Social Bookmark Causes "page contains both secure and nonsecure items" message

[gilby]

I was having a tuff time figuring out why I was getting the dreaded "page contains both secure and nonsecure items" on secure pages.

I try everything I found on the forum:

- check for absolute links
- make sure you modify googele analytics
_ Script referencing http


Well I finally figure out the problem.

I installed a social bookmark script which ran globally and was causing the message to appear. Found this article that mentioned "why would you want to bookmark a checkout". http://pro-webs.net/blog/2009/08/26/...ckout-suicide/

I installed the script on the footer.php and was being called by alll pages including any secure pages e.g. checkout, my account, contact us.

I am posting it here, so it helps someone else pullilng their hair how to get rid off the dreaded "secure/nosecure items" message. As the article states, it could be a suicide at checkout for your potential customers.



I would like to use the social bookmarking, anyone know how to get around this problem?

I use the "addthis" button at the start of the breadcrumbs line in \includes\templates\YOUR_TEMPLATE\common\tpl_main_page.php

PHP Code:

<!-- AddThis Button BEGIN -->
    <?php if ($request_type == 'NONSSL') { ?>

Put your custom button code here

<?php } ?>
<!-- AddThis Button END -->

You don't want to bookmark your SSL pages or distract the customer during checkout.
This keeps it off the checkout pages.

[kburner]

I use the "addthis" button at the start of the breadcrumbs line in \includes\templates\YOUR_TEMPLATE\common\tpl_main_page.php

PHP Code:

<!-- AddThis Button BEGIN -->
    <?php if ($request_type == 'NONSSL') { ?>

Put your custom button code here

<?php } ?>
<!-- AddThis Button END -->

You don't want to bookmark your SSL pages or distract the customer during checkout.
This keeps it off the checkout pages.

Ok. This worked for me for social buttons. Thank you so much!

But now, My Live Help sidebox is causing secure/nonsecure error!

Thanks, Kim

[mzimmers]

To be precise, the problem is not in the anchors themselves; it's the references to the .gif files on www.social-bookmark-script.de. I copied the files to my server, did a little more clean up, and all seems OK now.

[thedjphat]

I'm using zen cart 1.3.9 (latest at time of post)

I ran into this error when adding the facebook like button to our header - and with the help of a good friend, found a workaround which is very simple, and commonly used procedure:

In INCLUDES/TEMPLATES/(yourtemplate)/COMMON/header.tpl
(in my case at least, I wanted to add the button next to the header, under the login, customization will be required for your solution.)

look for
<!--bof-branding display-->
<div id="logoWrapper">
<div id="logo"><?php echo '<a href="' . HTTP_SERVER . DIR_WS_CATALOG . '">' . zen_image($template->get_template_dir(HEADER_LOGO_IMAGE, DIR_WS_TEMPLATE, $current_page_base,'images'). '/' . HEADER_LOGO_IMAGE, HEADER_ALT_TEXT) . '</a>'; ?>

Under this statement - I included some new php which recognizes the http or https state of the page we are on - and if on secure pages, displays an image instead of the facebook like button, dispelling the non secure elements from account pages, but displaying the facebook like button on the home and other http request pages.


<!--bof-facebook like button/secure image-->
<?php
if ($_SERVER['HTTPS']) { ?>
<img src="https://opticalnow.ca/secure.jpg">
<?php
}else{?>
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.opticalnow.ca&amp;layout=standard&amp;show_faces= false&amp;width=200&amp;action=recommend&amp;font=arial&amp;colorscheme=light&am p;height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:200px; height:35px;" allowTransparency="true"></iframe>
<?php;
}?>
<!--eof-facebook like button/secure image-->

You will of course, need to modify this to suit your needs - I used a hard link to image over https, which I'm sure could be improved on, but works for what it is intended for. You will also need to change the facebook source code (everything in iframe)

this little script is to direct user's attention to the locked icon at the bottom of the browser, and confirm that the page is secure.

[DrByte]

Using $request_type is much more reliable than $_SERVER['HTTPS'].

[thedjphat]

that's why i posted... gotta love this community, and thank you btw Dr Byte, for solving more than one of the other issues that came up in installation and customization of what we have so far. I think also a dynamic image link might be useful... but to be sure i hard coded the https. Correct me if I'm wrong, and thanks!