SSL problem in Google Chrome

[doooomed]

There's another..

Code:

<!--bof-header logo and navigation display-->


<div class="fb-like" data-colorscheme="dark" data-font="verdana" data-href="http://www.doooomed.com" data-send="true" data-show-faces="false" data-width="300">


    &nbsp;</div>


<div id="headerWrapper">

Cheers
Rod

Unfortunately still no change. All that code I am removing has been there a long time...!

[RodG]

Unfortunately still no change. All that code I am removing has been there a long time...!

I'm pretty much out of ideas/suggestions. About the only other thing I'm seeing shouldn't be causing the problem anyway, but that is, at the very bottom of the page is a stray "<" character.


Aha! I think I found it.

Code:

                                             <script><!--
function session_win() {
  window.open("http://doooomed.com/index.php?main_page=info_shopping_cart","info_shopping_cart","height=460,width=430,toolbar=no,statusbar=no,scrollbars=yes").focus();
}
//--></script>

Cheers
RodG

[doooomed]

Aha! I think I found it.

Code:

                                             <script><!--
function session_win() {
  window.open("http://doooomed.com/index.php?main_page=info_shopping_cart","info_shopping_cart","height=460,width=430,toolbar=no,statusbar=no,scrollbars=yes").focus();
}
//--></script>

Are you saying this code is incorrect or shouldn't be there at all? I removed it but nothing changed. I put it back because I don't know what it does.

[RodG]

Are you saying this code is incorrect or shouldn't be there at all? I removed it but nothing changed. I put it back because I don't know what it does.

Good morning.

Apparently I wasn't thinking too clearly last night with my previous suggestions. I'll put it down to being overtired.

I've taken another look into this today and am kicking myself for all the bad leads I gave you.

The problem is being caused because one of the form actions is pointing to a non ssl page. Specifically,

Code:

<!--// bof: artists //-->
<div class="rightBoxContainer" id="artists" style="width: 190px">
<h3 class="rightBoxHeading" id="artistsHeading"><label>Bands</label></h3>
<div id="artistsContent" class="sideBoxContent centeredContent">
<form name="artist_form" action="http://dxxxxmed.com/index.php?main_page=index" method="get"><input type="hidden" name="main_page" value="index" /><input type="hidden" name="typefilter" value="artist" />
<select name="artists_id" onchange="this.form.submit();" size="MAX_RECORD_ARTISTS_LIST" style="width: 90%; margin: auto;">

The 'action' link needs to be "https://dxxxxmed.com"

I made this determination by viewing the page with Chrome, then from the Chrome menu selecting 'tools->Javascript_console'

This gave the following info:
The page at 'https://dxxxxmed.com/index.php?main_page=login' was loaded over HTTPS, but is submitting data to an insecure location at 'http://dxxxxmed.com/index.php?main_page=index': this content should also be submitted over HTTPS.

This gave me a clue that I should be looking at the form/submit elements, so I then did a search on the "view-source" of the page which gave me the form link I've given above. It is the only form link on the page that doesn't use "https".

The only thing that puzzles me now is *why* this link isn't using https, because to the best of my knowledge these links are dynamically generated from the configure.php settings. I think that this is something you'll need to determine for yourself though.

Also, although not relevant to the problem, you see the "MAX_RECORD_ARTISTS_LIST"? This should actually 'resolve' to a number (so it reads something like size="25". This implies that there is probably a missing entry in your database configuration table.

Hopefully this info will help you resolve the problem.
Apologies for leading you astray last night. I should have used the Chrome tools in the 1st place rather than just looking at the page code.

Cheers
RodG

[doooomed]

Thanks for all the help and time you put into this. I really appreciate it!

In /public_html/includes/templates/mostlygrey/sideboxes/tpl_artists_select.php I found

<?php
/**
* Side Box Template
*
* @package templateSystem
* @copyright Copyright 2003-2006 Zen Cart Development Team
* @copyright Portions Copyright 2003 osCommerce
* @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
* @version $Id: tpl_artists_select.php 4773 2006-10-17 06:10:58Z drbyte $
*/
$content = "";
$content .= '<div id="' . str_replace('_', '-', $box_id . 'Content') . '" class="sideBoxContent centeredContent">';
$content .= zen_draw_form('artist_form', zen_href_link(FILENAME_DEFAULT, '', 'NONSSL', false), 'get');
$content .= zen_draw_hidden_field('main_page', FILENAME_DEFAULT) . zen_hide_session_id() . zen_draw_hidden_field('typefilter', 'artist');
$content .= zen_draw_pull_down_menu('artists_id', $artists_array, (isset($_GET['artists_id']) ? $_GET['artists_id'] : ''), 'onchange="this.form.submit();" size="' . MAX_RECORD_ARTISTS_LIST . '" style="width: 90%; margin: auto;"');
$content .= '</form>';
$content .= '</div>';
?>

I removed NONSSL and now have..

<?php
/**
* Side Box Template
*
* @package templateSystem
* @copyright Copyright 2003-2006 Zen Cart Development Team
* @copyright Portions Copyright 2003 osCommerce
* @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
* @version $Id: tpl_artists_select.php 4773 2006-10-17 06:10:58Z drbyte $
*/
$content = "";
$content .= '<div id="' . str_replace('_', '-', $box_id . 'Content') . '" class="sideBoxContent centeredContent">';
$content .= zen_draw_form('artist_form', zen_href_link(FILENAME_DEFAULT, '', '', false), 'get');
$content .= zen_draw_hidden_field('main_page', FILENAME_DEFAULT) . zen_hide_session_id() . zen_draw_hidden_field('typefilter', 'artist');
$content .= zen_draw_pull_down_menu('artists_id', $artists_array, (isset($_GET['artists_id']) ? $_GET['artists_id'] : ''), 'onchange="this.form.submit();" size="' . MAX_RECORD_ARTISTS_LIST . '" style="width: 90%; margin: auto;"');
$content .= '</form>';
$content .= '</div>';
?>

It seems to be working now, but I don't know if that was the correct fix.

Now when logged in I am getting the same problem with the main page. It is the social media button images which I found using the method I just learned from you

What's strange is all this stuff has been in place for a very long time without issue. Maybe a change on Google's end?

Thanks again!

[doooomed]

Actually removing the "NONSSL" made my drop down list in the sidebox disappear! Apparently not the correct fix. I put SSL in it's place and now it seems to be working!

[RodG]

I removed NONSSL and now have..

It seems to be working now, but I don't know if that was the correct fix.

Alas, I couldn't tell you if this is the 'correct' fix or not, but since its working it's probably 'good enough' :)

Now when logged in I am getting the same problem with the main page. It is the social media button images which I found using the method I just learned from you

Them be words I love to hear. It is the very reason why I gave that info (give a man a fish and he'll eat for a day.. Teach him to fish and he eats for a lifetime).

What's strange is all this stuff has been in place for a very long time without issue. Maybe a change on Google's end?

It seems that way to me.

Cheers
RodG