14 replies to this topic

[BirdBrain]

Here are a couple of examples of the code neccessary to use the tep_href_link and tep_image functions and get rid of the nasty security warnings you get for having "mixed" content on a secure page that are caused by hardcoding an absolute address or image......



This one is for an image that is not a link......this one pulls the image from the catalog/images directory

<?php echo tep_image(DIR_WS_IMAGES .  'your_image.gif'); ?>

To add the ALT text and dimensions:

<?php echo tep_image(DIR_WS_IMAGES . 'my_image.gif', 'my ALT text', '100px', '150px'); ?>

This one is a clickable image link for a page within your web site......

<?php echo '<a href="' . tep_href_link('your_directory/your_page.php') . '">' . tep_image(DIR_WS_IMAGES . your_image.gif) . '</a>'; ?>

To make it a text link for a page within your web site....

<?php echo '<a href="' . tep_href_link('your_directory/your_page.php') . '">' . Your Text Here . '</a>'; ?>

To make it a text link for a page outside your web site....

<?php echo '<a href="http://www.some-other-site.com">Your Text Here</a>'; ?>

If you are using images in the stylesheet for backgrounds they should also use the relative address.....e.g. images/my_background.gif

[BirdBrain]

One important note...Unfortunately the above suggestions will not help with banners or other "offsite" images or scripts.

[jahwise]

Greetings,

I am having a problem with thecheckout process on my shopping cart at http://www.loopwise.com/osc/catalog

When i click add to cart for a product...a message appears saying that there is both secure and insecure content on the following page...do you wish to proceed. (right here i am probably losing about half of my customers becuase of this sign...this needs to be taken off there immediately.)

The reason this is happening is becuase i have images being pulled from my distibutors server...

please someone tell me there is a ay to get rid of that notice? or there must be a way around this somehow? I have spent much time and money getting the script to pull those images from the HL server...

thanks in advance!

-taylor

[wizardsandwars]

You have to ask your distributor if they can provide the image from a secure server. You could probably just try to add a 's' to the url to see if they have their own SSL, like "https://wwwwhatever.com"

If the url to the image has the s in it, you won't get that error.

[sgflowers]

Quote

One important note...Unfortunately the above suggestions will not help with banners or other "offsite" images or scripts.

if it is a static banner / image store a copy locally on your site rather than pulling it from another site  ie ssl seal

[mcbsolutions]

Kim,
Thanks for the helpful tip!  I just installed SSL and am going to try and get rid    of all the messages from popping up.  

To make things easier, does someone have a list of  files that contain the code that Kim referenced that needs changing?  This seems like it will be a big task to try and pinpoint all of them.  

Thanks !

Steve

[CarrieB]

Hi!  Kim, thanks for clarifying the image issues.  That really helps.

Do any of you have suggestions for disabling "offsite" images/banners when in secure mode? I have one in the right column, but I just can't figure out how to nix it on secure pages (https).  Would the code be integrated with column_right.php?  Or elsewhere?  (BTW, it's a search box that can not be copied to my site.)

I've searched the forum high and low - I hope someone can help!

Thanks!

[abarnes]

Carrie,
Here is the link for the solution me and Mathew came up with.

http://forums.oscommerce.com/viewtopic.php...=38248&start=10

HTH, Tony

[jeana]

So what do I do with offsite scripts?  I am running a banner in my header from google.  Please help!

Quote

One important note...Unfortunately the above suggestions will not help with banners or other "offsite" images or scripts.

[iiinetworks]

The only thing that you can do with an offsite script is to not use it when in SSL mode.  With offsite pictures, you have that option plus the option of duplicating the image locally.

Hth,
Matt

[wizardsandwars]

Try adding a 's' to the url, as in https://www.google/banner.gif

If that doesn't work, you'll have to ask google for a url through a secure server.

[jeana]

Thank you - although it is a bummer answer.

[jeana]

Thanks Chris - but its actually a script they give me

<script type="text/javascript"><!--
google_ad_client = "pub-6067943017685087";
google_ad_width = 468;
google_ad_height = 60;
google_ad_format = "468x60_as";
google_color_border = "191933";
google_color_bg = "333366";
google_color_link = "99CC33";
google_color_url = "FFCC00";
google_color_text = "FFFFFF";
//--></script>
<script type="text/javascript"
  src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>

[wizardsandwars]

Jena,

Try changing
http://pagead2.googlesyndication.com/pagea...ead/show_ads.js

to

https://pagead2.googlesyndication.com/pagea...ead/show_ads.js

[wizardsandwars]

If that doesn't work, and it appears that it won't, then you'll need to contact Google and ask them for a version of the same script but with the image source coming through a secure server.

I'm sure they offer a solution for that.