Originally Posted by
jpirie
Yes, sorry, I was disregarding the first line of the scipt
The https:// part has to have it's 's' removed to make the site work at all...even as a fresh install which it is at present just using the defaults, I have not had time to add a template since upgrading the site and hitting this problem again. The site is located here
http://www.shake-the-tree.com/shop/
How do I carry out a review of the code? Is that part of the instructions at the start of this thread?
Thanks for your continued interest. By and large
https://www.eukhost.com/ have been very good over the years I have used them and, I do only pay for a shared server so perhaps this is the issue, but I am sensing that I am digging a little too deeply here for their comfort! We may need to move the E.Commerce site to another host if I cannot get to the bottom of this one :)
James
OK, so here is what I have from looking at/through the Web facing part of your store, which seems odd.
Your base href tag which is assigned in includes/templates/responsive_classic/common/html_header.php is coming back as https:. In a default/unmodified site this is because $request_type indicates 'SSL'. The variable $request_type is assigned during the page load in includes/init_includes/init_file_db_name.php unless it is overridden (which could be the case?). It is assigned 'SSL' if any of the following conditions (between double pipe characters ||) is true.
Code:
((isset($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS']) == 'on' || $_SERVER['HTTPS'] == '1'))) ||
(isset($_SERVER['HTTP_X_FORWARDED_BY']) && strpos(strtoupper($_SERVER['HTTP_X_FORWARDED_BY']), 'SSL') !== false) ||
(isset($_SERVER['HTTP_X_FORWARDED_HOST']) && (strpos(strtoupper($_SERVER['HTTP_X_FORWARDED_HOST']), 'SSL') !== false || strpos(strtolower($_SERVER['HTTP_X_FORWARDED_HOST']), str_replace('https://', '', HTTPS_SERVER)) !== false)) ||
(isset($_SERVER['HTTP_X_FORWARDED_SERVER']) && strpos(strtolower($_SERVER['HTTP_X_FORWARDED_SERVER']), str_replace('https://', '', HTTPS_SERVER)) !== false) ||
(isset($_SERVER['SCRIPT_URI']) && strtolower(substr($_SERVER['SCRIPT_URI'], 0, 6)) == 'https:') ||
(isset($_SERVER['HTTP_X_FORWARDED_SSL']) && ($_SERVER['HTTP_X_FORWARDED_SSL'] == '1' || strtolower($_SERVER['HTTP_X_FORWARDED_SSL']) == 'on')) ||
(isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && (strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'ssl' || strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https')) ||
(isset($_SERVER['HTTP_SSLSESSIONID']) && $_SERVER['HTTP_SSLSESSIONID'] != '') ||
(isset($_SERVER['HTTP_X_FORWARDED_PORT']) && $_SERVER['HTTP_X_FORWARDED_PORT'] == '443') ||
(isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == '443')
As can be seen, these are server side "settings", so if any of these are incorrectly set to return true, then that can be an issue and likely explains what is observed.
To correct your issue, which does appear to be server related you could modify includes/templates/YOUR_TEMPLATE/common/html_header.php to account for you not enabling SSL, and that should resolve the issue for website visitors, but doesn't solve the underlying problem which is the server's configuration. The way the default ZC template is setup and installation check(s) are setup help to identify this issue, but if it can't be corrected, yes would suggest a change in hosting arrangement. Thing is, if they can't setup their shared server correctly, what's to say that they could setup a "hosted" or dedicated server correctly?
The change needed in html_header would be to modify:
Code:
<base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER . DIR_WS_HTTPS_CATALOG : HTTP_SERVER . DIR_WS_CATALOG ); ?>" />
To:
Code:
<base href="<?php echo (($request_type == 'SSL' && ENABLE_SSL == 'true') ? HTTPS_SERVER . DIR_WS_HTTPS_CATALOG : HTTP_SERVER . DIR_WS_CATALOG ); ?>" />
Bookmarks