darrenultra Posted February 24, 2008 Share Posted February 24, 2008 Hi, I really hope someone can help me with this problem ...my brain is in knots after endless scouring of forums looking for a solution. I recently moved my website from my local server to 1and1. I then set up shared ssl and made changes to my config files. Includes/Configure.php now looks like this: define('HTTP_SERVER', 'http://www.bananafingers.co.uk'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://sslrelay.com/bananafingers.co.uk'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'www.bananafingers.co.uk'); define('HTTPS_COOKIE_DOMAIN', 'sslrelay.com/bananafingers.co.uk'); define('HTTP_COOKIE_PATH', '/storeradio/'); define('HTTPS_COOKIE_PATH', '/storeradio/'); define('DIR_WS_HTTP_CATALOG', '/storeradio/'); define('DIR_WS_HTTPS_CATALOG', '/storeradio/'); I have also changed Includes/application_top.php to ...adding the line: $request_type = (getenv('HTTP_X_FORWARDED_HOST') == 'sslrelay.com') ? 'SSL' : 'NONSSL'; However, when navigating my way around my website it is as if no changes have been made at all. There is no automatic switching from http to https when i get to pages which should be secure (e.g. login.php). Following advice I uploaded the myenv.php file ...these are the results i get when i run the script: HTTP HOST: bananafingers.co.uk Server Port: 80 SSL Status: Fowarded Server: sslrelay.com Fowarded Host: sslrelay.com Fowarded By: United Internet SSL Proxy When i type https://sslrelay.com/bananafingers/storeradio/login.php directly into the address bar I get the messsage asking whether i want to display nonsecure items and then the page loads (images not shown). When I go to the source code for the page I notice the following line of code: <base href=""> I have read in a forum that for switching to work properly it should be reading: <base href="https://sslrelay.com/bananafingers.co.uk/storeradio/"> If anyone has any idea ... 1. Whether SSL is working on my site 2. How I can make the site automatically switch to https at the appropriate times ...then please help me! Cheers, Nick Link to comment Share on other sites More sharing options...
d4funky1 Posted February 24, 2008 Share Posted February 24, 2008 Hi, I too am on 1 and 1 was on a shared server but now on managed dedicated. However when i set up my SSL i was on a shared server and i have made no changes to my configure.php file since then so here it is for you to compare with: define('HTTP_SERVER', 'http://www.mydomainname.co.uk'); // eg, http://localhost - should not be empty for productive servers define('HTTPS_SERVER', 'https://www.mydomainname.co.uk'); // eg, https://localhost - should not be empty for productive servers define('ENABLE_SSL', true); // secure webserver for checkout procedure? define('HTTP_COOKIE_DOMAIN', 'www.mydomainname.co.uk'); define('HTTPS_COOKIE_DOMAIN', ''); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', ''); define('DIR_WS_HTTP_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', '/'); define('DIR_WS_IMAGES', 'images/'); define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/'); define('DIR_WS_INCLUDES', 'includes/'); define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/'); define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/'); define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/'); define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/'); define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/'); define('DIR_WS_BLOG', 'blog/'); if ($request_type = 'SSL'){ define('DIR_WS_IMAGES', 'images/'); } else { define('DIR_WS_IMAGES', 'images/'); } Link to comment Share on other sites More sharing options...
darrenultra Posted February 24, 2008 Author Share Posted February 24, 2008 Hi, Thanks for the info - but it looks to me like we have slightly different setups. From your HTTPS_SERVER address it looks to me like you were paying for a dedicated SSL certificate from 1and1. I am trying to use their shared SSL. I think confusion is arising between shared hosting and shared SSL! The bit of code at the bottom looks very useful though. When i type the https page into the address bar the images will not display. I will use your code to specify a different address for them ...so that hopefully they will become visible again. I still need a solution to help me automatically switch to https though ...anyone?! Link to comment Share on other sites More sharing options...
d4funky1 Posted February 24, 2008 Share Posted February 24, 2008 Have you tried this: http://addons.oscommerce.com/info/3289 Link to comment Share on other sites More sharing options...
germ Posted February 24, 2008 Share Posted February 24, 2008 Look in this file (if it exists): /storeradio/includes/local/configure.php See what it has defined for HTTPS_SERVER If it's not right, fix it. Also, it may have this line: define('ENABLE_SSL', 0); If so, change it to this: define('ENABLE_SSL', 1); If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
darrenultra Posted February 24, 2008 Author Share Posted February 24, 2008 Hi, Yeah I tried that link. I followed the guidance and acted accordingly. Before finding that link I couldn't get a secure page to show even by typing it into the address bar. It solved that problem - but I'm still not automatically switching between http and https. Hmm tricky. Have you tried this: http://addons.oscommerce.com/info/3289 Link to comment Share on other sites More sharing options...
darrenultra Posted February 24, 2008 Author Share Posted February 24, 2008 Hi Jim, The page you suggested doesn't exist in my catalog ...hope this isn't a problem! /storeradio/includes/local/configure.php Any other suggestions accepted with arms wide open! Link to comment Share on other sites More sharing options...
