beerbee Posted January 19, 2018 Share Posted January 19, 2018 This looks like code from /includes/modules/boxes/bm_manufacturers.php The relevant part looks this way in my BS Edge installment: $data = tep_draw_form('manufacturers', tep_href_link('index.php', '', $request_type, false), 'get') . tep_draw_pull_down_menu('manufacturers_id', $manufacturers_array, (isset($_GET['manufacturers_id']) ? $_GET['manufacturers_id'] : ''), 'onchange="this.form.submit();" size="' . MAX_MANUFACTURERS_LIST . '" style="width: 100%"') . tep_hide_session_id() . Best regards Christoph Link to comment Share on other sites More sharing options...
desmoulins22 Posted January 19, 2018 Share Posted January 19, 2018 Just now, beerbee said: This looks like code from /includes/modules/boxes/bm_manufacturers.php The relevant part looks this way in my BS Edge installment: $data = tep_draw_form('manufacturers', tep_href_link('index.php', '', $request_type, false), 'get') . tep_draw_pull_down_menu('manufacturers_id', $manufacturers_array, (isset($_GET['manufacturers_id']) ? $_GET['manufacturers_id'] : ''), 'onchange="this.form.submit();" size="' . MAX_MANUFACTURERS_LIST . '" style="width: 100%"') . tep_hide_session_id() . Best regards Christoph went in to search.php and changed to ssl but no change..now will compare the one you sent me,thanks a lot!!!! best regards Nicolas Link to comment Share on other sites More sharing options...
desmoulins22 Posted January 19, 2018 Share Posted January 19, 2018 13 minutes ago, desmoulins22 said: went in to search.php and changed to ssl but no change..now will compare the one you sent me,thanks a lot!!!! best regards Nicolas OOOPPSSSSS...that one wasn't good...it blocked the whole site with; Error Known NONSSL SSL..ect.... thanks anyway was worth a shot.. Link to comment Share on other sites More sharing options...
desmoulins22 Posted January 19, 2018 Share Posted January 19, 2018 @Jack_mcs Tried to find your November post like you mentioned but found only this one : Text Slider would you direct me to it please so that i can read it please..thanks Best regards Nicolas Link to comment Share on other sites More sharing options...
Jack_mcs Posted January 19, 2018 Share Posted January 19, 2018 The code posted by beerbee is the correct change. However, the $request_type variable has to be declared in that function or it will cause the site to fail, as you found out. So a few lines above that find the line with function ... and you should see a line starting with global. Add $request_type to it and make the change mentioned previously and you should be all set. Like this global $request_type, $oscTemplate; Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
desmoulins22 Posted January 19, 2018 Share Posted January 19, 2018 Well thank you again for your support, i did the following changes like suggested... in the bm_manufacturers.php 1) from function getData() { global $HTTP_GET_VARS, $oscTemplate; to function getData() { global $request_type, $oscTemplate; and from tep_draw_form('manufacturers', tep_href_link(FILENAME_DEFAULT, '', 'NONSSL', false), 'get'). to tep_draw_form('manufacturers', tep_href_link('index.php', '', $request_type, false), 'get') . nothing changed and nothing happend keep in mind i always clear my cache just in case... very bizarre situation.. again THANK YOU... Link to comment Share on other sites More sharing options...
MrPhil Posted January 19, 2018 Share Posted January 19, 2018 You apparently want the whole site (all pages) to be under SSL, so you have only "https://" in your two configure.php files. Correct? If you're still getting "http://", it means the http is hard coded somewhere, rather than using one of the HTTP_* variables from the configure.php files. Have you scanned all your .php files (using grep on Linux or findstr on Windows), looking for "http:"? You might also scan for form name="manufacturers" and see how the action= phrase is coded (what variable or constant it's using). From there you can trace where the action URL is coming from (also see why the name and action are run-together like that, while you're at it, unless it was just a miscopy). It's possible that "manufacturers" is not hard coded into the form statement, but is a variable argument (you would then have to scan for manufacturers instead). By the way, you have a slogan "Your Finest Choise" in your header. I think you mean "Your Finest Choice". Link to comment Share on other sites More sharing options...
