Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Changing link in breadcrumb and header image to https


obcbeatle

Recommended Posts

Hello:

 

I'm trying to figure out how to change all my "http" domain links to "https" on my main catalog page (I just enabled SSL today). I've changed all except the Catalog breadcrumb link and the image header link at the top of the main page. For the Catalog breadcrumb, my application_top.php has the following line:

 

$breadcrumb->add(HEADER_TITLE_CATALOG, tep_href_link(FILENAME_DEFAULT));

 

It looks to me like the Catalog link is referenced from FILENAME_DEFAULT. But I can't find where FILENAME_DEFAULT is defined and I'm not sure I should modify it as FILENAME_DEFAULT is called quite frequently in many .php files I've scoured. It looks like my header image at the top of the page is also getting my old http domain link from a line (tep_href_link(FILENAME_DEFAULT) in header.php. I have searched the forums most of the day with no luck. Anyone have any advice/suggestions? BTW...my SSL is working fine so far with osC, I was just wanting to do a little house cleaning of the old http domain links -> https domain links, before making my shop live. Thanks!

Link to comment
Share on other sites

You are changing your whole site to SSL?

Nic

 

Just the links that reference the main catalog page that are ON the main catalog page, i.e. the breadcrumb and header/footer links I originally coded as http://mydomain.com/mycatalog. Or is that overkill or a problem since the secure areas like "login" and "create an account" already default to https per my changes to the configure.php file? Thanks!

Link to comment
Share on other sites

Jerry,

 

By default, all information pages are SSL protected. So, the only other option would be to SSL protect the entire website. If you have any installed images and you are receiving a 'partial encryption' message than those images will have to contain the https URL prefix to correct the errors.

 

 

 

Chris

Link to comment
Share on other sites

also the whole site being SSL in not only pointless, but it will adversely affect your SEO ranking as Google do not index ssl pages not to mention the loss of speed whilst the site is loading.

SSL for the pages that require it are automatic.

 

 

 

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

Jerry,

 

By default, all information pages are SSL protected. So, the only other option would be to SSL protect the entire website. If you have any installed images and you are receiving a 'partial encryption' message than those images will have to contain the https URL prefix to correct the errors.

 

 

 

Chris

 

Hmmm...now I'm confused. Most of the Security forum posts I saw said to make your web site SSL to protect client info (login, etc.) to osC, even if fowarding to PayPal. So is it NOT necessary to SSL your website? I thought osC out-of-the-box was NOT protecting client info unless you purchased an SSL cert (I thought I didn't see https in the login part of osC till SSL was enabled today, but I may be mistaken). Sorry for my ignorance. I just hope I didn't blow $ I didn't need to getting my web host to install the SSL cert yesterday. I will be using PayPal and check/money orders mostly. Thanks!

Link to comment
Share on other sites

Sorry, yes you need an SSL cert, but it only needs to cover certain areas which once defined in your cnfigure.php (set from false to true) will be all you need do as the software will do the rest.

It is also important to SSL protect your whole admin side, whixh a lot of people do not do!

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

Jerry,

 

Purchasing an SSL is never a waste of time as it protects information on the assigned pages. As Nic stated, you need only enable it in the configure.php file.

 

 

 

Chris

Link to comment
Share on other sites

Purchasing an SSL is never a waste of time as it protects information on the assigned pages. As Nic stated, you need only enable it in the configure.php file.

 

Both of them, one in your admin and one in your catalog

 

Great! I had already modified both configure.php files (on the admin and catalog side), but I did NOT know Google didn't spider (or whatever) https pages and also didn't think about the https loading overhead. Anyway, it sounds like there is no need to make other links https on my web site unless of course there are some sensitive transaction requirements. Thanks!

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...