germ Posted February 24, 2008 Share Posted February 24, 2008 Well, I'd like to help, but I can't see your web page to find out what's happening. I think this is your site: http://www.bananafingers.co.uk/storeradio But you have a .htaccess file preventing me from seeing it. :huh: I can't fix what I can't see, and any suggestions are just a shot in the dark... >_< If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
darrenultra Posted February 24, 2008 Author Share Posted February 24, 2008 Sorry Jim! The .htaccess is there to stop it being spidered by google too soon. Unfortunately, it is some 1and1 devised file which uses my ftp username and password. I'll see if I can change it to a simple username and password so you can see the site. Link to comment Share on other sites More sharing options...
darrenultra Posted February 24, 2008 Author Share Posted February 24, 2008 I've managed to change the htaccess username and password Username: 1234 Password: 1234567 If anyone will have a look at the site: www.bananafingers.co.uk/storeradio/ ...i would really appreciate it. When you go to the login page you'll see that it doesn't automatically switch to https. However, if you type: https://sslrelay.com/bananafingers.co.uk/st...radio/login.php then the webpage loads (the images and stylesheet don't load but i'll solve that later!) you can login as '[email protected]' with password 'vegas' ...if this helps. Link to comment Share on other sites More sharing options...
germ Posted February 24, 2008 Share Posted February 24, 2008 Is there an /includes/local/configure.php in your admin folder? :unsure: If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
Eighteen48 Posted February 25, 2008 Share Posted February 25, 2008 I am also on 1and1 and originally had this problem as well. Here is the fix for this. 1) Open includes/application_top.php file 2) Find around Line 43 $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL' 3) Replace with the following // $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL'; $request_type = (eregi ($HTTP_HOST, HTTPS_SERVER)) ? 'SSL' : 'NONSSL'; I hope this helps everybody who is getting the Non-Secure Errors Powered By osC 2.2RC2a STS 4.5.8 - HTC 2.6.3 - FP 1.5.9 - BCH 1.0.0 Link to comment Share on other sites More sharing options...
darrenultra Posted February 25, 2008 Author Share Posted February 25, 2008 No - i don't have an includes/local/configure/php ....hmmm Link to comment Share on other sites More sharing options...
germ Posted February 25, 2008 Share Posted February 25, 2008 You're not using "stock" osC. Maybe it's not coded to use SSL. In your /storeradio/index.php file Search for the term FILENAME_ACCOUNT Post the line it's on, and 5 or so lines on either side. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
Eighteen48 Posted February 25, 2008 Share Posted February 25, 2008 No - i don't have an includes/local/configure/php....hmmm ? there is no such listing, follow my instruction in the post above to fix your SSL errors. I have several stores running on 1and1 Shared SSL as well as several using a dedicated SSL provided by 1and1. Powered By osC 2.2RC2a STS 4.5.8 - HTC 2.6.3 - FP 1.5.9 - BCH 1.0.0 Link to comment Share on other sites More sharing options...
darrenultra Posted February 25, 2008 Author Share Posted February 25, 2008 Hi Ano, I've actually already changed those lines of code. I'm now using the following: // $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL'; $request_type = (getenv('HTTP_X_FORWARDED_HOST') == 'sslrelay.com') ? 'SSL' : 'NONSSL'; I tried using the code that you suggested ...but I later discovered the solution above. This doesn't help me to automatically switch to https when, for example, I open the login.php page though... If i go to the source code for https://sslrelay.com/bananafingers.co.uk/st...radio/login.php then I find the line: <base href=""> ...i know this isn't right ...anyone have the fix? I am also on 1and1 and originally had this problem as well. Here is the fix for this. 1) Open includes/application_top.php file 2) Find around Line 43 $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL' 3) Replace with the following // $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL'; $request_type = (eregi ($HTTP_HOST, HTTPS_SERVER)) ? 'SSL' : 'NONSSL'; I hope this helps everybody who is getting the Non-Secure Errors Link to comment Share on other sites More sharing options...
darrenultra Posted February 25, 2008 Author Share Posted February 25, 2008 I have the STS version 4.3.3 contribution installed - could that be what is causing my problem? I couldn't find the lines you were looking for in my storeradio/index.php, presumeably because of STS. However I have the following code in storeradio/includes/modules/sts_inc/general.php if (tep_session_is_registered('customer_id')) { $sts->template['myaccount'] = '<a href=' . tep_href_link(FILENAME_ACCOUNT, '', 'SSL') . ' class="headerNavigation">' . HEADER_TITLE_MY_ACCOUNT . '</a>'; $sts->template['urlmyaccount'] = tep_href_link(FILENAME_ACCOUNT, '', 'SSL'); $sts->template['logoff'] = '<a href=' . tep_href_link(FILENAME_LOGOFF, '', 'SSL') . ' class="headerNavigation">' . HEADER_TITLE_LOGOFF . '</a>'; $sts->template['urllogoff'] = tep_href_link(FILENAME_LOGOFF, '', 'SSL'); $sts->template['myaccountlogoff'] = $sts->template['myaccount'] . " | " . $sts->template['logoff']; // Next tags added in v4.3 $sts->template['loginofflogo'] = '<a href=' . tep_href_link(FILENAME_LOGOFF, '', 'SSL') . ' class="headerNavigation">' . tep_image(STS_TEMPLATE_DIR.'images/'.$language . '/header_logoff.gif', HEADER_TITLE_LOGOFF) . '</a>'; } else { $sts->template['myaccount'] = '<a href=' . tep_href_link(FILENAME_ACCOUNT, '', 'SSL') . ' class="headerNavigation">' . HEADER_TITLE_MY_ACCOUNT . '</a>'; $sts->template['urlmyaccount'] = tep_href_link(FILENAME_ACCOUNT, '', 'SSL'); $sts->template['logoff'] = ''; $sts->template['urllogoff'] = ''; $sts->template['myaccountlogoff'] = $sts->template['myaccount']; You're not using "stock" osC. Maybe it's not coded to use SSL. In your /storeradio/index.php file Search for the term FILENAME_ACCOUNT Post the line it's on, and 5 or so lines on either side. Link to comment Share on other sites More sharing options...
