SSL issue with contact, voucher, coupon & cart refresh

Quote

Post by f4tc4t » Fri Jan 23, 2015 11:00 pm

Hi everyone, first post and straight into an issue I have ;) I believe this is an SSL issue. How to stop "mixed content?" producing a security warning so the task can be completed e.g. contact, coupon, voucher or article refresh in cart? Apologies for any incorrect terminology.

On my recently installed opencart 1.5.6 I have an SSL certificate installed from the host provider. I have tested this on various sites and everything seems fine. But, when the contact form, coupon code, gift voucher or article amount refresh in shopping cart is used then a pop-up security window comes up.
Security Warning
Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party.
Are you sure you want to continue sending this information?
If either continue or cancel is clicked then nothing really happens apart from the warning window closes. e.g. contact mail is not sent but details removed from contact formula, no gift voucher or coupon is taken into account when entered in the cart and no refresh if the amount of articles are adjusted and refreshed in the cart.

- opencart is not in / but installed in /shop/ .htaccess adjusted as such (see below)
- Default theme with only a couple of colours adjusted in the stylesheet
- VQMOD 2.5.1 installed with - german language pack, powered plus and return request email extensions
- SSL active in admin backend and config.php adjusted as per below

/shop/config.php

Code: Select all

// HTTP
define('HTTP_SERVER', 'http://www."mydomain".net/shop/');

// HTTPS
define('HTTPS_SERVER', 'https://www."mydomain".net/shop/');

// DIR
define('DIR_APPLICATION', '/mnt/webo/a2/58/5854158/htdocs/shop/catalog/');
define('DIR_SYSTEM', '/mnt/webo/a2/58/5854158/htdocs/shop/system/');
define('DIR_DATABASE', '/mnt/webo/a2/58/5854158/htdocs/shop/system/database/');
define('DIR_LANGUAGE', '/mnt/webo/a2/58/5854158/htdocs/shop/catalog/language/');
define('DIR_TEMPLATE', '/mnt/webo/a2/58/5854158/htdocs/shop/catalog/view/theme/');
define('DIR_CONFIG', '/mnt/webo/a2/58/5854158/htdocs/shop/system/config/');
define('DIR_IMAGE', '/mnt/webo/a2/58/5854158/htdocs/shop/image/');
define('DIR_CACHE', '/mnt/webo/a2/58/5854158/htdocs/shop/system/cache/');
define('DIR_DOWNLOAD', '/mnt/webo/a2/58/5854158/htdocs/shop/download/');
define('DIR_LOGS', '/mnt/webo/a2/58/5854158/htdocs/shop/system/logs/');
------------------------------------------------------
/shop/admin/config.php

Code: Select all

// HTTP
define('HTTP_SERVER', 'http://www."mydomain".net/shop/admin/');
define('HTTP_CATALOG', 'http://www."mydomain".net/shop/');
define('HTTP_IMAGE', 'http://www."mydomain".net/shop/image/');

// HTTPS
define('HTTPS_SERVER', 'https://www."mydomain".net/shop/admin/');
define('HTTPS_CATALOG', 'https://www."mydomain".net/shop/');
define('HTTPS_IMAGE', 'https://www."mydomain".net/shop/image/');

// DIR
define('DIR_APPLICATION', '/mnt/webo/a2/58/5854158/htdocs/shop/admin/');
define('DIR_SYSTEM', '/mnt/webo/a2/58/5854158/htdocs/shop/system/');
define('DIR_DATABASE', '/mnt/webo/a2/58/5854158/htdocs/shop/system/database/');
define('DIR_LANGUAGE', '/mnt/webo/a2/58/5854158/htdocs/shop/admin/language/');
define('DIR_TEMPLATE', '/mnt/webo/a2/58/5854158/htdocs/shop/admin/view/template/');
define('DIR_CONFIG', '/mnt/webo/a2/58/5854158/htdocs/shop/system/config/');
define('DIR_IMAGE', '/mnt/webo/a2/58/5854158/htdocs/shop/image/');
define('DIR_CACHE', '/mnt/webo/a2/58/5854158/htdocs/shop/system/cache/');
define('DIR_DOWNLOAD', '/mnt/webo/a2/58/5854158/htdocs/shop/download/');
define('DIR_LOGS', '/mnt/webo/a2/58/5854158/htdocs/shop/system/logs/');
define('DIR_CATALOG', '/mnt/webo/a2/58/5854158/htdocs/shop/catalog/');
--------------------------------------------

I have seen posts with similar issue where it was mentioned that the .htaccess had been adjusted but as my .htaccess file has neither of the entries in these solutions they do not help me.

SSL on shopping cart doesn't allow updates to cart
http://forum.opencart.com/viewtopic.php?f=20&t=97332

and

Unsecure coupon box in cart after SSL
http://forum.opencart.com/viewtopic.php?f=20&t=125220

Part of my .htaccess if this helps anyone with a possible solution:

Code: Select all

Options +FollowSymlinks

# Prevent Directoy listing 
Options -Indexes

# Prevent Direct Access to files
<FilesMatch "\.(tpl|ini|log)">
 Order deny,allow
 Deny from all
</FilesMatch>

# SEO URL Settings
RewriteEngine On

RewriteBase /shop/
RewriteRule ^sitemap.xml$ index.php?route=feed/google_sitemap [L]
RewriteRule ^googlebase.xml$ index.php?route=feed/google_base [L]
RewriteRule ^download/(.*) /index.php?route=error/not_found [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !.*\.(ico|gif|jpg|jpeg|png|js|css)
RewriteRule ^([^?]*) index.php?_route_=$1 [L,QSA]
After many hours burning candle wax any help would be appreciated!
f4tc4t
Newbie
Posts
2
Joined
Fri Jan 23, 2015 9:23 pm
Top

Re: SSL issue with contact, voucher, coupon & cart refresh

Quote

Post by f4tc4t » Sun Feb 15, 2015 9:05 am

Just in case this may help others, I solved this.

