When I click add to cart it just returns with a page "Your shopping cart is empty". It worked fine before changing ssl. Any thoughts?
When I click add to cart it just returns with a page "Your shopping cart is empty". It worked fine before changing ssl. Any thoughts?
When you "turned on SSL", what changes did you make to your store's /includes/configure.php and /admin/includes/configure.php?
Thanks for the reply. Initially, I set just the "HTTPS_SERVER" and the "ENABLE_SSL", but I just changed the normal "HTTP_SERVER" to the https version of the site and that seems to have fixed it. Is there something wrong with the setup that I have to do it this way? I know I want the site only in https, but for testing purposes I didn't enable both. Is there anything else I should be looking out for?
Nope, what you corrected to is the "suggested" method:
HTTP_SERVER ... https://www.example.com
HTTPS_SERVER ... https://www.example.com
USE_SSL ..... 'true'
your initial setup should have worked. the reason why it did not work, is probably due to a hard coded link. for years, there were plenty of ZC installs operating the way that you had it set up. in my experience, when a ZC exhibits the behavior that you saw, it means after you add something to the cart, ZC redirects you to:
https://YOUR_SITE/index.php?main_page=shopping_cart
when it should be redirecting you to:
http://YOUR_SITE/index.php?main_page=shopping_cart
or vice-versa. adding something to the cart from a non-ssl page needs to go to a non-ssl shopping cart page, and adding something from a SSL page needs to go to a SSL shopping cart page. it's only after a customer logs in that i believe those 2 carts get combined.
in any event, i'm taking guesses based on past experience....
to be clear, this is the suggested method for enabling SSL for ALL pages. for years, ZC worked fine the other way and i see no reason why it should not today....
best.
For eight months now, Chrome has been telling folks that any zen cart page not presented in https:// is insecure regardless of the validity of the site's SSL.
Starting this month Chrome will declare ANY site as insecure that does not present content as https://.
Firefox started this in motion in 2015 and actually notifies folks as of January last year.
Unless you can re-educate the customer base, they are going to be scared off by such a claim. I'm sure the others will follow suit soon.
Are You Vulnerable for an Accessibility Lawsuit?
myZenCartHost.com - Zen Cart Certified, PCI Compatible Hosting by JEANDRET
Free SSL, Domain, and MagicThumb with semi-annual and longer hosting.
Bookmarks