mid9tblue Posted May 16, 2010 Share Posted May 16, 2010 Hi all, I have just installed SSL on my site by my host, and i altered the configure files both in admin and catalog as shown in this thread: How to install SSL on OSC: A Simple 1-2-3 Instruction I also checked the installation with this addon: SSL Help It seems working, and my site front loads fine with the lock if i input https BUT as i test around, i found that some pages do not auto load with the lock thing, pages like create_account.php, login.php, contact_us.php. the pages auto load with the lock is checkout_process.php and other linked php in account.php is there a manual way to add pages into default encrypted pages? something i can alter within osc or something i have to ask my host to do? it's weird that create_account.php and login.php do not auto load with https in the first place, but i did notice that they do load https if redirected by another page within the site or if the pw input is incorrect. however if i type directly in my browser address bar: http://mysite.com/login.php, the https doesn't happen, same with create_account.php Please help, I believed i did everything correct, but this puzzles me :( Link to comment Share on other sites More sharing options...
germ Posted May 16, 2010 Share Posted May 16, 2010 You need to be sure the PHP link code to the pages contain the SSL parameter (example below) tep_href_link(FILENAME_ACCOUNT, '', 'SSL') If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
mid9tblue Posted May 16, 2010 Author Share Posted May 16, 2010 For my site, the pages that definitely need to be secured are create_account.php, account.php, contact_us.php, quote.php, login.php, i'm not sure about logoff.php I'm new to ssl, and i'm trying to understand how it works. from what u suggested, i assume if the link source code have not set to load the ssl, then the page that directed from that link will not be secured? so it's not the pages themselves being set to be secured rather the directing links that's telling browsers to secure which page? I found the codes that associate of these links that are not loading the locks, but it's a bit different since they dont refer to filename and just point to the php files directly, here they are: <table cellpadding="0" cellspacing="0" border="0"> <tr><td align="center"><span><a href="<?php echo tep_href_link('contact_us.php')?>"><?php echo BOX_INFORMATION_CONTACT?></a> | <a href="<?php echo tep_href_link('advanced_search.php')?>"><?php echo BOX_SEARCH_ADVANCED_SEARCH?></a> | <a href="<?php echo tep_href_link('reviews.php')?>"><?php echo BOX_HEADING_REVIEWS?></a> | <? if (tep_session_is_registered('customer_id')) { ?><a href="<?php echo tep_href_link('account.php')?>"><?php echo HEADER_TITLE_MY_ACCOUNT?></a><? } else { ?><a href="<?php echo tep_href_link('create_account.php')?>"><?php echo HEADER_TITLE_CREATE_ACCOUNT?></a><? } ?> | <? if (tep_session_is_registered('customer_id')) { ?><a href="<?php echo tep_href_link('logoff.php')?>"><?php echo HEADER_TITLE_LOGOFF?></a><? } else { ?><a href="<?php echo tep_href_link('login.php')?>"><?php echo HEADER_TITLE_LOGIN?></a><? } ?></span></td></tr> </table> </td></tr> </table> <?php if (tep_session_is_registered('customer_id')) { $acc_link = tep_href_link('account.php'); $acc_title= HEADER_TITLE_MY_ACCOUNT; } else{ $acc_link = tep_href_link('create_account.php'); $acc_title= HEADER_TITLE_CREATE_ACCOUNT; } ?> <td <?php echo $item_menu_04;?> onClick="document.location='<?php echo $acc_link;?>'" nowrap="nowrap"><?php echo $acc_title;?></td> <td class="menu_separator"><?php echo tep_draw_separator('spacer.gif', '1', '1'); ?></td> <?php if (tep_session_is_registered('customer_id')) { $login_link = tep_href_link('logoff.php'); $login_title= HEADER_TITLE_LOGOFF; } else{ $login_link = tep_href_link('login.php'); $login_title= HEADER_TITLE_LOGIN; } ?> <td <?php echo $item_menu_05;?> onClick="document.location='<?php echo $login_link;?>'"><?php echo $login_title;?></td> <td class="menu_separator"><?php echo tep_draw_separator('spacer.gif', '1', '1'); ?></td> <td <?php echo $item_menu_06;?> onClick="document.location='<?php echo tep_href_link('quote.php')?>'"><?php echo BOX_INFORMATION_QUOTE?></td> so how do i change the code from tep_href_link('account.php') to tep_href_link(FILENAME_ACCOUNT, '', 'SSL') i apologize if i typed too long, i hope i made sense. Link to comment Share on other sites More sharing options...
