Jump to content

Archived

This topic is now archived and is closed to further replies.

germ

SSL Implementation Help

Recommended Posts

Hi All

 

I purchased a SSL certificate off my Hosting site... the SSL is called fastweb.co.uk

 

My hosting is on a shared sever... i don’t now if the SSL is on a shared server...

 

I have uploaded all the checkout_*****.php's, create_account.php's, login.php and logoff.php and that’s it...

 

 

When I login as a customer or try and checkout i get these messages

 

Warning: main(includes/application_top.php): failed to open stream: No such file or directory in /home/web/secure/html/cinemascreens/checkout_shipping.php on line 13

 

Fatal error: main(): Failed opening required 'includes/application_top.php' (include_path='.:') in /home/web/secure/html/cinemascreens/checkout_shipping.php on line 13

 

 

I have tried playing with the config I just can not sort it out any help would be appreciated

 

Here are my configure.php

 

Admin/includes/configure.php

 

define('HTTP_SERVER', 'http://www.cinemascreens.co.uk');

define('HTTP_CATALOG_SERVER', 'http://www.cinemascreens.co.uk');

define('HTTPS_CATALOG_SERVER', 'https://www.fastweb.co.uk/cinemascreens');

define('ENABLE_SSL_CATALOG', 'true');// secure webserver for catalog module

define('DIR_FS_DOCUMENT_ROOT', '/vhost/vhost8/c/i/n/cinemascreens.co.uk/www/');

define('DIR_WS_ADMIN', '/admin/');

define('DIR_FS_ADMIN', '/vhost/vhost8/c/i/n/cinemascreens.co.uk/www/admin/');

define('DIR_WS_CATALOG', '/');

define('DIR_FS_CATALOG', '/vhost/vhost8/c/i/n/cinemascreens.co.uk/www/');

define('DIR_WS_IMAGES', 'images/');

define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');

 

 

 

 

includes/configure.php

 

define('HTTP_SERVER', 'http://www.cinemascreens.co.uk');

define('HTTPS_SERVER', 'https://www.fastweb.co.uk/cinemascreens/');

define('ENABLE_SSL', true);

define('HTTP_COOKIE_DOMAIN', 'www.cinemascreens.co.uk');

define('HTTPS_COOKIE_DOMAIN', 'https://www.fastweb.co.uk/cinemascreens/');

define('HTTP_COOKIE_PATH', '/');

define('HTTPS_COOKIE_PATH', '/');

define('DIR_WS_HTTP_CATALOG', '/');

define('DIR_WS_HTTPS_CATALOG', '/');

define('DIR_WS_IMAGES', 'images/');

 

 

 

Thank you :'(

 

Frank

Share this post


Link to post
Share on other sites

Hi All

 

I purchased a SSL certificate off my Hosting site... the SSL is called fastweb.co.uk

 

My hosting is on a shared sever... i don’t now if the SSL is on a shared server...

 

I have uploaded all the checkout_*****.php's, create_account.php's, login.php and logoff.php and that’s it...

 

 

When I login as a customer or try and checkout i get these messages

 

Warning: main(includes/application_top.php): failed to open stream: No such file or directory in /home/web/secure/html/cinemascreens/checkout_shipping.php on line 13

 

Fatal error: main(): Failed opening required 'includes/application_top.php' (include_path='.:') in /home/web/secure/html/cinemascreens/checkout_shipping.php on line 13

 

 

What do you mean you have uploaded all the checkout...php's etc? Weren't they there before? The error message is saying it can't find checkout_shipping and I guess it wouldn't find any of the others either if it didn't stop at that one so whereever you put them it's not where osC is looking for them.


www.jyoshna.com. Currently using OsC with STS, Super Download Store, Categories Descriptons, Manufacturers Description, Individual Item Status, Infopages unlimited, Product Sort, Osplayer with flashmp3player, Product Tabs 2.1 with WebFx Tabpane and other bits and pieces including some I made myself. Many thanks to all whose contributions I have used!

Share this post


Link to post
Share on other sites

What do you mean you have uploaded all the checkout...php's etc? Weren't they there before? The error message is saying it can't find checkout_shipping and I guess it wouldn't find any of the others either if it didn't stop at that one so whereever you put them it's not where osC is looking for them.

I have uploaded all the php's that say checkout to my SSL site fastweb.co.uk/cinemascreens

 

that's all the checkout php's

 

 

Ben do i need to upload all my osc site to my SSL fastweb.co.uk/cinemascreens site?

