JSR Posted May 17, 2009 Share Posted May 17, 2009 Does anyone here recognize this issue? When I move from SSL to NONSSL while posting forms I get this windows security warning in my shop. It basically insinuates that although this page is encrypted it would be wise not to proceed as the information admitted can be read by anyone on the net. Scaring the hell out of my customers I should think. For the life of me I can not find the bug that causes this to happen. It only happens in Firefox, not in IE7 :blink: Link to comment Share on other sites More sharing options...
satish Posted May 17, 2009 Share Posted May 17, 2009 Does anyone here recognize this issue?When I move from SSL to NONSSL while posting forms I get this windows security warning in my shop. It basically insinuates that although this page is encrypted it would be wise not to proceed as the information admitted can be read by anyone on the net. Scaring the hell out of my customers I should think. For the life of me I can not find the bug that causes this to happen. It only happens in Firefox, not in IE7 :blink: Make sure that on a SSL page the form post goes to a ssl page. Satish Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site. Check My About US For who am I and what My company does. Link to comment Share on other sites More sharing options...
JSR Posted May 18, 2009 Author Share Posted May 18, 2009 Thanks for replying, Satish! That's already happening for 'regular' forms (account pages, login), but the manufacturers drop down box is actually the main problem here. Choosing from this box while on an SSL page, triggers the security warning. Do you have any idea of why this could happening? Strange, I never had any problems with it before. Link to comment Share on other sites More sharing options...
satish Posted May 24, 2009 Share Posted May 24, 2009 Just make sure the post goes to an SSL page. Satish Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site. Check My About US For who am I and what My company does. Link to comment Share on other sites More sharing options...
germ Posted May 24, 2009 Share Posted May 24, 2009 I have replicated the problem and solved it with these minor code changes: /catalog/includes/boxes/manufacturers.php Old code: $manufacturers_list .= '<a href="' . tep_href_link(FILENAME_DEFAULT, 'manufacturers_id=' . $manufacturers['manufacturers_id'][b][color="#FF0000"], $request_type[/color][/b]) . '">' . $manufacturers_name . '</a><br>'; Old code: $info_box_contents[] = array('form' => tep_draw_form('manufacturers', tep_href_link(FILENAME_DEFAULT, '', [b][color="#FF0000"]$request_type[/color][/b], false), 'get'), The added or modified portion of the code is in RED BACKUP THE FILE BEFORE EDITING IT!!!! All this does is what Satish said to do - if the page is SSL, the form is too. ;) If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
JSR Posted May 25, 2009 Author Share Posted May 25, 2009 Thanks so much germ!! I've actually had to edit the request type to redirect smoothly for several contributions. But since I've never experienced this problem with the manufacturers before and because it was only happening in FF not in IE, I never checked inside the box and just assumed the problem might be located in the latest FF update or.... Just goes to show: thinking OUTSIDE the box isn't always the best way to go <_< Link to comment Share on other sites More sharing options...
tigergirl Posted October 9, 2009 Share Posted October 9, 2009 I successfully implemented the fix posted (well, had to view the google cached version of the page as the new site design doesn't let me view the code properly) on includes/boxes/manufacturers and includes/boxes/search - thanks for the code Germ :) I am struggling to fix the same issue which occurs on product_reviews_write if you are logged out and click to write the review you log in and the page is SSL and you get the error. If you are already logged in when you start to right the review it is not an SSL page and there is not error warning. How do I fix this please? Thanks I'm feeling lucky today......maybe someone will answer my post! I do try and answer a simple post when I can just to give something back. ------------------------------------------------ PM me? - I'm not for hire Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.