desmoulins22 Posted January 19, 2018 Share Posted January 19, 2018 Hi Phil, Your Finest Choise OHHH yes..thanks for that one .. Actually i'm not getting any http:// fortunately in the address bar,its https:// everywhere but the padlock doesn't show up green,tested in whynopadlock with no errors.And when you change pages it shows up for few seconds with the word SECURE in green too.. Shall i scan anyway every single php file? i'm having trouble getting rid off this last error from the chrome inspector that causes the no show, of the green padlock,i guess.although the check site says everything ok..but its not obviously. ---->Mixed Content: The page at 'https://www.erboristeria-benessere.it/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.erboristeria-benessere.it/index.php'. This endpoint should be made available over a secure connection. in line 1018 <div class="ui-widget infoBoxContainer mj-manufacturers"> <div class="ui-widget-header infoBoxHeading">Produttori</div> <div class="ui-widget-content infoBoxContents"><form name="manufacturers" action="http://www.erboristeria-benessere.it/index.php" method="get"><select name="manufacturers_id" onchange="this.form.submit();" size="1" style="width: 100%"><option value="" selected="selected">Selezionare</option><option value="16">Aboca</option><option value="43">Ardes</option><option value="25">Bios Line</option><option value="45">Enervit</option><option value="19">Erbamea</option><option value="20">Farmaderbe</option><option value="22">Guam</option><option value="18">L'Erbolario</option><option value="24">Nature's</option><option value="17">Planta Medica</option><option value="46">ProAction</option><option value="26">PromoPharma</option><option value="44">Sottolestelle</option><option value="47">Ultimate Italia</option><option value="27">Vaderb</option><option value="48">Viropa</option><option value="21">Vital Factors</option></select></form></div></div> Looks very easy where to look for but hell no way to get this MF Thanks again Phil you saved me already ones!! Best Regards Nicolas Link to comment Share on other sites More sharing options...
MrPhil Posted January 20, 2018 Share Posted January 20, 2018 3 hours ago, desmoulins22 said: function getData() { global $HTTP_GET_VARS, $oscTemplate; to function getData() { global $request_type, $oscTemplate; Uh, no, in general you want to add $request_type to the list, not replace $HTTP_GET_VARS. If $HTTP_GET_VARS is actually not used, that would be harmless, but if you don't know for sure, leave it. It might be used by a function at a deeper level (called from this function). Quote tep_draw_form('manufacturers', tep_href_link(FILENAME_DEFAULT, '', 'NONSSL', false), 'get'). to tep_draw_form('manufacturers', tep_href_link('index.php', '', $request_type, false), 'get') . Unless you can show that FILENAME_DEFAULT is not defined, you should leave it as-is. I don't know quite why you were told to change 'NONSSL' to $request_type, when it would have been easier to change it to 'SSL', but no real harm done. Perhaps it was done that way to make any future return to a not-all-SSL site easier? Quote Shall i scan anyway every single php file? Yes. I hope you're not looking at every file individually in an editor, but are using an appropriate bulk file scanner (grep for Linux, findstr for Windows). You should have all your files on your PC anyway, as a backup, so you can run the scan there if it's inconvenient to do it on the server. Link to comment Share on other sites More sharing options...
desmoulins22 Posted January 20, 2018 Share Posted January 20, 2018 @MrPhil I'm getting confused now lets see if i can make sense of it. 1) function getData() { global $HTTP_GET_VARS, $oscTemplate; or function getData() { global $request_type, $oscTemplate; should be ? : function getData() { global $HTTP_GET_VARS,$request_type, $oscTemplate; do i understand correctly? And regarding the following part,i was suggested to change,to my knowledge it was making sense actually adding the request type,otherwise how would it know where to look for,NO?? and the FILENAME_DEFAULT is defined with index.php. tep_draw_form('manufacturers', tep_href_link(FILENAME_DEFAULT, '', 'NONSSL', false), 'get'). to tep_draw_form('manufacturers', tep_href_link('index.php', '', $request_type, false), 'get') . And well i will definitively download all files and scan it one by one because this situation is getting out of hand,a whole week just because of this confusing problem. Thank You !And enjoy your weekend.. Best regards Nicolas Link to comment Share on other sites More sharing options...
