SSL issue: HTTPS checkout pages don't swtich back to HTTP (NONSSL)

[mph77]

Hi. My client just got their own SSL certificate, and it works fine...but once you get to the checkout process, ALL the links on the page begin with https:// because each .php script has this at the top:

 

<base href="<?php echo(getenv('HTTPS') == 'on' ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG;?>">

 

Therefore, once you switch to HTTPS, you don't switch back to HTTP. I've tried every combination of HTTPS settings in the two config files, and those don't seem to be the problem. I tried altering the base href tag to this:

 

<base href="<?php echo HTTP_SERVER . DIR_WS_CATALOG;?>">

 

...but that didn't work. I also tried removing that base href tag altogether, but that didn't work either.

 

You see, my client can't live with that annoying browser notice that warns the user of "secure and nonsecure items" on the page, and I can't live with the entire site being encrypted once they begin the checkout process. Oh, I should point out that this code I'm working with is four years old. I don't know the version of osCommerce involved, but I do see copyright comments labeled with the year 2002.

 

Thanks for any advice you can offer!

 

Matt

[mph77]

Wow, zero replies. Does anybody have any insight to offer?

 

Thanks,

Matt

[Nullachtfuffzehn]

Usually the links on the page are created by using the tep_href_link() wrapper function, which by default creates Non-SSL links as long as you don't state anything else. It's submitted as a parameter. Regarding that all your links are secure links, I guess that some of them are hardcoded rather than created by the mentioned wrapper functions.