You are viewing this forum as a guest. Login to an existing account, or create a new account, to reply to topics and to create new topics.
Assuming that you have purchased the program after 03/14/2003, or purchased before that date, but also applied the 03/14/2003 update, follow these steps to use SSL for the entire checkout process.
Under HTML Page & Elements | Manage Site Elements, update the following elements:
Site HTML Layout
Store Header - Tracking
Store Header - No Tracking
Shopping Cart - Footer - Update
Shopping Cart - Footer - Shop
And change the links:
###
<A HREF="(CGIVAR)common_url(/CGIVAR)&pg=ste_chkout_proc">
###
To:
###
<A HREF="(CGIVAR)common_secure_url(/CGIVAR)">
###
Then in the file ./cgi-bin/library/common/vars.pl in the first routine in the file, look for the lines:
###
if ($fd_secure eq "Y") {
$images_path = "$store_secure_site_url_media/images";
$common_url_javascript = "$store_secure_site_url_media/javascript";
###
And change to:
###
$common_secure_url = "$store_secure_site_url?usr=$fd_usr&rnd=$fd_rnd&rrc=N&cip=$fd_cip&secure=Y";
if ($fd_secure eq "Y") {
$common_url_form = "$store_secure_site_url";
$images_path = "$store_secure_site_url_media/images";
$common_url_javascript = "$store_secure_site_url_media/javascript";
###
This will keep everything secure from the moment the user clicks the 'checkout' link or button.
___________________________
Nick Hendler
Webmaster, Kryptronic, Inc.
Offline
Nick, thanks for the post and the email reply. Can anyone recommend a good web host that can run ccp5 and provide shared SSL Certificate on the same server. My current host provides SSL on a different server and although I am sure it can be setup, I am having a great deal of trouble with them. I would also like sql database as well.
I must state that I run an adult oriented site.
Thanks for any suggestions.
Mickey
<font size="1" color="#FF0000">LAST EDITED ON 04-15-03 AT 09:36 PM (EST)</font><p>www.fatcow.com
This is the hosting company that I use. I use the shared SSL and MySQL. They have a toll Free Tech line. I have been very pleased with them. As faw as I know my site has NOT been down once in the almost year that I have been with them.
If you go to my site desing page there is a link where I will get credit if you sign up. http://www.northstar3c.com/site_design.html
Hope this helps.
Thom
Offline
Thanks for the info. I checked them out and they look fine except their rates for transfer are a little expensive. Being an adult site, where maybe one person in about 750 actually buys, traffic rates are a concern.
Thanks for the info though.
Mickey
wwwnightmovesdvd.com
I'm not getting any errors, but i did not have the &pg=ste_chkout...etc on the HTML layout (because it was customized), Store header - tracking, or Store header - no tracking. These tracking files contain only the following:
(CGIGET TYPE="SUB" VALUE="ste_cat_nav")<br>
I can't find ste_cat_nav anywhere. Essentially, the problem is that when I click the checkout button, it takes me back to the homepage, and that is it. Please let me know what could be causing this. Thanks!
Ok, figured it out. I only needed to make chages in the two Shopping Cart files, because that is the only place such a link was defined. However, rather than replacing:
<A HREF="(CGIVAR)common_url(/CGIVAR)&pg=ste_chkout_proc">
with
<A HREF="(CGIVAR)common_secure_url(/CGIVAR)">
I replaced the first line with this:
<A HREF="(CGIVAR)common_secure_url(/CGIVAR)&pg=ste_chkout_proc">
Otherwise, without the &pg=ste_chkout_proc, it would take me back to my home page, which makes sense.
I also edited the vars.pl file, and did do exactly as described above.
I can make a purshase just fine with the lock there the whole time.
Tell me if this is a legitimate way of working it, or if i opened up a security hole of some sort some how, thanks!
<font size="1" color="#FF0000">LAST EDITED ON 04-24-03 AT 10:16 AM (EST)</font><p>The forum is getting filled with these alterations to the SSL checkout settings. Someone doing a search will see a lot of threads, pick one or two and think they've got it. Even after the 4/14/03 post by Nick with a complete series of steps, there were alterations/improvements to the post.
Is there some place outside the forum to supply ONLY the latest versions of these things? Experts wanting to tinker can search the forum for previous renditions. There is a download section on the site which would be a good spot.
BTW, do these SSL checkout changes get made using the Admin on the https or the Admin copy on the http server? Same question for the vars.pl routine.
Maybe the Admin doesn't belong on the https server - see, I'm still lost. Need explicit definitions and instructions.
Offline
Good point. We're working right now on getting all cool unaltered mods in one spot out here. As for these changes - they would be made to the non-https area.
___________________________
Nick Hendler
Webmaster, Kryptronic, Inc.
Offline
From your various new posts I have read this morning Nick it sounds like good things for the future. Thanks.
Offline
I have been digging in the archives to try and better understand if I can use a shared SSL from my web hosting company. Looks like I can based on what I've read.
As suggested by Prolink on 04/24/03, was there a place ever created with the "latest and greatest" SSL info is compiled?
I would like to use Authorize.net AIM with a shared SSL, and I am still doing research to make sure I can do it (and how to do it).
Edward
Offline
I would like to use Authorize.net AIM with a shared SSL, and I am still doing research to make sure I can do it (and how to do it).
You can do this. Just enter your appropriate SSL URLs in admin under Global Settings | Manage Program Settings and turn on the AIM method.
Offline
Thanks for the reply Nick.
- Edward
Offline
Hi Nick
Is this thread still current for CCP51 + 2004 update? I tried to apply the changes and I just got thrown back to the first page.
What do I still need to do to have the entire checkout process secure?
Steven
Offline
No, this is only for CCP 5.0. CCP 5.1 has an entirely different method for securing checkout. See the site layout in the demo at clickcartpro.com for info on how it's done in CCP 5.1.
Offline