Share this post


Link to post
Share on other sites

Put them back where they were.


www.jyoshna.com. Currently using OsC with STS, Super Download Store, Categories Descriptons, Manufacturers Description, Individual Item Status, Infopages unlimited, Product Sort, Osplayer with flashmp3player, Product Tabs 2.1 with WebFx Tabpane and other bits and pieces including some I made myself. Many thanks to all whose contributions I have used!

Share this post


Link to post
Share on other sites

Put what back? where? how does my fastweb know where my files are?

I dont understand!!

 

Do I upload anything to fastweb.co.uk/cinemascreens? or do they stay on my hosting cinemascreens.co.uk?

Share this post


Link to post
Share on other sites

Put what back? where? how does my fastweb know where my files are?

I dont understand!!

 

Do I upload anything to fastweb.co.uk/cinemascreens? or do they stay on my hosting cinemascreens.co.uk?

Do any of the instructions on this thread or the other one you posted your question on say you need to move osC files anywhere when you get an SSL certificate? Put the files you moved from your site back where they were. Just try it.


www.jyoshna.com. Currently using OsC with STS, Super Download Store, Categories Descriptons, Manufacturers Description, Individual Item Status, Infopages unlimited, Product Sort, Osplayer with flashmp3player, Product Tabs 2.1 with WebFx Tabpane and other bits and pieces including some I made myself. Many thanks to all whose contributions I have used!

Share this post


Link to post
Share on other sites

Hi

First i would like to thank you for your help so far...

 

Now i did not move them i copied them so they were on both......

 

I Have done what you said deleted them from Fastweb.co.uk/cinemascreens

 

So then when i tryed to cheackout as a customer i got this error message

 

Error 405 Method Not Allowed

 

The requested method POST is not allowed for URL /cinemascreens/login.php?action=process&osCsid=tp98i5jnb8jfbhl1l1aa9namm2

 

Powered by Zeus Technology

What do you think?

Frank

Share this post


Link to post
Share on other sites

Well, I'd suggest going back to first steps, starting with the first link in the first post on this thread. Check the steps through from when you've got your certificate. You'll note that the HTTPS_COOKIE domain should normally be on your own site, the same as for HTTP cookies. In the second post on this thread there is a reference to some utilities you can download to help check your settings.

 

And before you do anything else, if that's your current actual admin/includes/configure file read the threads on recent security issues in osC. You might want to change the name of your admin directory, among other things.


www.jyoshna.com. Currently using OsC with STS, Super Download Store, Categories Descriptons, Manufacturers Description, Individual Item Status, Infopages unlimited, Product Sort, Osplayer with flashmp3player, Product Tabs 2.1 with WebFx Tabpane and other bits and pieces including some I made myself. Many thanks to all whose contributions I have used!

Share this post


Link to post
Share on other sites

Hello All,

I just implemented my SSL, and it worked! Amazing things happen when ya read the directions carefully. The problem is now none of the images load when i'm on the https site.

 

i tried adding text to the .htaccess to make it text.htaccess, and that didn't make any difference.

 

i tried altering application_top.php following the direction on the first page of this topic:

 

// set the type of request (secure or not)

$request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL';

 

// set the type of request (secure or not)

$request_type = ($_SERVER['HTTPS'] == 'on') ? 'SSL' : 'NONSSL';

 

// set the type of request (secure or not)

$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';to either 1 or $_SERVER

 

and non of those worked either.

 

so how do I get the images to load on the https pages?

 

here is the site, but its not public and not finished, so please don't actually try to buy anything yet.

 

http://www.nicholasbivins.com/store/index.php

 

ok, thanks for any help you all can give, its much appreciated.

Share this post


Link to post
Share on other sites

Hello All,

I just implemented my SSL, and it worked! Amazing things happen when ya read the directions carefully. The problem is now none of the images load when i'm on the https site.

 

i tried adding text to the .htaccess to make it text.htaccess, and that didn't make any difference.

 

i tried altering application_top.php following the direction on the first page of this topic:

 

// set the type of request (secure or not)

$request_type = (getenv('HTTPS') == '1') ? 'SSL' : 'NONSSL';

 

// set the type of request (secure or not)

$request_type = ($_SERVER['HTTPS'] == 'on') ? 'SSL' : 'NONSSL';

 

// set the type of request (secure or not)

$request_type = (getenv('SERVER_PORT') == '443') ? 'SSL' : 'NONSSL';to either 1 or $_SERVER

 

and non of those worked either.

