That makes sense!
I thought the edits were for the catalog configure.php file.
Silly me! :)
That makes sense!
I thought the edits were for the catalog configure.php file.
Silly me! :)
My Contributions: Zen Lightbox | Best Sellers Reloaded
I had to impliment the above because when in Admin, it looked as though credit card payment account logon information (Authorize.Net) appears to be displayed on a non secure page.
In any event, after enabling SSL for all of Admin, I found that any page with the language logo (the country flag) would generate an error in IE asking if I want to view the insecure information.
It appears that the link for the flag is fully qualified and thus appears as http://www.storename.com/catalog/inc...glish/icon.gif instead of a relative directory location like /includes/languages/english/icon.gif.
I know this language icon is displayed in a number of places. How best can I force the lookup to a relative address to eliminate the warning?
Aloha from Hawaii! (its a dirty job, but SOMEBODY has to live here...)
Anyone?
I have looked through many files, I believe the pages are using DIR_WS_CATALOG_IMAGES when they should be using /images/icon.gif or a combination of FS_CATALOG and FS_IMAGES
BecauseI'm thinking the link should be relative rather than a non-ssl full URL.
I've spent over 8 hours searhing and trying changes. I'm not sure where all the links are...
Aloha from Hawaii! (its a dirty job, but SOMEBODY has to live here...)
... and now you understand why the admin doesn't switch from HTTP to HTTPS automatically like the catalog.
You can run the whole Admin as SSL by changing your configure files. Change the HTTP paths to the HTTPS address.
Please do not PM for support issues: a private solution doesn't benefit the community.
Be careful with unsolicited advice via email or PM - Make sure the person you are talking to is a reliable source.
I had changed the 2 defines to both point to HTTPS:
define('HTTP_SERVER', 'https://www.myserver.com');
define('HTTPS_SERVER', 'https://www.myserver.com');
Everything worked fine except for displaying the flag from the language directory. Every time I went to modify a catalog item, the dreaded "mixed secure and non-secure" message came up.
I finally changed the following text from HTTP_CATALOG_SERVER to HTTPS_CATALOG_SERVER and it seems to be working now.
define('DIR_WS_CATALOG_LANGUAGES', HTTPS_CATALOG_SERVER . DIR_WS_CATALOG . 'includes/languages/');
So if anyone needs to secure the Admin side of things (so USPS and Authorize.Net passwords are not sent in the clear when you modify their configs) just go to the Admin config file and change all 3 of the above defines to reflect HTTPS.
Aloha from Hawaii! (its a dirty job, but SOMEBODY has to live here...)