Jack_mcs Posted January 20, 2018 Share Posted January 20, 2018 This is a long thread so it is easy for things to get lost. As mentioned previously, there are many versions of shops and individual site changes means there are even more. So when I mentioned changing the global line I was giving an example, not actual code. I apologize if that was not clear. The global $HTTP_GET_VARS,$request_type, $oscTemplate; is correct, assuming what you showed as being there is correct. I checked your site and it is not getting a secure error now so it appears you fixed it. Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
desmoulins22 Posted January 20, 2018 Share Posted January 20, 2018 @Jack_mcs Yeah you right sometimes when threads get so long its too much too read adding the bits of each one,no need to apologise but maybe did confuse a bit. Did you check the site with Chrome? I still get this see pics.. And when i land on the main page with a fresh browser it's Then as soon i start changing pages it gets back like in pic 1 i'm very confused.Does it make sense? Thank you for going along.. Best regards Nicolas Link to comment Share on other sites More sharing options...
desmoulins22 Posted January 20, 2018 Share Posted January 20, 2018 Little Update, i just disabled the manufacturers box from within the admin site and everything went PERFECT !!! Well i will keep it in quarantine for a while and dismantle it with relax while the shop works fine. Again would like generously thank everyone's help and input,when i get to the bottom of it i will update the situation. Enjoy your weekend and thanks to everybody Best regards Nicolas Link to comment Share on other sites More sharing options...
Jack_mcs Posted January 20, 2018 Share Posted January 20, 2018 I didn't realize you had hijacked the thread so I checked the wrong site. In the future please start your own thread to avoid things like this. Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
MrPhil Posted January 20, 2018 Share Posted January 20, 2018 8 hours ago, desmoulins22 said: function getData() { global $HTTP_GET_VARS,$request_type, $oscTemplate; do i understand correctly? Yes. You want to add $request_type, not replace another variable. Quote And regarding the following part,i was suggested to change,to my knowledge it was making sense actually adding the request type,otherwise how would it know where to look for,NO?? and the FILENAME_DEFAULT is defined with index.php. tep_draw_form('manufacturers', tep_href_link(FILENAME_DEFAULT, '', 'NONSSL', false), 'get'). to tep_draw_form('manufacturers', tep_href_link('index.php', '', $request_type, false), 'get') . It was unnecessary (but harmless) to change FILENAME_DEFAULT to 'index.php'. They should be equivalent. If you're running your entire site in SSL; 'NONSSL', 'SSL', and $request_type will be functionally equivalent, since both the 'SSL' and 'NONSSL' will be replaced by https://...domain name/catalog/. $request_type will be either 'SSL' or 'NONSSL' (probably 'SSL', if you're running under all-SSL pages). Quote And well i will definitively download all files and scan it one by one Depending on what you're scanning for, you can usually use grep (Linux) or findstr (Windows) to bulk scan all your files (or all *.php) at once. I hope you're not looking through each file one-by-one with an editor -- that would be a lot of unnecessary labor. Link to comment Share on other sites More sharing options...