 

so how do I get the images to load on the https pages?

 

here is the site, but its not public and not finished, so please don't actually try to buy anything yet.

 

http://www.nicholasbivins.com/store/index.php

 

ok, thanks for any help you all can give, its much appreciated.

When I try to access an image directly with my browser I get the infamous:

 

Forbidden

 

You don't have permission to access /store/images/store_logo.png on this server.

 

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

Looking at the HTML source of your page, the osC code is working correctly.

 

Something's amiss on the server...

:blush:


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

that's exactly what I was wondering. the cert comes up good, and ocC is working.

 

just to test, i deleted the .htaccess file, and reloaded the page, and same thing...no images. i quickly re-uploaded the .htaccess to keep things secure.

 

seems like i need to contact my hosting company (lunarpages)

 

i bought my cert from them, to try and keep things simple, but even that didn't seem to work >_<

Share this post


Link to post
Share on other sites

that's exactly what I was wondering. the cert comes up good, and ocC is working.

 

just to test, i deleted the .htaccess file, and reloaded the page, and same thing...no images. i quickly re-uploaded the .htaccess to keep things secure.

 

seems like i need to contact my hosting company (lunarpages)

 

i bought my cert from them, to try and keep things simple, but even that didn't seem to work >_<

I neglected to specify that I was trying to access the image with the correct HTTPS URL

 

I believe you are correct.

 

The problem has nothing to do with osC it's something on the server.

 

Accessing the image directly via a browser excludes osC as the source of the malfunction.

 

A support ticket with the host is in order I believe.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

it turns out that i had a couple redirects in my .htaccess file that were interferring, and i had hotlink protection enabled on my server. i disabled the hotlink, edited down the .htaccess file, and everything is smooth. so it seems like the hotlink protection somehow interferred with the https images from loading. i'm not really that concerned about the hotlinking, i was being over-cautious, so as of right now, nothing is broken, therefor i will not try to fix it.

 

thanks for the help, these forums are awesome.

Share this post


Link to post
Share on other sites

hi there!

i have some troubles too with a SSL connexion and Internet explorer

it works perfectly with firefox so i never onticed it before today as i just don't use i.e ...

but some of my customers do ...

 

the page load (very ver slowly) and then i only have the text but not the images and the css.

i look at the images properties and they pointed to strange urls as :

http://%20https://ssl3.xxx.xx/~xxx/Store/includes/languages/english/images/buttons/button_continue.gif

as we can see there is "http://%20" before the good https url

but i just can't figure out why and where internet explorer find this or add this as with firefow everything work perfectly...

is it a know issue from i.e?

is there any fix for that?

 

thanks

Share this post


Link to post
Share on other sites

hi there!

i have some troubles too with a SSL connexion and Internet explorer

it works perfectly with firefox so i never onticed it before today as i just don't use i.e ...

but some of my customers do ...

 

the page load (very ver slowly) and then i only have the text but not the images and the css.

i look at the images properties and they pointed to strange urls as :

http://%20https://ssl3.xxx.xx/~xxx/Store/includes/languages/english/images/buttons/button_continue.gif

as we can see there is "http://%20" before the good https url

but i just can't figure out why and where internet explorer find this or add this as with firefow everything work perfectly...

is it a know issue from i.e?

is there any fix for that?

 

thanks

If you want my help you'll need to post your URL (or send it to me in a PM) so I can see exactly what's going on.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

In your configure file you have a space in the HTTPS URL:

 

<base href=" https://YOURDOMAIN.net/~USER/SHOP/">

That is from your HTML source (modified so not to reveal anything)

 

See the space before the https://?

:unsure:

 

Remove it then let me know if things improve (or not).


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

Hi everyone,

 

I actually have my SSL working properly but I have one problem with those pages. I've put my search form in the header. If someone for whatever reason tries to do a search when they're in one of the login pages (https://...), they get this error:

 

 

"Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party.

Are you sure you want to continue sending this information?"

 

 

Is there anything I can do to get rid of this? Maybe some edit to header.php? Or is this just standard practice for encrypted pages?

 

Thanks,

 

Nick

Share this post


Link to post
Share on other sites

Hi everyone,

 

I actually have my SSL working properly but I have one problem with those pages. I've put my search form in the header. If someone for whatever reason tries to do a search when they're in one of the login pages (https://...), they get this error:

 

 

"Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party.

