Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Security Issue (Bug?)


chrisauman

Recommended Posts

Ok, this is a concern to me and maybe others and I need to get a definite answer to this and maybe how to fix it if it is a problem.

 

It appears that once a user has an account and they are already logged in they can select checkout and the page that you enter all your credit card information on appears under the https secure server. Now... If a user is shopping and then they hit checkout and THEN log in, once you hit the login button the credit card information page appears as http. Once you enter your credit card information and you hit the next button it then switches over to https.

 

So my question is... is the information being submitted securely since the page you are entering the credit card number on is not https.

 

Any idea how to fix this? It even appears that the link on the login page goes to an https page but when you click on it, it just goes to http.

 

So the process is go to the store, select an item, proceed to check out, login to existing account, goes to credit card information page that is http (not secure), then when you hit next it goes to a secure page.

 

You can see my working site at http://www.krd1.com/estore/catalog/default.php

 

Please help if you can. Thanks.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...