Results 1 to 6 of 6
  1. #1
    Join Date
    Apr 2005
    Posts
    68
    Plugin Contributions
    0

    Default Catalog goes HTTPS despite explicit HTTP setting

    Hello Everyone!

    Unexpected behaviour after customers log in:

    Set up:

    my checkout area is set to be accessed via HTTPS
    my admin area is set to be accessed via HTTP
    my catalog is supposed to be accessed via HTTP (not HTTPS)

    Details:

    here is an excerpt from my 'admin/includes/configure.php' :
    /////////////////////////////////admin///////////////////////////////////////////////
    define('HTTP_SERVER', 'http://www.mydomain.com');
    define('HTTPS_SERVER', 'https://www.mydomain.com');
    define('HTTP_CATALOG_SERVER', 'http://www.mydomain.com');
    define('HTTPS_CATALOG_SERVER', 'https://www.mydomain.com');

    // Use secure webserver for catalog module and/or admin areas?
    define('ENABLE_SSL_CATALOG', 'false');
    define('ENABLE_SSL_ADMIN', 'false');
    ///////////////////////////////admin/////////////////////////////////////////////////

    and here's another excerpt from my regular 'includes/configure.php:
    ////////////////////////////
    define('HTTP_SERVER', 'http://www.mydomain.com');
    define('HTTPS_SERVER', 'https://www.mydomain.com');

    // Use secure webserver for checkout procedure?
    define('ENABLE_SSL', 'true');

    // NOTE: be sure to leave the trailing '/' at the end of these lines if you make changes!
    // * DIR_WS_* = Webserver directories (virtual/URL)
    // these paths are relative to top of your webspace ... (ie: under the public_html or httpdocs folder)
    define('DIR_WS_CATALOG', '/');
    define('DIR_WS_HTTPS_CATALOG', '/');
    ////////////////////////////

    What's going on:

    My checkout works properly under HTTPS,
    my admin area works properly under HTTP,
    but
    when a customer logs in, after the login page (which was served under HTTPS, of course), if he goes or gets redirected to catalog pages, he stays in HTTPS.
    I need websuers to be http in the catalog.

    I'm running on a brand new 1.3.8.a, PHP 5.2.5(Zend 2.2.0), static IP address, not-shared SSL cert.

    Your input is greatly appreciated.

    Thank you!

  2. #2
    Join Date
    Jun 2005
    Location
    Cumbria, UK
    Posts
    10,262
    Plugin Contributions
    3

    Default Re: Catalog goes HTTPS despite explicit HTTP setting

    What is the SSL set to in the OTHER configure.php file ?

    includes/configure.php
    19 years a Zencart User

  3. #3
    Join Date
    Apr 2005
    Posts
    68
    Plugin Contributions
    0

    Default Re: Catalog goes HTTPS despite explicit HTTP setting

    Quote Originally Posted by schoolboy View Post
    What is the SSL set to in the OTHER configure.php file ?

    includes/configure.php
    Please see the original post above, it contains quotes from both files.

    Thank you!

  4. #4
    Join Date
    Apr 2005
    Posts
    68
    Plugin Contributions
    0

    Default Re: Catalog goes HTTPS despite explicit HTTP setting

    For what it's worth:

    Drilling down through the code I found the following in the /includes/pages/login/header_php.php (line 137 in 1.3.8a):
    /////////
    zen_redirect(zen_href_link(FILENAME_DEFAULT, '', $request_type));
    ////////
    This is the line of code that controls the actual redirect after login and all other login related checks.
    It uses the original request type (which is HTTPS in case of login) and does not, seemingly, check where it's redirecting to: back to the catalog or forward to the checkout.

    I would expect it to check the FILENAME_DEFAULT and if the filename belongs to the catalog area, then check the ENABLE_SSL_CATALOG setting, and then use the appropriate request type for the redirect.

    Is it a bug or should I read it differently?

    Thank you all!
    Last edited by dreamdaily; 3 Feb 2010 at 06:20 PM.

  5. #5
    Join Date
    Feb 2005
    Location
    Lansing, Michigan USA
    Posts
    20,024
    Plugin Contributions
    3

    Default Re: Catalog goes HTTPS despite explicit HTTP setting

    I think this is a bug, but previous posts about it usually degenerate into discussions about the secure/non-secure error that is sometimes generated if the main page has non-secure content.

    Best I can offer is this: http://www.zen-cart.com/forum/showthread.php?t=108133

    There are a few other threads if you search for 'login secured'.

  6. #6
    Join Date
    Apr 2005
    Posts
    68
    Plugin Contributions
    0

    Default Re: Catalog goes HTTPS despite explicit HTTP setting

    Thank you, stevesh!

 

 

Similar Threads

  1. Replies: 7
    Last Post: 31 Dec 2014, 04:58 PM
  2. Setting a particular page to use HTTP instead of HTTPS????
    By SaraiSarai in forum General Questions
    Replies: 9
    Last Post: 27 Apr 2012, 06:01 PM
  3. http vs https
    By jaishem in forum General Questions
    Replies: 2
    Last Post: 23 May 2011, 04:56 PM
  4. All orders say 'shipped' despite setting default to 'pending'
    By likes2draw in forum Managing Customers and Orders
    Replies: 3
    Last Post: 19 Feb 2009, 08:13 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR