Jump to content

Archived

This topic is now archived and is closed to further replies.

germ

SSL Implementation Help

Recommended Posts

From the page source of s "secure" page:

 

<base href="http://www.decobio.com/">

 

That means this change:

 

// set the type of request (secure or not)
$request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL';

 

May not be correct because the store isn't recognizing SSL is on.

 

That or your config file isn't correct.

 

I can't tell which.

 

If you want any more from me you'll need to download my contribution (link in second post in this thread) and upload the files to your catalog so I can run them and hopefully find the malfunction.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

From the page source of s "secure" page:

 

<base href="http://www.decobio.com/">

 

That means this change:

 

// set the type of request (secure or not)
$request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL';

 

May not be correct because the store isn't recognizing SSL is on.

 

That or your config file isn't correct.

 

I can't tell which.

 

If you want any more from me you'll need to download my contribution (link in second post in this thread) and upload the files to your catalog so I can run them and hopefully find the malfunction.

 

I just changed to:

// set the type of request (secure or not)

$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';

 

Which I thought didn't work, but your contribution now reports:

Base: https://www.decobio.com/

I didn't notice that before it said http://www.decobio.com/

but if you say so, I believe you.

 

It still however showed me the 'theft images link', but I solved that just now by changing the htaccess from:

RewriteCond %{HTTP_REFERER} !^http://(www\.)?decobio\.com/.*$ [NC]

to:

RewriteCond %{HTTP_REFERER} !^(http|https)://(www\.)?decobio\.com/.*$ [NC]

 

and now all seems well!

 

thanks!

(will test more thoroughly now, hope it stays positive :-)

Share this post


Link to post
Share on other sites

Ah, and to make the story complete, I previously also downloaded ie6_script_other.js to the server (script from templatehelp) and now I don't have any warning either. So far I am very happy! (mmmm, now I need to add a creditcard module, fingers crossed...)

Share this post


Link to post
Share on other sites

Hi I need a bit of help again.

I just installed SSL last week and it works fine, checkout etc.

 

However I’ve found pages that at times should be non-SSL but are SSL.

Google forums suggest that this will cause ‘duplication’ of all such pages allowing both http:// and https:// to be generated and because both URLs can be crawled will therefore reduce Google rankings of the original pages.

 

Instances where a http page (that should stay http) becomes https if you Log In AND then go to any one of these links Home, Categories, About Us, Contact, Info, all these pages remain in SSL mode - in fact all links do this except Cart, Continue and individual product pages (at least two pages in!) which bring you back to non-SSL.

 

It also happens when you DON’T Log In!! So for example a user hits either My Account or Checkout but decides to do nothing and continue browsing, the SSL is triggered and same as above; all links stay SSL until Cart, Continue and individual product pages bring you back to non-SSL.

 

As far as I can gather once you leave secure pages; My Account and Checkout, you should revert back to http:// immediately and all the main menu buttons should reflect this. Most large stores seem to have this capability.

 

I have read that a 301 redirect will ensure these https pages don’t arise outside of the My Account and Checkout procedures.

Is this the best way to go about this? Or is there a Oscommerce Solution?

Share this post


Link to post
Share on other sites

Disallow all the SSL pages in your robots.txt file and you have no duplicate content.

 

There is absolutely no reason for a bot to end up on a SSL page - those are for customers only.

 

My robots.txt file loks like this:

 

User-agent: *
Disallow: /includes/
Disallow: /cgi-bin/
Disallow: /account.php
Disallow: /account_edit.php
Disallow: /account_history.php
Disallow: /account_history_info.php
Disallow: /account_password.php
Disallow: /add_checkout_success.php
Disallow: /address_book.php
Disallow: /address_book_process.php
Disallow: /advanced_search.php
Disallow: /checkout_confirmation.php
Disallow: /checkout_payment.php
Disallow: /checkout_payment_address.php
Disallow: /checkout_process.php
Disallow: /checkout_shipping.php
Disallow: /checkout_shipping_address.php
Disallow: /checkout_success.php
Disallow: /contact_us.php
Disallow: /cookie_usage.php
Disallow: /create_account.php
Disallow: /create_account_success.php
Disallow: /login.php
Disallow: /password_forgotten.php
Disallow: /popup_image.php
Disallow: /shopping_cart.php
Disallow: /product_reviews.php
Disallow: /product_reviews_write.php


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

Ok so the SSL defined pages won't be scanned by google, that's excellent news.

