The simplest approach does not involve changing code you just change all references to HTTPS and you are done. this means in your config files as well as in your store settings. you should not change code unless you have no other options so that there is nothing to maintain and if you choose to change code mad a VQMOD to do so...
Other helpful information:
http://www.randemsystems.com/support/op ... d-to-know/
http://www.randemsystems.com/support/op ... n-2-1-0-1/
http://www.randemsystems.com/support/opencart/
These should help you avoid other issues...
NEVER take serious; anyone who gives negative impact statements with no ABSOLUTE proof!
OpenCart Helpful Information * Upgrade 1.5 to 2.1 * Upgrade 2.1 to 2.2
"Why do people NEVER have enough time to do it right but ALWAYS enough time to do it over?"
DO NOT EVER GIVE SOMEONE YOU DON"T KNOW ADMIN ACCESS TO ANYTHING!
I am NOT affiliated with OpenCart
The bug is not in the admin side but actually in the customer side in the confirmation file. Ive added the vqmod.
You do not need to make changes to anything other than the one file that is causing the issue, it isnt anything to do with any of the config.php files or even the admin file as previously mentioned in this thread.
Firstly this line will only fix past orders so that you can edit them in your admin area you will also need the bugfix that follows.
Edit as needed to suit your store. NOTE BACKUP YOUR DATABASE BEFORE YOU USE THIS!
Heres the magic.... BACKUP NOW, run this in the sql tab of phpmyadmin or whatever method you prefer.
download the mod here from oc extensions
Here is the cpde if you prefer to do your own patch manually
For those with VQMOD, this is the fix to ensure you get the right store url into your orders in the first place.
make an xml file and paste this into it. (drop into vqmod/xml). then as per the normal manner of things, head into modifications and refresh. You can now place a test order then head to the order for edit tests.
And for those without or for those who simply want to manually hard code this: err good luck but all the same.
Open: /catalog/controller/checkout/confirm.php
Find:
Add immediately after:
All went well? Fantastic. Have a nice day 
You do not need to make changes to anything other than the one file that is causing the issue, it isnt anything to do with any of the config.php files or even the admin file as previously mentioned in this thread.
Firstly this line will only fix past orders so that you can edit them in your admin area you will also need the bugfix that follows.
Edit as needed to suit your store. NOTE BACKUP YOUR DATABASE BEFORE YOU USE THIS!
Heres the magic.... BACKUP NOW, run this in the sql tab of phpmyadmin or whatever method you prefer.
Code: Select all
UPDATE PREFIX_orders SET store_url = 'https://yourdomain.com';Here is the cpde if you prefer to do your own patch manually
For those with VQMOD, this is the fix to ensure you get the right store url into your orders in the first place.
make an xml file and paste this into it. (drop into vqmod/xml). then as per the normal manner of things, head into modifications and refresh. You can now place a test order then head to the order for edit tests.
Code: Select all
<modification>
<id>Bugfixes for Catalog ControllerCheckoutConfirm</id>
<version>1.0.0</version>
<vqmver>2.x</vqmver>
<author>Chris Serella | serella_c@hotmail.com</author>
<file name="catalog/controller/checkout/confirm.php">
<operation>
<search position="after"><![CDATA[$order_data['store_url'] = HTTP_SERVER;]]></search>
<add><![CDATA[
if( isset($_SERVER['HTTPS'] ) ) {
$order_data['store_url'] = HTTPS_SERVER;
}
]]></add>
</operation>
</file>
</modification>
And for those without or for those who simply want to manually hard code this: err good luck but all the same.
Open: /catalog/controller/checkout/confirm.php
Find:
Code: Select all
$order_data['store_url'] = HTTP_SERVER;Code: Select all
if( isset($_SERVER['HTTPS'] ) ) {
$order_data['store_url'] = HTTPS_SERVER;
}Yes, this is all described in a link I already posted...
NEVER take serious; anyone who gives negative impact statements with no ABSOLUTE proof!
OpenCart Helpful Information * Upgrade 1.5 to 2.1 * Upgrade 2.1 to 2.2
"Why do people NEVER have enough time to do it right but ALWAYS enough time to do it over?"
DO NOT EVER GIVE SOMEONE YOU DON"T KNOW ADMIN ACCESS TO ANYTHING!
I am NOT affiliated with OpenCart
Thanks for letting me know randem. I didn't get as far as your last post. I read where it was first claimed to be and found it didn't fix the issue when i patched it, from there it was a small step to realise the placement of the bug had to be during the checkout and so i went hunting.
I don't wish to detract from your effort, your information i'm sure is useful, I just wanted to reply to let you know i got there on my own volition and how i did it.
I don't wish to detract from your effort, your information i'm sure is useful, I just wanted to reply to let you know i got there on my own volition and how i did it.
Dear ll
i have this the same issues with 2.2.0.0 (I can't edit/mody orders (with SSL)
anyone can tell me how to fix it, i spend so much time to fix it, but fail, plz help me
Thank in advance
i have this the same issues with 2.2.0.0 (I can't edit/mody orders (with SSL)
anyone can tell me how to fix it, i spend so much time to fix it, but fail, plz help me
Thank in advance
This will work.
I had this particular issue. Once an order is created, I, the Admin, couldn't edit the order. It's not a bug or anything. It's a security update which opencart implemented via user/api, and is called during several operations on site, ie Order Additions, Deletions or Modifications.
For it to work for you, ask your host to disable mod_security for urls with "admin", or urls containing your IP Address, or check if your htaccess can overide and disable it from there.
You can also exclude per request/method type 'POST' or 'GET'.
Please note, Latest mod_sec is mod_security2
Guess am happy after I found out the real issue.
I had this particular issue. Once an order is created, I, the Admin, couldn't edit the order. It's not a bug or anything. It's a security update which opencart implemented via user/api, and is called during several operations on site, ie Order Additions, Deletions or Modifications.
For it to work for you, ask your host to disable mod_security for urls with "admin", or urls containing your IP Address, or check if your htaccess can overide and disable it from there.
You can also exclude per request/method type 'POST' or 'GET'.
Please note, Latest mod_sec is mod_security2
Guess am happy after I found out the real issue.
sergiubarbu wrote: ↑Tue Oct 20, 2015 9:59 pmHi
There is a BIG bug in the last version of OC 2.1.0.1 : I can't edit/modify the status of the order, or add a comment, when I use SSL!
If I deactivate SSL is working fine.
Any solution for this issue?
I tried to turn off the SSL, doesn't work!
It doesn't work if I paste the vqmod code into xml
Editing code with this also doesn't work:
the buttons still loads. I have a OC 2.3.0.2. and it is very frustrating. I need to update the orders immediately.
What should I do?
It doesn't work if I paste the vqmod code into xml
Editing code with this also doesn't work:
Code: Select all
$data['store_url'] = $order_info['store_url'];
# add the following
if( isset($_SERVER['HTTPS'] ) ) {
$data['store_url'] = str_replace('http://','https://',$data['store_url']);
}What should I do?
Who is online
Users browsing this forum: No registered users and 25 guests
