Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

Category list switches from SSL to NONSSL

Carbon

By Carbon
in General Support

Recommended Posts

Carbon

Carbon

Posted
Posted

I have done a standard installation to get used to things before I restyle OSC so I want to sort the "niggles" out now...

 

Every link within OSC is an SSL protected link with padlock EXCEPT for the category links in the top left category box.

 

So my question is how to make these links secure too?

 

The funny thing is, if you click any other link that expands the category list, the link address in the cat' list corrects itself and is prefixed with https:// instead of just http://... BUT visit another page (either clicking a product or cat link) it then doesn't work... and so on.. works... doesn't work... works... etc.

 

I'm 80% sure the problem is NOT in either of the configure.php files (especially as the cat links are the ONLY bits that wont use SSL every time) so I have turned my attention to...

 

catalog/includes/boxes/categories.php

 

in particular this bit near the top...

 

$categories_string .= tep_href_link(FILENAME_DEFAULT, $cPath_new) . '">';

 

I have learned that it should send 3 parameters, the last being either SSL or NONSSL and this would force the link to use either one, but how do I get it to work?

 

I have tried...

 

$categories_string .= tep_href_link(FILENAME_DEFAULT, $cPath_new, SSL) . '">';

 

and...

 

$categories_string .= tep_href_link(FILENAME_DEFAULT, $cPath_new, 'SSL') . '">';

 

but without success.

 

My host feels that it's my frameset that is preventing the cat links from working, but I reckon this is way off the mark coz everything else works and the cat links do work every other time.

 

Anyhoo, it's late and "I've done me head in" ;)

 

Cheers

 

Carbon

Link to comment
Share on other sites
Vger

♥Vger

Posted
Posted

You don't need to protect every page of your site with SSL. Configured correctly osCommerce will decide which pages need to be http and which need to be https.

 

If you want to make all of your site https then fine - the site will slow right down because all https pages have to be encrypted before delivery to the users browser - and another little problem - you'll never get any search engine rankings because https pages aren't given any ranking at all. Other than that ...fine.

 

Vger

Link to comment
Share on other sites
dahui

dahui

Posted
Posted

Vger is absolutely right, and by default osc is by far not setting only the cats to nonssl

 

besdies that I wonder why

 

$categories_string .= tep_href_link(FILENAME_DEFAULT, $cPath_new, 'SSL') . '">';
does not work

 

should do the job to my opinion, so maybe yr host is right

 

dahui

Link to comment
Share on other sites
Vger

♥Vger

Posted
Posted

Apart from everything else sandwiching an osCommerce site, with a full ssl cert, into an http frames page (html) is a complete waste of an ssl cert - because the padlock will never be shown, not even when there's an https page inside the frame.

 

Not only is using ssl for all pages a total killer as far as search engine ranking is concerned, so is using frames. That's a double whammy!

 

Vger

Link to comment
Share on other sites
AlanR

AlanR

Posted
Posted
Apart from everything else sandwiching an osCommerce site, with a full ssl cert, into an http frames page (html) is a complete waste of an ssl cert - because the padlock will never be shown, not even when there's an https page inside the frame.

 

Not only is using ssl for all pages a total killer as far as search engine ranking is concerned, so is using frames.  That's a double whammy!

 

Vger

 

The question is...

 

Why is he using frames at all? I've seen another installation where someone set up the site under frame forwarding because they didn't understand how their hosting system works.

 

A link would help a lot.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites
Carbon

Carbon

Posted
  • Author
Posted

OK..

 

First off, I use frames because I cannot achieve the same effect any other way.

 

Second, my website IS search engine friendly because all of the frame content is in seperate html files.

 

Thirdly, I DO get the padlock within my framed site (as per original post)

 

Fouthly? (is there such a phrase?) I will be stripping the guts out of OSC and combined with the way I intend to market my products there will be very little page loads once within the shop part of the site.

 

and

 

Fithly? (now that definately isn't a phrase) if the cat links aren't prefixed with https:// then I get the deal breaker mixed content pop-up security warning and either lose the padlock or get a page not found.

 

Hope that explains "why" I want to do it, now back to the "can you help me do it?" part ;)

 

Cheers

 

Carbon

Link to comment
Share on other sites
Carbon

Carbon

Posted
  • Author
Posted

I nearly forgot, AlanR thought a link might help so here goes...

 

(bear in mind that the site as a whole is still under construction and that the OSC part is pretty much "out of the box")

 

The main website

 

Links directly to the shop

 

If you link directly, be aware that my code will recreate the frameset around the orphaned page.

 

There is another way to access the osc bit, but I haven't tested it out yet coz the page hasn't updated yet my end, and that is if you visit the "customise" section from the home page, the very last fullstop (period) is a link.

 

cheers guys, appreciate any help I can get.

 

Carbon

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...