 

 

What about when a http page becomes a https page like for example Home page, Info, Contact Us.

 

i found this happens if you Log In AND then go to any one of these links Home, Categories, About Us, Contact, Info, all these pages remain in SSL mode - in fact all links do this except Cart, Continue and individual product pages (at least two pages in!) which bring you back to non-SSL.

 

It also happens when you DON’T Log In!! So for example a user hits either My Account or Checkout but decides to do nothing and continue browsing (clicks home page), the SSL is triggered and same as above; all links stay SSL until Cart, Continue and individual product pages bring you back to non-SSL.

 

Am i right in saying that these pages load slower in https rather than http and would be better if they were only allowed to appear http?

 

And that Cart, logout and continue pages must have some coding that brings you out of https?

Share this post


Link to post
Share on other sites

Ok so the SSL defined pages won't be scanned by google, that's excellent news.

 

 

What about when a http page becomes a https page like for example Home page, Info, Contact Us.

 

i found this happens if you Log In AND then go to any one of these links Home, Categories, About Us, Contact, Info, all these pages remain in SSL mode - in fact all links do this except Cart, Continue and individual product pages (at least two pages in!) which bring you back to non-SSL.

 

It also happens when you DON’T Log In!! So for example a user hits either My Account or Checkout but decides to do nothing and continue browsing (clicks home page), the SSL is triggered and same as above; all links stay SSL until Cart, Continue and individual product pages bring you back to non-SSL.

 

Am i right in saying that these pages load slower in https rather than http and would be better if they were only allowed to appear http?

 

And that Cart, logout and continue pages must have some coding that brings you out of https?

I can't duplicate that behavior.

 

It doesn't work that way on my "stock" osC code.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

Hi Germ,

 

Thanks to you, I think I have now everything working perfectly and seem to have gotten rid of the warning pop ups in both IE and Firefox. I've deleted my browsing history and tried again and everything seems to be perfect.

 

Just to make sure, I used the unsecure.php?site=https://site.com page again to see if it would now tell me that all was ok. Is it normal that it's still giving me the same "Suspect code" even if that code has totally been removed from the page? It's like it memorized or stored the info somewhere and I'm apparently not knowledgeable enough to go reset or remove the info so I can get a fresh check.

 

Again thank you for this support thread and contributions, it is incredibly helpful.

 

Thanks for any info.

Share this post


Link to post
Share on other sites

hi

 

i have a godaddy 256 ssl on a dedicated ip server.here is my configure.php file code:

 

<?php

define('HTTP_SERVER', 'http://www.website.com');

define('HTTPS_SERVER', 'https://www.website.com');

define('ENABLE_SSL', true);

define('HTTP_COOKIE_DOMAIN', 'www.website.com');

define('HTTPS_COOKIE_DOMAIN', 'website.com');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', '/');

 

 

and here is the error when i go to login.php

 

An error occurred during a connection to website.com.

 

SSL received a record that exceeded the maximum permissible length.

 

(Error code: ssl_error_rx_record_too_long)

 

i've tried altering and playing with these settings and so on:

define('HTTP_COOKIE_DOMAIN', 'website.com');

define('HTTPS_COOKIE_DOMAIN', 'www.website.com');

 

still i can't make it work either on https://website.com or https://www.website.com as well

 

any help would be appreciated

Share this post


Link to post
Share on other sites

PM me your URL.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

1. Host the script locally and revise the URL to be relative so it won't cause problems.

 

2. Add code to not include in on SSL pages.

 

3. Remove it entirely.

 

Call the ball, Maverick...

:thumbsup:


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

Just another Thank You to Germ. Have you been sainted yet?