inra311 Posted June 10, 2018 Share Posted June 10, 2018 On 18.1.2018 at 6:14 PM, desmoulins22 said: OsCommerce 2.3.4 Plesk Onyx Version 17.5.3 Update #37, Centos 6.9 final Hi to everyone, one of my problems was that after having added the SSL certificate and converted to https was (keep in mind that i did the necessary changes in the config files /admin and include) that chrome browser didn't add to my cart any item when clicking the "add to cart button" just having an empty cart,but if clicking "buy now" it would add it.In firefox nearly the same just with an pop up security message warning that it isn't secure but then anyway an empty cart.That said i followed MrPhils suggestion and changed the code in tep_href_link() (in includes/functions/html_output.php) from 'NONSSL' to 'SSL'. And that fixed my problem stright away. So THANK YOU Phil..!!! Please HELP, I have the same problem now: empty cart after "Add to cart" (which calls up an insecure-connection warning now) (Adding to the cart from a category page with the buy now button still works without a problem!) (I am using 2.3.4.1 CE) What started the problem: I used SSL for login, checkout etc. since long but today I wanted to change my shop to ALL SSL (with a 301 redirect http: --> https: in htaccess). This worked in so far as any pages are https://... now and I see the green padlock in Firefox. I just can't buy from product info page :(( I already tried the fix that helped desmoulins22 in this thread: changing in html_output.php function tep_href_link($page = '', $parameters = '', $connection = 'NONSSL', $add_session_id = true, $search_engine_safe = true) { to function tep_href_link($page = '', $parameters = '', $connection = 'SSL', $add_session_id = true, $search_engine_safe = true) { But this does not help :( Do I have to find every http:// link first, or is there any fix that makes at least the shopping cart work again for now? Link to comment Share on other sites More sharing options...
inra311 Posted June 10, 2018 Share Posted June 10, 2018 Hmm, when I set both the http and the https server to https in includes/configure.php it works: define('HTTP_SERVER', 'https://www.mydomain.com'); define('HTTPS_SERVER', 'https://www.mydomain.com'); Is this advisable or even the way it should be, or better not?? If sou, also both in admin/includes/configure.php ? And in includes/configure.php I see this one: define('DIR_FS_CATALOG', '/home/strato/http/power/rid/xx/xx/xxxxx/htdocs/guitar/shop/'); better to: define('DIR_FS_CATALOG', '/home/strato/https/power/rid/xx/xx/xxxxx/htdocs/guitar/shop/'); ??? Link to comment Share on other sites More sharing options...
♥raiwa Posted June 10, 2018 Share Posted June 10, 2018 If you wants all pages with SSL it's the way to do it. About Me: http://www.oscommerce.com/forums/user/249059-raiwa/ Need help? How To Get The Help You Need Is your version of osC up to date? You'll find the latest osC community version CE Phoenix here. Public Phoenix Change Log Cheat Set on Google Sheets Link to comment Share on other sites More sharing options...
inra311 Posted June 10, 2018 Share Posted June 10, 2018 Thanks for the answer. I was not sure in case there are still any http internal links (which at the moment for sure still are...) What about this one: define('DIR_FS_CATALOG', '/home/strato/http/power/rid/xx/xx/xxxxx/htdocs/guitar/shop/'); better to: define('DIR_FS_CATALOG', '/home/strato/https/power/rid/xx/xx/xxxxx/htdocs/guitar/shop/'); ??? Link to comment Share on other sites More sharing options...
MrPhil Posted June 10, 2018 Share Posted June 10, 2018 Does the directory /home/strato/https/ actually exist? If not, leave it as http/. Link to comment Share on other sites More sharing options...
inra311 Posted June 10, 2018 Share Posted June 10, 2018 It is a shared host, I don't have access to those 'directories' so ..?? It is the absolute path that I figured out somehow years ago. I left it at /http/ but changed all http:// in both configure.php files to https:// which makes the shop work fine with all desktop browsers, as it seems for now. Only remaining problem: I still cannot put anything from product info into my cart with any android device (no error, just nothing happens) (BTW, my S4 mobile with chrome says the SSL certificate is not trustable, all other android mobiles say it is alright, putting into the cart does NOT work on all of these :( ) Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.