Jump to content

Archived

This topic is now archived and is closed to further replies.

steelthings

Steel Jewellery Store Feedback?

Recommended Posts

To get rid of the red warning flash you have to navigate to the catalog/admin/includes/configure.php file in your ftp program (cuteftp etc) and change its CHMOD properties to 644 which allows you to read and write the file but only read for everyone else.

 

Let me know if you need help with this but usually you just highlight the file, rightclick and select from the context menu.

 

Good luck

 

Carbon

 

Thanks, it worked. I asked about the "sslpowered" and they said once I get my own certificate I can take that out.

Share this post


Link to post
Share on other sites
Thanks, it worked. I asked about the "sslpowered" and they said once I get my own certificate I can take that out.

 

Cool, looks like you're on your way :)

 

Carbon

Share this post


Link to post
Share on other sites

ya know whats weird.. I have a shared SSL too, and when you go from my website to an SSL page, the url changed from furryfamilysupplies.com to hostmonstersecure~furryfam (orsomething liek that) so it is CLEARLY not my own ssl.. HOWEVER, even so, i do NOT get the certificate error that i get on your site.. You should call them and see why.. I have no idea what would cause that on yours and not on mine, but i have basically the same setup as you.


A great place for newbies to start

Road Map to oscommerce File Structure

DO NOT PM ME FOR HELP. My time is valuable, unless i ask you to PM me, please dont. You will get better help if you post publicly. I am not as good at this as you think anyways!

 

HOWEVER, you can visit my blog (go to my profile to see it) and post a question there, i will find time to get back and answer you

 

Proud Memeber of the CODE BREAKERS CLUB!!

Share this post


Link to post
Share on other sites
Cool, looks like you're on your way :)

 

Carbon

 

I'm not sure. I've had the most disgusting day. When I tried to verify myself to the people at the SSL place, my email kept on turning all the files to "0k" instead of 161k or whatever, and they would just get a red x to open instead of my lovely validating document, but not always, sometimes it would work (netfirms... Webmail... is it me?) . Not very impressive, although I checked them before I sent them, then later they would be gone. Whambulance! So it finally worked when I sent them from my hotmail account and I think all is well... They sent me a certificate and seem to have forgiven me.

 

Anyway, I have a dedicated IP and an SSL certificate now, (only installed it about 5 minutes ago so I don't know if it works yet). When I just went in through the https link, it still said the address doesn't match the certificate, which I believe was the whole purpose of this exercise, but maybe I'm jumping the gun...

 

Argh? Nicole

Share this post


Link to post
Share on other sites
ya know whats weird.. I have a shared SSL too, and when you go from my website to an SSL page, the url changed from furryfamilysupplies.com to hostmonstersecure~furryfam (orsomething liek that) so it is CLEARLY not my own ssl.. HOWEVER, even so, i do NOT get the certificate error that i get on your site.. You should call them and see why.. I have no idea what would cause that on yours and not on mine, but i have basically the same setup as you.

 

I dunno... I called them but I just ended up getting a dedicated IP and SSL instead. I would rather pay $140 a year than have it tell ANYONE that I might be trying to fool them! Criminy, what a nasty message. Clearly I do not have the technology to be fooling people... hehe

 

So did you get a chance to check the speed of my page from home the other day? I was wondering if it was the US/Canada server problem that made it load slowly...

 

Thanks,

 

Nicole

Share this post


Link to post
Share on other sites

yes, i did clikc around a little.. it was definitely my PC at work acting up.. funny ya know..i have a 5 month old PC that is slower than our 10 year old Mac G4.


A great place for newbies to start

Road Map to oscommerce File Structure

DO NOT PM ME FOR HELP. My time is valuable, unless i ask you to PM me, please dont. You will get better help if you post publicly. I am not as good at this as you think anyways!

 

HOWEVER, you can visit my blog (go to my profile to see it) and post a question there, i will find time to get back and answer you

 

Proud Memeber of the CODE BREAKERS CLUB!!

Share this post


Link to post
Share on other sites
yes, i did clikc around a little.. it was definitely my PC at work acting up.. funny ya know..i have a 5 month old PC that is slower than our 10 year old Mac G4.

 

Good to know... about my site. About the PC, not so much. Work must be a hassle with a slow computer! I'm looking at getting a mac, are they as fun as they say?

Share this post


Link to post
Share on other sites

yes.. once you go mac, you never go back :)

 

i never had a mac, but my hubby being in video editing and photography ONLY had macs. When it came time to buy a new laptop, i was not given a choice,. i was actually SCARED i wasnt going to be able to use it.. but that was a STUPID fear.. they are 100000000000 times more easy to figure out than PC. it MIGHT take you a day at the msot. GET ONE


A great place for newbies to start

Road Map to oscommerce File Structure

DO NOT PM ME FOR HELP. My time is valuable, unless i ask you to PM me, please dont. You will get better help if you post publicly. I am not as good at this as you think anyways!

 

HOWEVER, you can visit my blog (go to my profile to see it) and post a question there, i will find time to get back and answer you

 

Proud Memeber of the CODE BREAKERS CLUB!!