 

After taking three hours to read this entire thread, I went back to the beginning, dug through my folders to find the necessary files, and lo-and-behold, I got rid of the annoying secure/non-secure data warnings in I.E., and got rid of the little red warning dot in Firefox.

 

Sure enough, I just had to change the word 'on' to '1' in the /includes/application_top.php file. (I'm on 1and1 servers.)

 

I am not a computer programmer, and I only know enough to be dangerous, but thanks to this thread, I got 'er done. Time for a drink. Thanks again, Germ.

Share this post


Link to post
Share on other sites

You're welcome Ma'am.

 

I've been called many things in my life, but I doubt "saint" has been among them.

:blush:

 

"Saint" germ?

:unsure:

 

If they try I hope they use a halo big enough to go over those darned horns!

:lol:

 

I'm glad the forums have been an asset to you.

 

Enjoy your drink - you've earned it!

:)


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

Hi germ.

 

I could use a little help.

running osC 2.3.1 on Servage.net

I purchased the SSL cert for my domain.

 

I've managed to read through this entire thread and fix a couple problems I was having

according to your help.

 

I've installed your ssl help files but when I try to login to my account or create a new

account, it goes to the https:// but it loops back. I tried to click the forgot password

link, it looped back to the forgot your password screen and never did send me an email.

I do have the account set up if I look in the admin under users (I think it is)

I'm sure it's something simple but I can't figure it out.

 

Here are the tests I ran:

 

Session Directory      /mounted-storage/home145/sub033/sc78830-CWRU/mysite.com/store/includes/work/  
Force Cookie Use     False     Info 
Check SSL Session ID     True      
Check User Agent     False     Info 
Check IP Address     False     Info 
Prevent Spider Sessions     True      
Recreate Session     True


cfgchk.php

Version 1.2

File Permissions: 0644
Found HTTPS_SERVER:
define('HTTPS_SERVER', 'https://MySite.com');
HTTPS URL passed check!
Found ENABLE_SSL.
define('ENABLE_SSL', true);
SSL enable passed check!
Found HTTPS_COOKIE_DOMAIN:
define('HTTPS_COOKIE_DOMAIN', '');
HTTPS_COOKIE_DOMAIN line parsed!
Parsing application_top.php for SSL detection key...
Found SSL detection key:
$request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';
Done!

myenv.php  Version 1.2
SSL Variables
HTTP HOST: []
Server Port: [80]
SSL Status: [undefined!]
Fowarded Server: [undefined!]
Fowarded Host: [undefined!]
Fowarded By: [undefined!]
$_SERVER['HTTPS']: [undefined!]
Warning!!!
The standard osC SSL detection code in /includes/application_top.php may NOT detect your SSL status correctly!!!
Load: 2

mybigenv.php  Version 1.2

NONSSL Variables
Load: 1
Popup Load 2


unsecure.php
http://www.mysite.com/store/unsecure.php?site=https://mysite.com/store/

Version 1.2

Site: https://MySite.com/store/
Page done!
Base: https://MySite.com/store/
Parsing CSS:
https://MySite.com/store/ext/jquery/ui/redmond/jquery-ui-1.8.6.css
CSS file done!
https://MySite.com/store/ext/jquery/fancybox/jquery.fancybox-1.3.4.css
CSS file done!
https://MySite.com/store/ext/960gs/960_24_col.css
CSS file done!
https://MySite.com/store/stylesheet.css
CSS file done!
These results are for information purposes only!
No liability to their accuracy is claimed or inferred!
Make modifications at your own risk!
Always backup a file before making ANY edits!

http://www.MySite.com/store/unsecure.php?site=https://www.MySite.com/store/
Site: https://www.MySite.com/store/
Unable to open [https://www.MySite.com/store/]!

