Please Login or Register

OSCommerce won't keep my sessions between HTTPS and HTTP

When I try to log into my OSCommerce shopping cart using https://secure.ucwebhost.com/~username url, my shopping cart isn't the same. It's like I have 2 carts, one for HTTP (unsecure) and one for HTTPS (secure).

This is a problem with the cookie settings. These are easy to fix with a simple change in the includes/configure.php file. For this example, I will be using the https://secure.ucwebhost.com/~username url. You may replace this url with any secure path you are currently using.

Edit the configure.php file located in the includes directory for your OSCommerce install. For this example it is:
~/public_html/catalog/includes

I have 5 lines I am concerned with:

define('HTTP_SERVER', 'http://www.domain.com'); // eg, http://localhost - should not be empty for productive servers
define('HTTPS_SERVER', 'https://secure.ucwebhost.com/~username'); // eg, https://localhost - should not be empty for productive servers
define('ENABLE_SSL', true); // secure webserver for checkout procedure?
define('HTTP_COOKIE_DOMAIN', 'www.domain.com');
define('HTTPS_COOKIE_DOMAIN', 'secure.ucwebhost.com');

The third line defines that when you are dealing with checking out and account configuration, it uses a secure link. ALl other links will be unsecure. You want to make sure that the HTTP_SERVER and HTTPS_SERVER domain names are equal to the HTTP_COOKIE_DOMAIN and HTTPS_COOKIE_DOMAIN setting as well. You will notice you do not include the "https" or the "~username" or any other folders at all, just the domain name.

With these settings, your viewers will have a seamless transition between secure and non-secure sites.



Was this answer helpful?

Add to Favourites Add to Favourites

Print this Article Print this Article
Also Read
Does UCwebhost support FTP over TLS or SSL? (Views: 881)

awards_sum