germ Posted February 25, 2008 Share Posted February 25, 2008 It's coded right: tep_href_link(FILENAME_ACCOUNT, '', 'SSL') Since I have no experience with STS, I'm out of the picture on that one. My estimation is that it is an STS problem. I can, however, help get your configure.php setup for SSL correctly. I'll be back in a few with that info. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
germ Posted February 25, 2008 Share Posted February 25, 2008 In your application_top, trry this line: $request_type = ($_SERVER['HTTP_X_FORWARDED_HOST'] == 'sslrelay.com') ? 'SSL' : 'NONSSL'; If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
darrenultra Posted February 25, 2008 Author Share Posted February 25, 2008 I've already made that modification! ...anyway ...i need some sleep. It is far too late over here in the UK. If you have any other ideas let me know - i'll have another go tomorrow. Cheers In your application_top, trry this line: $request_type = ($_SERVER['HTTP_X_FORWARDED_HOST'] == 'sslrelay.com') ? 'SSL' : 'NONSSL'; Link to comment Share on other sites More sharing options...
germ Posted February 25, 2008 Share Posted February 25, 2008 No you haven't. You did this: $request_type = (getenv('HTTP_X_FORWARDED_HOST') == 'sslrelay.com') ? 'SSL' : 'NONSSL'; I asked for this: $request_type = ($_SERVER['HTTP_X_FORWARDED_HOST'] == 'sslrelay.com') ? 'SSL' : 'NONSSL'; NOT THE SAME! Get your STS problem fixed then post again in this thread and we'll continue. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
darrenultra Posted February 25, 2008 Author Share Posted February 25, 2008 My mistake. If I do make that change though I get the following error message: Fatal error: Call to undefined function: array() in /homepages/20/d199311416/htdocs/storeradio/includes/application_top.php on line 42 ...i've therefore reverted back to what I had originally. I don't think I have any STS problem ...possibly a conflict between it and shared SSL?! No you haven't. You did this: $request_type = (getenv('HTTP_X_FORWARDED_HOST') == 'sslrelay.com') ? 'SSL' : 'NONSSL'; I asked for this: $request_type = ($_SERVER['HTTP_X_FORWARDED_HOST'] == 'sslrelay.com') ? 'SSL' : 'NONSSL'; NOT THE SAME! Get your STS problem fixed then post again in this thread and we'll continue. Link to comment Share on other sites More sharing options...
Eighteen48 Posted February 25, 2008 Share Posted February 25, 2008 I have the STS version 4.3.3 contribution installed - could that be what is causing my problem? I couldn't find the lines you were looking for in my storeradio/index.php, presumeably because of STS. It is not STS, as it does nothing but change your template design, but since you are running STS make sure in your template files your urls especially for graphics are absolute ie images/imagename.jpg and not this mysite.com/images/imagename.jpg As this may casue you to have the non-secure error. Powered By osC 2.2RC2a STS 4.5.8 - HTC 2.6.3 - FP 1.5.9 - BCH 1.0.0 Link to comment Share on other sites More sharing options...
crash3903 Posted February 25, 2008 Share Posted February 25, 2008 Hi Jim, The page you suggested doesn't exist in my catalog ...hope this isn't a problem! /storeradio/includes/local/configure.php Any other suggestions accepted with arms wide open! Do you have this file? /storeradio/includes/configure.php Regards Mark A Reynolds Link to comment Share on other sites More sharing options...
darrenultra Posted February 25, 2008 Author Share Posted February 25, 2008 Hi, Yes I have includes/configure.php and have modified it (correctly i think). See the start of this thread - i pasted my settings on my first post. Anyone got any ideas yet? The website is www.bananafingers.co.uk/storeradio/ You will need this username and password combination to look at it: username: 1234 password: 1234567 The website doesn't automatically switch between http and https. However try typing https://sslrelay.com/bananafingers.co.uk/st...radio/login.php into the address bar. Also try the following to see some ssl settings: https://sslrelay.com/bananafingers.co.uk/st...radio/myenv.php ...it doesn't mean a lot to me ...but i'm hoping it will to someone! Do you have this file? /storeradio/includes/configure.php Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.