Are you suggesting the lines should be as below?
Originally Posted by DrByte
I am checking in SSL is enabled on purpose. Hence
$gateway_vars['return_link_url'] = zen_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL', true);
$gateway_vars['reply_link_url'] = zen_href_link(FILENAME_CHECKOUT_PROCESS, $query_string, 'SSL' );
As NAB Transact provides the SSL payment page where the customers enter the card details I have seen carts who haven't got their own SSL. While I don't recommend anyone collecting personal information (even if they are not credit card details) via a non-SSL page it is possible for business owners to do this. This is the reason I am checking if SSL is enabled. If it is the code will pass the SSL enabled URL, if it's not the code will pass the non-SSL URL.
(ENABLE_SSL ? 'SSL' : 'NONSSL')
In fact, I should have had this code from day one.
The fact Zen Cart ignore if a non-SSL URL is called back has nothing to do with the module or NAB Transact. As I pointed out the code in init_session.php is doing this. Not sure if it's by design. If it is, it is strange ZC allows the cart to operate without SSL, but forces SSL at a certain point. Why not enforce the fact cart must have SSL everywhere? I digress.
I didn't want to code the module specific to this anomaly. The code I gave will work if init_session.php is fixed and ZC starts supporting non-SSL callback (fixed is probably not the correct term as I don't know if it's by design or a mistake)
Want to hear your thoughts on this.