Share this post


Link to post
Share on other sites
yes.. once you go mac, you never go back :)

 

i never had a mac, but my hubby being in video editing and photography ONLY had macs. When it came time to buy a new laptop, i was not given a choice,. i was actually SCARED i wasnt going to be able to use it.. but that was a STUPID fear.. they are 100000000000 times more easy to figure out than PC. it MIGHT take you a day at the msot. GET ONE

 

I should. My brain hurts from learning right now though, so maybe I'll wait a month or two. My hubby wants one for music because he's a drummer, so maybe I'll let him get one and keep my PC until my head stops aching. ;o)

 

On another note, my entire site looks like it's being run by criminals now! I put on my dedicated SSL and IP and all that, and none of it's working! It's worse. I have the guy at Netfirms looking at it, but does anyone know what the problem might be? I think I have the configure files the way Carbon/Slav told me, and I added the CRT for the main and intermediate certificates, and the Control Panel in Netfirms says the certificate is active but it still tells you to run for the hills when you go to log in.

Share this post


Link to post
Share on other sites

what EXACTLY is it telling you?/ the same certificate issue??


A great place for newbies to start

Road Map to oscommerce File Structure

DO NOT PM ME FOR HELP. My time is valuable, unless i ask you to PM me, please dont. You will get better help if you post publicly. I am not as good at this as you think anyways!

 

HOWEVER, you can visit my blog (go to my profile to see it) and post a question there, i will find time to get back and answer you

 

Proud Memeber of the CODE BREAKERS CLUB!!

Share this post


Link to post
Share on other sites
what EXACTLY is it telling you?/ the same certificate issue??

No, it doesn't look like it... If I go through Firefox, it lets me look at the certificate and has the Digicert (where I bought it from), my domain name, etc. but it says under Security Info: "the website does not supply identity info" and "connection partially encrypted".

When I go through IE, it says "you are about to be directed to a connection that is not secure and that the information could be transmitted to a nonsecure site"

Share this post


Link to post
Share on other sites

that is SOOO odd.. I would definitely stress to your host that is it their certificate that is causing the issue.

 

the ONLY time i have ever had to VIEW CERTIFICATE was when a site had to access my local computer system.. so if i saw your site do that, i would run the heck outta there.

 

The ONLY time i have seen that is when using the photobucket mass uploader, running an install file on my oscommerce.. BOTH of those access certain files that i otherwise would never want a site to access...

 

DEFINITELY ask your host what in the world the actual certificate is doing.. that is SOO weird.


A great place for newbies to start

Road Map to oscommerce File Structure

DO NOT PM ME FOR HELP. My time is valuable, unless i ask you to PM me, please dont. You will get better help if you post publicly. I am not as good at this as you think anyways!

 

HOWEVER, you can visit my blog (go to my profile to see it) and post a question there, i will find time to get back and answer you

 

Proud Memeber of the CODE BREAKERS CLUB!!

Share this post


Link to post
Share on other sites

ya know what.. i also was just clicking throgh your site, and even though the url says HTTPS the bar does not turn yellow or green, and there is a cross through the padlock on my screen.. your ssl is definitely not working properly..

 

i went through the ENTIRE check out and create account (except the checkout confirm) and there never wasa padlock in my browser.. but i also did not get the warning you are talking about..

 

I am on firefox by the way


A great place for newbies to start

Road Map to oscommerce File Structure

DO NOT PM ME FOR HELP. My time is valuable, unless i ask you to PM me, please dont. You will get better help if you post publicly. I am not as good at this as you think anyways!

 

HOWEVER, you can visit my blog (go to my profile to see it) and post a question there, i will find time to get back and answer you

 

Proud Memeber of the CODE BREAKERS CLUB!!

Share this post


Link to post
Share on other sites
ya know what.. i also was just clicking throgh your site, and even though the url says HTTPS the bar does not turn yellow or green, and there is a cross through the padlock on my screen.. your ssl is definitely not working properly..

 

i went through the ENTIRE check out and create account (except the checkout confirm) and there never wasa padlock in my browser.. but i also did not get the warning you are talking about..

 

I am on firefox by the way

 

yeah, I think that's how I got to view the certificate was by clicking on the padlock with the red line through it. But the first time I tried to go through Firefox this morning, it wouldn't even let me open the site. So that was when I added the intermediate certificate (the thing said it was optional - apparently not). So there's probably one more bleeping step that I don't know about. Wah..

Share this post


Link to post
Share on other sites

osC isn't picking up the cue from the sever that SSL is active.

 

In your /catalog/includes/application_top.php find this line (about line 41):

 

  $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

Change it to:

 

  $request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

That works most of the time on dedicated SSL.

 

Nothing is a "sure bet" in this case.

 

It's always a good idea to backup any file before making any edits.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

Hi Nicole,

 

Ref probs with SSL, I checked back with my orig post to see what caused the error just to see how to reproduce it (try to check out).

 

So I did a quick add to order and checkout and the error seems to have gone, in other words to browser generated scary page. But... (there allways is one) the next issue you have to overcome is the fact that you have secure and non-secure code in the pages that you are trying to use with SSL.

 

This causes the browser to generate a warning popup requester asking the user if they want to display the non-secure items. If they say yes then your site looks normal as everything gets displayed but it turns off the SSL (the padlock disappears). If they click no then your site looks odd (looks like the erroneous code is in the stylesheet) so they might click the back button although this is the correct choice as it keeps the SSL.

 

To solve this issue you will have to replace the absolute urls which start with "http://" with either relative links (eg ../images/pic.gif) or "https://". Just have a look at the page source code that throws up the warning and search for the phrase "http://" and use that to track down what part of the php source code is generating that url.

 

Hope this helps

 

Carbon

Share this post


Link to post
Share on other sites

The URL's are not the problem.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites
osC isn't picking up the cue from the sever that SSL is active.

 

In your /catalog/includes/application_top.php find this line (about line 41):

 

  $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

Change it to:

 

  $request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

That works most of the time on dedicated SSL.

 

Nothing is a "sure bet" in this case.

 

It's always a good idea to backup any file before making any edits.

 

Hi Jim,

I can't find that exact line in the file. Some look close... Should I post it?

Share this post


Link to post
Share on other sites

Just what you have for that line, where it initializes the variable $request_type


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites
Hi Nicole,

 

Ref probs with SSL, I checked back with my orig post to see what caused the error just to see how to reproduce it (try to check out).

 

So I did a quick add to order and checkout and the error seems to have gone, in other words to browser generated scary page. But... (there allways is one) the next issue you have to overcome is the fact that you have secure and non-secure code in the pages that you are trying to use with SSL.

 

This causes the browser to generate a warning popup requester asking the user if they want to display the non-secure items. If they say yes then your site looks normal as everything gets displayed but it turns off the SSL (the padlock disappears). If they click no then your site looks odd (looks like the erroneous code is in the stylesheet) so they might click the back button although this is the correct choice as it keeps the SSL.

 

To solve this issue you will have to replace the absolute urls which start with "http://" with either relative links (eg ../images/pic.gif) or "https://". Just have a look at the page source code that throws up the warning and search for the phrase "http://" and use that to track down what part of the php source code is generating that url.

 

Hope this helps

 

Carbon

Well I've been monkeying around in there and it's not quite as horrible as before, but still not good. I did read that I have to change those url's, and I did some of them. It said that the reason for the shorter url's was more so they could view the pics on a secure connection. I thought that was the least of my worries for the time being, but I guess I better go change them and see.

 

Oh, and when I go into "My Account" and say no to going on to the insecure info, it connects me anyway, but I can still see all the pictures. In IE, anyway. Haven't looked at Firefox lately.

 

Nicole

Share this post


Link to post
Share on other sites
Just what you have for that line, where it initializes the variable $request_type

There's this:

// set the type of request (secure or not)

$request_type = (stristr(getenv('HTTP_X_FORWARDED_HOST'), ".sslpowered.com")) ? 'SSL' : 'NONSSL';

 

And this:

if ($request_type == 'NONSSL') {

define('DIR_WS_CATALOG', DIR_WS_HTTP_CATALOG);

} else {

define('DIR_WS_CATALOG', DIR_WS_HTTPS_CATALOG);

}

 

And one under the cookies.

Share this post


Link to post
Share on other sites

Let me reiterate.

 

The URL's are NOT the problem.

 

Change this line:

 

 $request_type = (stristr(getenv('HTTP_X_FORWARDED_HOST'), ".sslpowered.com")) ? 'SSL' : 'NONSSL';

to

 

 $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

If that doesn't work, try other code I posted.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

Yea, i would ignore the secure and insecure items for now.. thats not REALLY a big issue, and if the pop ups still come up after you get all that changed, then you can go back.. right now you biggest issue is the one at hand... htat your SSL is not actually showing as secure.


A great place for newbies to start

Road Map to oscommerce File Structure

DO NOT PM ME FOR HELP. My time is valuable, unless i ask you to PM me, please dont. You will get better help if you post publicly. I am not as good at this as you think anyways!

 

HOWEVER, you can visit my blog (go to my profile to see it) and post a question there, i will find time to get back and answer you

 

Proud Memeber of the CODE BREAKERS CLUB!!

Share this post


Link to post
Share on other sites

But Lindsay, the insecure items popup is the reason the SSL is not actually showing as secure...

:blush:


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites
Let me reiterate.

 

The URL's are NOT the problem.

 

Change this line:

 

 $request_type = (stristr(getenv('HTTP_X_FORWARDED_HOST'), ".sslpowered.com")) ? 'SSL' : 'NONSSL';

to

 

 $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

If that doesn't work, try other code I posted.

 

OK, I tried both and it still gives me the security warning when I log in. By "the other code" you meant the one with the SERVER_PORT instead of HTTPS, right?

Share this post


Link to post
Share on other sites

×