Are you sure you want to continue sending this information?"

 

 

Is there anything I can do to get rid of this? Maybe some edit to header.php? Or is this just standard practice for encrypted pages?

 

Thanks,

 

Nick

Not sure what code you're using.

 

Standard osC code for the search box has this code:

 

  $info_box_contents[] = array('form' => tep_draw_form('quick_find', tep_href_link(FILENAME_ADVANCED_SEARCH_RESULT, '', 'NONSSL', false), 'get'),

In that code change the:

 

'NONSSL'

to:

 

$request_type

So it would look like this:

 

  $info_box_contents[] = array('form' => tep_draw_form('quick_find', tep_href_link(FILENAME_ADVANCED_SEARCH_RESULT, '', $request_type, false), 'get'),

 

If that doen't float your boat I'd go with:

 

'SSL'

So it would then be:

 

  $info_box_contents[] = array('form' => tep_draw_form('quick_find', tep_href_link(FILENAME_ADVANCED_SEARCH_RESULT, '', 'SSL', false), 'get'),

Always backup a file before making any edits.


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

I seem to be having an SSL issue. When I click on my login it has the small padlock at the bottom (in firefox) and says warning: contains unauthenticated content. I have went through these forums and searched for something that isn't right. I'm obviously overlooking something. Any help would be greatly appreciated!

 

My site is here

Share this post


Link to post
Share on other sites

I seem to be having an SSL issue. When I click on my login it has the small padlock at the bottom (in firefox) and says warning: contains unauthenticated content. I have went through these forums and searched for something that isn't right. I'm obviously overlooking something. Any help would be greatly appreciated!

 

My site is here

Check all the things I layed out in the very first post.

 

If the config file is correct the store doesn't seem to be recognizing that SSL is on.

 

<base href="http://www.paigingjoy.com/">

(from your SSL page)


If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Share this post


Link to post
Share on other sites

Check all the things I layed out in the very first post.

 

If the config file is correct the store doesn't seem to be recognizing that SSL is on.

 

<base href="http://www.paigingjoy.com/">

(from your SSL page)

 

I have tried these and I either get an error or it does not change anything. Is there something I am missing? Thank you!

Share this post


Link to post
Share on other sites

Here is my code for my includes/configure.php file

 

<?php
// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
 define('HTTP_SERVER', 'http://www.paigingjoy.com');
 define('HTTPS_SERVER', 'https://www.paigingjoy.com');
 define('ENABLE_SSL', 'true');
 define('HTTP_COOKIE_DOMAIN', 'www.paigingjoy.com');
 define('HTTPS_COOKIE_DOMAIN', 'www.paigingjoy.com');
 define('HTTP_COOKIE_PATH', '/');
 define('HTTPS_COOKIE_PATH', '/');
 define('DIR_WS_HTTP_CATALOG', '/');
 define('DIR_WS_HTTPS_CATALOG', '/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
 define('DIR_FS_CATALOG', '/home/paigingj/public_html/');
 define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
 define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 define('DB_SERVER', 'localhost');
 define('DB_SERVER_USERNAME', 'username');
 define('DB_SERVER_PASSWORD', 'password');
 define('DB_DATABASE', 'database');
 define('USE_PCONNECT', 'false');
 define('STORE_SESSIONS', 'mysql');
?>

 

And for my admin/includes/configure.php file

 

<?php
// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
 define('HTTP_SERVER', 'http://www.paigingjoy.com');
 define('HTTP_CATALOG_SERVER', 'http://www.paigingjoy.com');
 define('HTTPS_CATALOG_SERVER', 'https://www.paigingjoy.com');
 define('ENABLE_SSL_CATALOG', 'true');
 define('DIR_FS_DOCUMENT_ROOT', '/home/paigingj/public_html/');
 define('DIR_WS_ADMIN', '/admin/');
 define('DIR_FS_ADMIN', '/home/paigingj/public_html/admin/');
 define('DIR_WS_CATALOG', '/');
 define('DIR_FS_CATALOG', '/home/paigingj/public_html/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
 define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');
 define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');
 define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');
 define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');
 define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

 define('DB_SERVER', 'localhost');
 define('DB_SERVER_USERNAME', 'username');
 define('DB_SERVER_PASSWORD', 'password');
 define('DB_DATABASE', 'database');
 define('USE_PCONNECT', 'false');
 define('STORE_SESSIONS', 'mysql');
?>

Share this post


Link to post
Share on other sites

×