mid9tblue Posted May 16, 2010 Author Share Posted May 16, 2010 Here's the reference filenames: define('FILENAME_ACCOUNT', 'account.php'); define('FILENAME_CREATE_ACCOUNT', 'create_account.php'); define('FILENAME_CONTACT_US', 'contact_us.php'); define('FILENAME_LOGIN', 'login.php'); define('FILENAME_LOGOFF', 'logoff.php'); define('FILENAME_QUOTE', 'quote.php'); Link to comment Share on other sites More sharing options...
Guest Posted May 16, 2010 Share Posted May 16, 2010 Eash page that can have SSL implemented has code to check for the SSL. For example, the log in page (login.php) will have this code: $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_LOGIN, '', 'SSL')); the Create Account page (create_account.php) will have this: $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_CREATE_ACCOUNT, '', 'SSL')); the same does for all other pages that could use the SSL Chris Link to comment Share on other sites More sharing options...
germ Posted May 16, 2010 Share Posted May 16, 2010 so how do i change the code from tep_href_link('account.php') to tep_href_link(FILENAME_ACCOUNT, '', 'SSL') i apologize if i typed too long, i hope i made sense. Just like that. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
mid9tblue Posted May 16, 2010 Author Share Posted May 16, 2010 Eash page that can have SSL implemented has code to check for the SSL. For example, the log in page (login.php) will have this code: $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_LOGIN, '', 'SSL')); the Create Account page (create_account.php) will have this: $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_CREATE_ACCOUNT, '', 'SSL')); the same does for all other pages that could use the SSL Chris Thank you Chris, I checked all these files and noticed contact_us.php, logoff.php and quote.php do not have such code, so i'll leave these pages out i guess. Now i know which pages need to be protected. Link to comment Share on other sites More sharing options...
mid9tblue Posted May 16, 2010 Author Share Posted May 16, 2010 Just like that. Thank you germ, worked immediately after i used your code. Happy to see the login.php, account.php and create_account.php to have a lock now :) Link to comment Share on other sites More sharing options...
PlusUltra Posted November 17, 2010 Share Posted November 17, 2010 Hi everyone, I've tried to follow all the steps described here and in other posts, however, when trying to access create_account.php, I get the following error: Fatal error: Call to a member function on a non-object in /home/xxxxx/public_html/components/catalogo/create_account.php on line 249 create_account.php has the following on line 249: $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_CREATE_ACCOUNT, '', 'SSL')); The URL on the browser actually changes to https, but I could not get rid of the error, in spite of the changes in both configure.php files and application_top.php cfgchk.php seems to indicate everything is set properly, but I've been unable to "run" the other files in the contribution. Help is appreciated. Thanks. Link to comment Share on other sites More sharing options...
designcraft Posted March 10, 2011 Share Posted March 10, 2011 Hello, I am having the same problem. You can go to the login.php page and it will appear as HTTPS but you can remove the S in HTTP and the page does not automatically load as HTTPS. Why is this happening? I have had this site up for a long time and I didn't have this problem before. What do I need to do? Any help is greatly appreciated! Thank you! Link to comment Share on other sites More sharing options...
designcraft Posted March 10, 2011 Share Posted March 10, 2011 You need to be sure the PHP link code to the pages contain the SSL parameter (example below) tep_href_link(FILENAME_ACCOUNT, '', 'SSL') What files do I look in to make this change? Thanks! Link to comment Share on other sites More sharing options...
ulefos Posted April 1, 2011 Share Posted April 1, 2011 Hi A quick update found the links that needed updating this link was a great help. It nay help others only problem now is the wrong pictures show up any ideas T Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.