secure and nonsecure items base href?

[JJDoench]

website: www.bestfriendsquilts.com

I'm getting the dreaded "this page contains both secure and nonsecure items" error message when accessing supposedly secure pages. If I choose NO, do not display nonsecure items, it basically throws out the entire stylesheet. I cannot find any http: coded images or links in either my header or footer template, or my stylesheet.

Also, having read some of the other related threads, I looked at my source code and noticed my base href is not https.

My config files all say to use secure checkout.

This error does not occur in IE6, but does in IE7. I haven't tried the newest IE yet.

Btw, in Firefox 3.5.6, I don't get an error message when I go to Log In, but it boots me back to the Home Page... but then lets me through the checkout process normally after that.

JJ Doench

[Kim]

http://www.bestfriendsquilts.com/images/logo_01.gif
http://www.bestfriendsquilts.com/images/logo_02.gif
http://www.bestfriendsquilts.com/images/logo_03.gif
http://www.bestfriendsquilts.com/images/logo_04.gif
http://www.bestfriendsquilts.com/images/logo_05.gif
http://www.bestfriendsquilts.com/images/logo_06.gif
http://www.bestfriendsquilts.com/ima...ipping_box.jpg
http://www.bestfriendsquilts.com/inc...kout_green.gif
http://www.bestfriendsquilts.com/inc...Background.jpg
http://www.bestfriendsquilts.com/images/sign_up.gif

Each of those is being called non-SSL -

[JJDoench]

Maybe I am coding them incorrectly? This is what is in my tpl_header.php file:

Code:

<a href="index.php?main_page=index">
				<IMG SRC="images/logo_01.gif" WIDTH=293 HEIGHT=100 BORDER=0 ALT="Best Friends Quilt Shoppe"></a></TD>

And so on for the logo_02.gif, etc.

JJDoench

[tino.schlegel]

You should use the zen-image function to include pictures

Example:

Code:

zen_image($template->get_template_dir(HEADER_LOGO_IMAGE, DIR_WS_TEMPLATE, $current_page_base,'images'). '/' . 'logo_01.gif', HEADER_ALT_TEXT, HEADER_LOGO_WIDTH, HEADER_LOGO_HEIGHT) .

It is assumed that the images are located in the template folder in the images folder.

[JJDoench]

I will try this - thank you!
JJDoench

[JJDoench]

okay, so I get how to do the . zen_image part...

What I don't get is how to set up the links

How do I get

Code:

<a href="' . HTTP_SERVER . DIR_WS_CATALOG . '">

to link to specific places within my catalog?

JJDoench

[tino.schlegel]

Depends where you want to link to. There are many predefined pages existing and you can choose if the link it SSL or NONSSL.

But this has nothing to do with your warnings in SSL pages, only when a customer clicks on a link it may say that you leave the secure page.

Few example:

Code:

<a href="<?php echo zen_href_link(FILENAME_SHOPPING_CART, '', 'NONSSL'); ?>"><?php echo HEADER_TITLE_CART_CONTENTS; ?></a>
<a href="<?php echo zen_href_link(FILENAME_LOGOFF, '', 'SSL'); ?>"><?php echo HEADER_TITLE_LOGOFF; ?></a>
<a href="<?php echo zen_href_link(FILENAME_ACCOUNT, '', 'SSL'); ?>"><?php echo HEADER_TITLE_MY_ACCOUNT; ?></a>
<a href="<?php echo zen_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'); ?>"><?php echo HEADER_TITLE_CHECKOUT; ?></a>

[JJDoench]

okay, so I could link them the way they were, with the
<a href=index... > right?

JJDoench

[JJDoench]

So, I changed out all the image links in the header template to be zen_image links. It doesn't seem to have made any difference to the secure/nonsecure problem.

This is what I currently have:

Code:

<?php echo '<a href="index.php?main_page=index&cPath=1168">' . zen_image($template->get_template_dir(HEADER_LOGO_IMAGE, DIR_WS_TEMPLATE, $current_page_base,'images'). '/' . 'logo_02.gif', HEADER_ALT_TEXT) . '</a>'; ?>

What did I do wrong?

JJDoench
www.bestfriendsquilts.com

[barco57]

https://www.bestfriendsquilts.com/in...ain_page=login (23) 123.03 KB
www.bestfriendsquilts.com (19) 108.37 KB
html (1) Unknown
https://www.bestfriendsquilts.com/in...ain_page=login Unknown
Stylesheet (5) 29.17 KB
http://www.bestfriendsquilts.com/inc...imagehover.css 434 Bytes
http://www.bestfriendsquilts.com/inc...stylesheet.css 24.07 KB
http://www.bestfriendsquilts.com/inc...et_dotline.css 295 Bytes
http://www.bestfriendsquilts.com/inc...eader_menu.css 2.52 KB
http://www.bestfriendsquilts.com/inc.../css/login.css 1.87 KB
Script (1) 5.92 KB
http://www.bestfriendsquilts.com/inc..._imagehover.js 5.92 KB
Background (2) 7.52 KB
http://www.bestfriendsquilts.com/inc...s/headerBG.jpg Unknown
http://www.bestfriendsquilts.com/inc...Background.jpg 7.52 KB
Image (8) 62.89 KB
http://www.bestfriendsquilts.com/inc...es/logo_01.gif 4.19 KB
http://www.bestfriendsquilts.com/inc...es/logo_02.gif 6.72 KB
http://www.bestfriendsquilts.com/inc...es/logo_03.gif 8.67 KB
http://www.bestfriendsquilts.com/inc...es/logo_04.gif 8.04 KB
http://www.bestfriendsquilts.com/inc...es/logo_05.gif 6.62 KB
http://www.bestfriendsquilts.com/inc...es/logo_06.gif 6.61 KB
http://www.bestfriendsquilts.com/inc...150DOLLARS.jpg 2.23 KB
https://www.bestfriendsquilts.com/images/cot.gif 19.81 KB
Input Image (2) 2.87 KB
http://www.bestfriendsquilts.com/inc...kout_green.gif 1.58 KB
http://www.bestfriendsquilts.com/images/sign_up.gif 1.28 KB
secure.comodo.net (1) 4.72 KB
Script (1) 4.72 KB
https://secure.comodo.net/trustlogo/javascript/cot.js 4.72 KB
ssl.google-analytics.com (1) 9.81 KB
Script (1) 9.81 KB
https://ssl.google-analytics.com/ga.js 9.81 KB
secure.comodo.com (2) 126 Bytes
html (1) 63 Bytes
https://secure.comodo.com/trustlogo/images/cot_bgf0.gif 63 Bytes
Image (1) 63 Bytes
https://secure.comodo.com/trustlogo/images/cot_bgf0.gif 63 Bytes


Did you hard code the base href? because on the login page which has a secure url I see this in the view source:

Code:

<base href="http://www.bestfriendsquilts.com/" />

so as shown above everything on the page including stylesheets is get called unsecure except the hard coded secure calls for google analytics and your trustlogo.