npn2531

Since you are not getting an error msg, your syntax is good but my guess is that your query is coming up with no records that match the request.  The query below is a bit less restrictive, and may help you troubleshoot the problem

//find all the reviews
$reviews_query_raw = "select r.reviews_id, left(rd.reviews_text, 100) as reviews_text, r.reviews_rating, r.date_added, r.customers_name from " . TABLE_REVIEWS . " r, " . TABLE_REVIEWS_DESCRIPTION . " rd where r.products_id = '" . (int)$product_info['products_id'] . "' and r.reviews_id = rd.reviews_id and rd.languages_id = '" . (int)$languages_id . "' order by r.date_added desc";

Everybody's site has the search box on it, and it will work without causing the message regardless of http or https. The issue is not what the search looks at but how the box is written, ie not hard coded for example. As long as you are using the standard OSCommerce format, the search box will not cause a security warning.

If you go to www dot whynopadlock dot com you will be able  to check the page  in question. This site gives you  a detailed list of secure and unsecure items as well as other info related to https  

In other words it will tell you what specific item is causing that message and it's free.

I had my web host email this, after disabling the tell-a-friend feature without notice:

Quote

I checked and sure enough, when you tried to use the tell a friend you got this ugly message from the webhost.  A few days later, without notice, they announced the tell a friend on my site was enabled, and when I checked it was working as before just fine, no ugly message or anything.

On my site you have to be signed on to use the tell-a-friend, so maybe that's why they 'reenabled' it.  But  I found it interesting (disturbing, rather) they could target some isolated function of my shopping cart and just disable it.

Otherwise my  webhost is great, so I didn't get all self-righteous, and besides was just to busy to focus on it.  Maybe I should disable it altogether? I don't know.

One deficit with MM is that there is no checking on the validity of an email or even the format of an email. You can use OSCommerce to check the format of an email by putting restrictions in the database for the field that hold customer emails. ( I think it does this already?) Commercial mail programs such as Mail Chimp may have a way of 'pinging' email addresses to see if they exist, and there are also stand alone programs that will check to see if an email exists. (google 'email checking' or some such).  

Validity and format checking  at least lets you know if you are  emailing valid email addresses. You can assume that in MM when you see the completed MM message that MM emailed all the records in the email field in customer table in the database. (noting of course that MM will attempt to email anything in that record regardless of whether it is an email or not)

You can also put in tracking links in emails, and get feedback if someone clicks on a link, and also programs exist that allow you to see if an email was opened or read. (Google 'email tracking' or similar)

If you get anything like the above incorporated into MM, I would love to see it. It would really enhance MM.