I have an option at my host to force ssl on all calls within the website to https. Set this to active and everything worked.
f4tc4t
Newbie
Posts
2
Joined
Fri Jan 23, 2015 9:23 pm
Top

Re: SSL issue with contact, voucher, coupon & cart refresh

Quote

Post by rabbit777 » Tue Apr 21, 2015 6:27 pm

To f4tc4t,
I just have same issue for my SSL website.
May I know how to set host to force ssl on all calls within the website to https, please?
I just redirect my entire website URL from http to https. But still have same issue in Update function within shopping cart.
If you could provide more detailed info, it will be very helpful.
Thank you in advance for your time and help. :)
rabbit777
Newbie
Posts
4
Joined
Thu Oct 09, 2014 6:37 pm
Top

Re: SSL issue with contact, voucher, coupon & cart refresh

Quote

Post by rabbit777 » Tue Apr 21, 2015 6:51 pm

I just solve the problem.
I change the code in catalog/controller/checkout/cart.php, then it (Update button in shopping cart) works!

Find $data['action'] = $this->url->link('checkout/cart/edit');
Change to $data['action'] = $this->url->link('checkout/cart/edit', '', 'SSL');
rabbit777
Newbie
Posts
4
Joined
Thu Oct 09, 2014 6:37 pm
Top

Re: SSL issue with contact, voucher, coupon & cart refresh

Quote

Post by slewmania » Wed Apr 29, 2015 3:30 pm

@rabbit

Thanks for the code. Can I ask what version of OC you're using? Can't seem to see this exact code in 1.5.6

Cheers
Daz
slewmania
Newbie
Posts
13
Joined
Sat Apr 13, 2013 5:27 pm
Top

Re: SSL issue with contact, voucher, coupon & cart refresh

Quote

Post by rabbit777 » Wed Apr 29, 2015 3:37 pm

slewmania wrote:@rabbit

Thanks for the code. Can I ask what version of OC you're using? Can't seem to see this exact code in 1.5.6

Cheers
Daz
Sorry, I forgot this info. I use OpenCart 2.0.0.0.
rabbit777
Newbie
Posts
4
Joined
Thu Oct 09, 2014 6:37 pm
Top

Re: SSL issue with contact, voucher, coupon & cart refresh

Quote

Post by slewmania » Wed Apr 29, 2015 3:48 pm

Thanks Rabbit.

im on 1.5.6, I think to the code is similar, without the /edit.

Have you come across this little doozy? my contact form SSL lock is throwing mixed content errors even though "whynolock says everything is secure.

chrome/inspect element give me this (something it doesnt like on the contact form)

Mixed Content: The page at 'https://www.thaimarket.com.au/index.php ... on/contact' was loaded over a secure connection, but contains a form which targets an insecure endpoint 'http://www.thaimarket.com.au/index.php? ... on/contact'. This endpoint should be made available over a secure connection.

Bit out of my realm of knowledge.

this is the problem page :) https://www.thaimarket.com.au/index.php ... on/contact
slewmania
Newbie
Posts
13
Joined
Sat Apr 13, 2013 5:27 pm
Top

Re: SSL issue with contact, voucher, coupon & cart refresh

Quote

Post by rabbit777 » Wed Apr 29, 2015 4:23 pm

@slewmania

I just go to see your link https://www.thaimarket.com.au/index.php ... on/contact.
Do you make sure you install SSL Certificate correctly?
Some SSL Certificate need install along with the intermediate certificates.
If not install correctly, sometimes it will lead problem.

Sorry, it seems I can't provide any further useful info. for your problem.
Good luck ^_^
rabbit777
Newbie
Posts
4
Joined
Thu Oct 09, 2014 6:37 pm
Top

Re: SSL issue with contact, voucher, coupon & cart refresh

Quote

Post by slewmania » Tue Jun 09, 2015 8:29 am

@ Rabbit. Thank u man. This fixed the SSL issue for both my contact page and cart page. TYVM
slewmania
Newbie
Posts
13
Joined
Sat Apr 13, 2013 5:27 pm
Top

Re: SSL issue with contact, voucher, coupon & cart refresh

Quote

Post by stokeyblokey » Tue Aug 10, 2021 10:43 pm

Ok, for 1.5.6.x the instructions for this fix are:

Find: $this->data['action'] = $this->url->link('checkout/cart');

Change to: $this->data['action'] = $this->url->link('checkout/cart', '', 'SSL');

Thanks to the OP!

Stokey

User avatar
stokeyblokey
Active Member
Posts
316
Joined
Sat Aug 31, 2013 10:19 pm
Top
Post Reply
Return to “Installation, Upgrade, & Config Support”
Who is online

Users browsing this forum: No registered users and 7 guests