store/includes/configure.php
<?php
 define('HTTP_SERVER', 'http://www.MySite.com');
 define('HTTPS_SERVER', 'https://MySite.com');
 define('ENABLE_SSL', true);
 define('HTTP_COOKIE_DOMAIN', '');
 define('HTTPS_COOKIE_DOMAIN', '');
 define('HTTP_COOKIE_PATH', '/store/');
 define('HTTPS_COOKIE_PATH', '/store/');
 define('DIR_WS_HTTP_CATALOG', '/store/');
 define('DIR_WS_HTTPS_CATALOG', '/store/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
 define('DIR_FS_CATALOG', '/mounted-storage/home145/sub033/sc78830-CWRU/MySite.com/store/');
 define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
 define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 define('DB_SERVER', 'mysql1078.servage.net');
 define('DB_SERVER_USERNAME', 'user name');
 define('DB_SERVER_PASSWORD', 'password');
 define('DB_DATABASE', 'db name');
 define('USE_PCONNECT', 'false');
 define('STORE_SESSIONS', 'mysql');
?>

store/admin/includes/configure.php
<?php
 define('HTTP_SERVER', 'http://www.MySite.com');
 define('HTTP_CATALOG_SERVER', 'http://www.MySite.com');
 define('HTTPS_CATALOG_SERVER', 'https://www.MySite.com');
 define('ENABLE_SSL_CATALOG', 'true');
 define('DIR_FS_DOCUMENT_ROOT', '/mounted-storage/home145/sub033/sc78830-CWRU/MySite.com/store/');
 define('DIR_WS_ADMIN', '/store/stats/');
 define('DIR_FS_ADMIN', '/mounted-storage/home145/sub033/sc78830-CWRU/MySite.com/store/stats/');
 define('DIR_WS_CATALOG', '/store/');
 define('DIR_FS_CATALOG', '/mounted-storage/home145/sub033/sc78830-CWRU/MySite.com/store/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
 define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');
 define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');
 define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');
 define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');
 define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');
 define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
 define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 define('DB_SERVER', 'mysql1078.servage.net');
 define('DB_SERVER_USERNAME', 'user name');
 define('DB_SERVER_PASSWORD', 'password');
 define('DB_DATABASE', 'db name');
 define('USE_PCONNECT', 'false');
 define('STORE_SESSIONS', 'mysql');
?>

 

Sending you a pm with this info plus my URL

 

Thanks germ

 

 

Erik

Share this post


Link to post
Share on other sites

You've got a problem you need to correct before I can even tell if the SSL is installed.

 

When I go to:

 

https://www.YOUR_DOMAIN.com/store/

I get the dreaded "Internet Explorer cannot display the webpage".

 

And when I go to:

 

https://YOUR_DOMAIN.com/store/

The address in the browser address bar is changed to:

 

http://www.YOUR_DOMAIN.com/store/

The same holds true if I leave out the "/store" on the URL.

 

I can't check the SSL side with this redirect happening.

 

Redirects can be setup in the cPanel of the site, or it could be in a .htaccess file in the domain root.

 

Until this redirect is turned off or removed I can't do much of anything.

:blush:


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

You've got a problem you need to correct before I can even tell if the SSL is installed.

 

When I go to:

 

https://www.YOUR_DOMAIN.com/store/

I get the dreaded "Internet Explorer cannot display the webpage".

 

And when I go to:

 

https://YOUR_DOMAIN.com/store/

The address in the browser address bar is changed to:

 

http://www.YOUR_DOMAIN.com/store/

The same holds true if I leave out the "/store" on the URL.

 

I can't check the SSL side with this redirect happening.

 

Redirects can be setup in the cPanel of the site, or it could be in a .htaccess file in the domain root.

 

Until this redirect is turned off or removed I can't do much of anything.

:blush:

 

 

germ,

I removed the .htaccess file for the time being. That was the problem.

Only question I have is in firefox, where the lock should be, I get the

Warning, contains unauthenticated content

 

I need to find out how to redo the .htaccess file.

Share this post


Link to post
Share on other sites

I can post a fix for the "unauthenticated content" when I get home (in about 4 hours).

 

I'm at work now and the info I need is on a file at home.

 

In the mean time, I'm no .htaccess expert but if you PM me the file contemts I'll take a peek at it.

:)


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

I sent a PM with what you need to change to get the SSL to work.

 

Sorry I didn't post earlier.

