I have defined HTTPS in my config for both frontend and admin.
Everything seems fine apart from the admin login form. Its action is pointed to the HTTP instead of HTTPS.
If I enable HTTP admin to login then switch to HTTPS everything is fine but when I define HTTPS everywhere the login form still points to HTTP so I can't log in due to mixed content.
What constant is used to determine the action URL of the login form?
Check your .htaccess - it might have HTTP redirection defined. Also check config.php and make sure, it points to HTTPS everywhere.
Professional OpenCart extensions, support and custom work.
Contact me via email or Skype by support@thekrotek.com
The issue is the forms target is "http://domain.com/admin/index.php?route=common/login".
.htaccess rules are applied by apache on requests, as far as I am aware it doesn't rewrite the actual HTML. All the config.php constant values point to HTTPS.
That is:
//HTTP
define('HTTP_SERVER', 'https://domain.com/admin/');
define('HTTP_CATALOG', 'https://domain.com/');
define('HTTP_IMAGE', 'https://domain.com/image/');
define('HTTP_ADMIN', 'https://domain.com/admin/');
// HTTPS
define('HTTPS_SERVER', 'https://domain.com/admin/');
define('HTTPS_CATALOG', 'https://domain.com/');
define('HTTPS_IMAGE', 'https://domain.com/image/');
define('HTTPS_ADMIN', 'https://domain.com/admin/');
Did I miss any? I added this to admin config.php also.
I looked in the files that generate the form and it is populated by a variable "$action" so somewhere in the page lifecycle it is being set incorrectly. I think it is done by starter/router.php but I am not sure.
Everything else works fine. I could in theory hard code my sites link into the form but I would prefer to understand and fix the issue properly.
.htaccess rules are applied by apache on requests, as far as I am aware it doesn't rewrite the actual HTML. All the config.php constant values point to HTTPS.
That is:
//HTTP
define('HTTP_SERVER', 'https://domain.com/admin/');
define('HTTP_CATALOG', 'https://domain.com/');
define('HTTP_IMAGE', 'https://domain.com/image/');
define('HTTP_ADMIN', 'https://domain.com/admin/');
// HTTPS
define('HTTPS_SERVER', 'https://domain.com/admin/');
define('HTTPS_CATALOG', 'https://domain.com/');
define('HTTPS_IMAGE', 'https://domain.com/image/');
define('HTTPS_ADMIN', 'https://domain.com/admin/');
Did I miss any? I added this to admin config.php also.
I looked in the files that generate the form and it is populated by a variable "$action" so somewhere in the page lifecycle it is being set incorrectly. I think it is done by starter/router.php but I am not sure.
Everything else works fine. I could in theory hard code my sites link into the form but I would prefer to understand and fix the issue properly.
I created a Listing, containing several VqMod/OcMod-Extensions, for different OC-Versions,
related to this - sometimes 'internally' not linked to HTTPS - Matter. They are untested, and
they come as they are, I cannot support anybody, because I don't use https yet!
Good Luck !
Ernie
related to this - sometimes 'internally' not linked to HTTPS - Matter. They are untested, and
they come as they are, I cannot support anybody, because I don't use https yet!
Good Luck !
Ernie
My Github OC Site: https://github.com/IP-CAM
5'200 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.
Who is online
Users browsing this forum: No registered users and 287 guests
