Unsecure items

[Blake81]

When you add something to your cart and proceed to checkout on my site, you get a message that the page contains secure and unsecure items. Can someone take a look at my site, add something to their cart, and proceed to the checkout page and let me know if you can see what is causing this? I'm also noticing that the checkout page isn't showing the "SSL lock" at the address bar.

The website is here. Thanks for any help.

Edit: You only get the message in IE, not FireFox.

[DWells]

It would seem your error's are coming from this:

Code:

<script type="text/javascript" src="http://cetrk.com/pages/scripts/0007/4881.js"> </script>

I'm not sure what it's for, but it is located in/near your footer; directly below your GoDaddy seal; which probably means it's that clock running below it.

By changing that code to:

Code:

<script type="text/javascript" src="https://cetrk.com/pages/scripts/0007/4881.js"> </script>

Making it call a Secure server for the code it runs, eliminates the broken lock problem you are experiencing. F.Y.I. you have the same problem in FireFox, but FireFox it ignores the insecure link, but you will see a line through the lock... you have this problem on ALL links pointing to https://

To see this code, in FireFox (with the developers tool) you can click on "View Source" and scroll to the bottom of your page, this code is located directly above the

Code:

</body>
</html>

Tags.

Best of luck.

[Blake81]

Thanks. I don't see that code in the banner where I added that seal. The only code I put in that banner to make it show up is:

<script language="Javascript" src="https://seal.godaddy.com/getSeal?sealID=110844111805b701a721271165f2300b017f430792266467286991800"></script>

Is it possible that the code is added by the javascript? Wonder if there is a way to change the setting for the seal in GoDaddy.

[DWells]

Thanks. I don't see that code in the banner where I added that seal. The only code I put in that banner to make it show up is:

<script language="Javascript" src="https://seal.godaddy.com/getSeal?sealID=110844111805b701a721271165f2300b017f430792266467286991800"></script>

Is it possible that the code is added by the javascript? Wonder if there is a way to change the setting for the seal in GoDaddy.

I don't think it is related to GoDaddy's seal. The reason I say this is because:

Code:

<!--bof- parse time display -->
<!--eof- parse time display -->
<!--bof- banner #6 display -->
<div id="bannerSix" class="banners"><script language="Javascript" src="https://seal.godaddy.com/getSeal?sealID=110844111805b701a721271165f2300b017f430792266467286991800"></script></div>
<!--eof- banner #6 display -->
<script type="text/javascript" src="http://cetrk.com/pages/scripts/0007/4881.js"> </script>
</body></html>

As you can see in the code above GoDaddy has a "godaddy.com" address, and is between the

Code:

<!--bof- banner#6 display -->

& the

Code:

<!--eof- banner #6 display -->

It is not the clock as I previously thought possible. To find what file the code is in do the following:

Log into your sites Admin.

Go to: Tools >> Developers Tool Kit >>

in the box at the bottom of that page that says "Key or Name:" type in " cetrk.com " then select "All Files - Catalog/Admin" in the "All Files Look-ups:" box and click search.

It will bring up a list of all files with that info in it, as well as what line you will find the code on; once you locate the file just make the simple change from "http://" to "https://" to keep the code functioning.

[Blake81]

Great! That fixed it. It was in "tpl_main_page.php". Thanks for your help. :)

[DWells]

Great! That fixed it. It was in "tpl_main_page.php". Thanks for your help. :)

You are very welcome, Glad I could help

[Blake81]

Actually, I just double checked. It looks fine in IE, but it still shows the line through the SSL lock in FireFox. Why would it not work there? Could it just be that the site is cached?

[DWells]

Actually, I just double checked. It looks fine in IE, but it still shows the line through the SSL lock in FireFox. Why would it not work there? Could it just be that the site is cached?

Must be a cache issue on your machine, because I just checked it in IE7, FireFox & Opera... and all three are showing that the log in page is secure, and nothing is breaking the security in my browsers.

[DrByte]

Related FAQ for future reference: https://www.zen-cart.com/tutorials/i...hp?article=150