:blush:

 

I thought I was going to have an hour or so after I got home from work to send you what you needed.

 

As it turned out I didn't have any time at all.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

Ok so the SSL defined pages won't be scanned by google, that's excellent news.

 

 

What about when a http page becomes a https page like for example Home page, Info, Contact Us.

 

i found this happens if you Log In AND then go to any one of these links Home, Categories, About Us, Contact, Info, all these pages remain in SSL mode - in fact all links do this except Cart, Continue and individual product pages (at least two pages in!) which bring you back to non-SSL.

 

It also happens when you DON’T Log In!! So for example a user hits either My Account or Checkout but decides to do nothing and continue browsing (clicks home page), the SSL is triggered and same as above; all links stay SSL until Cart, Continue and individual product pages bring you back to non-SSL.

 

Am i right in saying that these pages load slower in https rather than http and would be better if they were only allowed to appear http?

 

And that Cart, logout and continue pages must have some coding that brings you out of https?

 

 

I had the exact same problem, in my case it was due to a url rewrite add on causing an SSL bug. I upgraded to the latest latest release of that contribution and the issue was fixed. Perhaps your problem may be related to something similar?


~ Don't mistake my kindness for weakness ~

Share this post


Link to post
Share on other sites

Hi Jim,

 

Decided to sort out SSL on my admin

 

straightforward change of

 

 define('HTTP_SERVER', 'http://xpajun.com');
 define('HTTP_CATALOG_SERVER', 'http://xpajun.com');
 define('HTTPS_CATALOG_SERVER', 'https://xpajun.com');
 define('ENABLE_SSL_CATALOG', 'true');

 

to

 

 define('HTTP_SERVER', 'https://xpajun.com');
 define('HTTP_CATALOG_SERVER', 'http://xpajun.com');
 define('HTTPS_CATALOG_SERVER', 'https://xpajun.com');
 define('ENABLE_SSL_CATALOG', 'true');

 

except that only half worked, there was still some calls to http://

 

eventually tracked them down to the way the js scripts were written in template_top.php:

 

<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/jquery/jquery-1.4.2.min.js'); ?>"></script>

 

tep_catalog_href_link is sourced from functions/html_output.php

 

// The HTML href link wrapper function
 function tep_href_link($page = '', $parameters = '', $connection = 'NONSSL') {
   $page = tep_output_string($page);

   if ($page == '') {
     die('</td></tr></table></td></tr></table><br /><br /><font color="#ff0000"><strong>Error!</strong></font><br /><br /><strong>Unable to determine the page link!<br /><br />Function used:<br /><br />tep_href_link(\'' . $page . '\', \'' . $parameters . '\', \'' . $connection . '\')</strong>');
   }
   if ($connection == 'NONSSL') {
     $link = HTTP_SERVER . DIR_WS_ADMIN;
   } elseif ($connection == 'SSL') {
     if (ENABLE_SSL_CATALOG == 'true') {
       $link = HTTPS_SERVER . DIR_WS_ADMIN;
     } else {
       $link = HTTP_SERVER . DIR_WS_ADMIN;
     }
   } else {
     die('</td></tr></table></td></tr></table><br /><br /><font color="#ff0000"><strong>Error!</strong></font><br /><br /><strong>Unable to determine connection method on a link!<br /><br />Known methods: NONSSL SSL<br /><br />Function used:<br /><br />tep_href_link(\'' . $page . '\', \'' . $parameters . '\', \'' . $connection . '\')</strong>');
   }
   if ($parameters == '') {
     $link = $link . $page . '?' . SID;
   } else {
     $link = $link . $page . '?' . tep_output_string($parameters) . '&' . SID;
   }

   while ( (substr($link, -1) == '&') || (substr($link, -1) == '?') ) $link = substr($link, 0, -1);

