it is shared most likely you will have to copy the files to a special directory. osCommerce Knowledge Base osCommerce Documentation Contributions
AlanR Posted June 22, 2004 Posted June 22, 2004 Two things. 1) You don't appear to have a valid cert. I get an error. 2) The links for log in should show as https whether your ssl is working correctly or not. So look in includes/local and see if there's another configure.php file lurking there. Some installs end up with this and others not. You can rename or delete this file as long as the main one is correct (includes/configure.php). It's a developer tool and it will override the primary file if it exists. Its existence is tested in application_top.php. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)
Recommended Posts
Archived
This topic is now archived and is closed to further replies.