   return $link;
 }

 function tep_catalog_href_link($page = '', $parameters = '', $connection = 'NONSSL') {
   if ($connection == 'NONSSL') {
     $link = HTTP_CATALOG_SERVER . DIR_WS_CATALOG;
   } elseif ($connection == 'SSL') {
     if (ENABLE_SSL_CATALOG == 'true') {
       $link = HTTPS_CATALOG_SERVER . DIR_WS_CATALOG;
     } else {
       $link = HTTP_CATALOG_SERVER . DIR_WS_CATALOG;
     }
   } else {
     die('</td></tr></table></td></tr></table><br /><br /><font color="#ff0000"><strong>Error!</strong></font><br /><br /><strong>Unable to determine connection method on a link!<br /><br />Known methods: NONSSL SSL<br /><br />Function used:<br /><br />tep_href_link(\'' . $page . '\', \'' . $parameters . '\', \'' . $connection . '\')</strong>');
   }
   if ($parameters == '') {
     $link .= $page;
   } else {
     $link .= $page . '?' . $parameters;
   }

   while ( (substr($link, -1) == '&') || (substr($link, -1) == '?') ) $link = substr($link, 0, -1);

   return $link;
 }

////

 

however I've now hardcoded the js scripts to:

 

<script type="text/javascript" src="https://xpajun.com/ext/jquery/jquery-1.4.2.min.js"></script> 

 

which has cleared the problem but I'm not sure why the function does not work - any clues?


Currently...:

 

Working with osCommerce 2.3.1

Now working with Phoenix

Add-Ons so far Installed:

Not all of these installed yet on Phoenix - some are and the rest will be

 

Add date and order number to invoice and packing slip,

Products Cycle Slideshow,

Detailed Monthly Sales,

Holiday Settings,

Tracking Module for 2.3

Share this post


Link to post
Share on other sites

Try recoding it to use SSL if available.

 

Example:

 

<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/jquery/jquery-1.4.2.min.js','','SSL'); ?>"></script>

I don't currently have a 231 test area with SSL coverage so this is just a WAG (wild a$$ guess)

:blush:


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

Try recoding it to use SSL if available.

 

Example:

 

<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/jquery/jquery-1.4.2.min.js','','SSL'); ?>"></script>

I don't currently have a 231 test area with SSL coverage so this is just a WAG (wild a$$ guess)

:blush:

 

 

I don't currently have a SSL equipped 231 test area either - I find out it's wrong when it's on the main site >_<

 

Anyway Jim your WAG worked - so anyone with the same problem knows the answer ;) There are 3 script occurrences(4 if you count the commented out one) and 1 stylesheet occurrence in admin/template_top that will need altering:

 

<!--[if IE]><script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/flot/excanvas.min.js'); ?>"></script><![endif]-->
<link REL="SHORTCUT ICON" HREF="https://xpajun.com/doeGear/images/favicn.ico">
<link rel="stylesheet" type="text/css" href="<?php echo tep_catalog_href_link('ext/jquery/ui/redmond/jquery-ui-1.8.6.css','','SSL'); ?>">
<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/jquery/jquery-1.4.2.min.js','','SSL'); ?>"></script>
<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/jquery/ui/jquery-ui-1.8.6.min.js','','SSL'); ?>"></script>

<?php
 if (tep_not_null(JQUERY_DATEPICKER_I18N_CODE)) {
?>
<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/jquery/ui/i18n/jquery.ui.datepicker-' . JQUERY_DATEPICKER_I18N_CODE . '.js','','SSL'); ?>"></script>
<script type="text/javascript">
$.datepicker.setDefaults($.datepicker.regional['<?php echo JQUERY_DATEPICKER_I18N_CODE; ?>']);
</script>
<?php
 }
?>

 

Many thanks Jim


Currently...:

 

Working with osCommerce 2.3.1

Now working with Phoenix

Add-Ons so far Installed:

Not all of these installed yet on Phoenix - some are and the rest will be

 

Add date and order number to invoice and packing slip,

Products Cycle Slideshow,

Detailed Monthly Sales,

Holiday Settings,

Tracking Module for 2.3

Share this post


Link to post
Share on other sites

Hi jim,

 

I have tried everthing to fix the problem on firefox and internet explorer unfortunately still have security warnings could you please put me in the right direction.

Share this post


Link to post
Share on other sites

×