Cart worked fine, I turned on SSL and the whole thing died

November 19, 2006

I have since reloaded all my files. And the cart is now working but not 100% like before. And when I try to get to my admin for the store it returns a "page not found". I've been messing with my global.inc file but nothing seems to help.

<?php

$glob['dbdatabase'] = '';

$glob['dbhost'] = 'localhost';

$glob['dbpassword'] = '';

$glob['dbprefix'] = '';

$glob['dbusername'] = '';

$glob['installed'] = '1';

$glob['rootDir'] = '/home/hometown/public_html';

$glob['rootRel'] = '/store/';

$glob['storeURL'] = 'http://www.hometownmeats.biz/store';

?>

Looks like others have had this problem, but noone has a definate fix. I'm running the newest version of CubeCart.

roban · November 19, 2006

A simple search would have turned up this:

<?php

/*

+--------------------------------------------------------------------------

| CubeCart v3.0.3

| ========================================

| by Alistair Brookbanks

| CubeCart is a Trade Mark of Devellion Limited

| Devellion Limited,

| Westfield Lodge,

| Westland Green,

| Little Hadham,

| Nr Ware, HERTS.

| SG11 2AL

| UNITED KINGDOM

| http://www.devellion.com

| UK Private Limited Company No. 5323904

| ========================================

| Web: http://www.cubecart.com

| Date: Thursday, 25 August 2005

| Email: info (at) cubecart (dot) com

| License Type: CubeCart is NOT Open Source Software and Limitations Apply

| Licence Info: http://www.cubecart.com/site/faq/license.php

+--------------------------------------------------------------------------

| editconf.php

| ========================================

| Config recovery tool

+--------------------------------------------------------------------------

*/

if(!isset($_GET['c'])){

header("Location: editconf.php?c=config");

exit;

}

include_once("includes/ini.inc.php");

include_once("includes/global.inc.php");

include_once("classes/db.inc.php");

$db = new db();

include_once("includes/functions.inc.php");

include_once("admin/includes/functions.inc.php");

if(isset($_POST['data'])){

//$config = fetchDbConfig($_GET['c']);

$msg = writeDbConf($_POST['data'],$_GET['c'], $config, $_GET['c']);

}

$config = fetchDbConfig($_GET['c']);

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<head>

<title>CubeCart - Config Recovery Tool</title>

<!--

function MM_jumpMenu(targ,selObj,restore){ //v3.0

eval(targ+".location='"+selObj.options[selObj.selectedIndex].value+"'");

if (restore) selObj.selectedIndex=0;

}

//-->

</script>

<!--

body,td,th {

font-family: Verdana, Arial, Helvetica, sans-serif;

}

.code {

font-family: "Courier New", Courier, mono;

color: #000000;

}

.redText {color: #FF0000}

-->

</style></head>

<body>

<h1>Config Recovery Tool</h1>

<p><strong>Devellion Ltd & CubeCart provide this script without any warranty of any kind and by proceeding you are doing so entirely at your own risk.</strong></p>

<p>This tool is designed to edit your config file if for some reason your store becomes corrupt due to incorrectly changing your settings.</p>

<p>Example: If you have switched on SSL mode and your store has become broken. Select "config" from the dropdown menu below and set

$config['ssl']

to 0. No test to see if your store has been fixed and if so delete this file from the server. </p>

<p class="redText"><strong>IMPORTANT:</strong> You must NOT leave this file on your server as it is a VERY high security risk!</p>

<p><a href="index.php" target="_blank">View Store Front</a> - (Opens in New Window)<br />

<a href="admin/" target="_blank">View Store Admin</a> - (Opens in New Window)</p>

<p>Select Config to edit:

<?php

$query = "SELECT * FROM ".$glob['dbprefix']."CubeCart_config";

$results = $db->select($query);

?>

<?php for ($i=0; $i<count($results); $i++){ ?>

<?php } ?>

</select>

</p>

<tr>

<td><strong>Variable name: </strong></td>

<td><strong>Current Value: </strong></td>

<td><strong>New Value: </strong></td>

</tr>

<?php foreach($config as $key => $value) { ?>

<tr>

<td>

</td>

</tr>

<?php } ?>

<tr>

</tr>

</table>

</form>

</body>

</html>

Save this file as editconf.php, upload it to your site's root and run the script. This will allow you to turn off ssl

November 19, 2006

Yeah, I tried the config tool BEFORE coming onto the forum to post my question. It didn't fix the problem. The point of this is NOT figuring our how to turn off SSL, but how to get CubeCart to work correctly with it.

Am I wrong in thinking that the form where the customer fills in their credit card info before sending it to Authorize.net for processing should be done on a secure page?

roban · November 19, 2006

Yes that is quite correct. If you are using a shared ssl you can look for answers in other places. Dedicated ssl is the only way to go for an e-commerce site.

How did you set up your ssl in admin control panel?

November 19, 2006

My certificate is a shared cert. I read somewhere on this forum that a shared one could be used. It's already setup with the hosting account. I use it by calling my pages using the follwing link: https://rs522.securehostsever.com/~hometown/yadayada

So if I bought a dedicated cert that would fix the problem with why I can't find or login to my admin area?

roban · November 19, 2006

You can't log in probably because your ssl config is wrong

November 20, 2006

My certificate is a shared cert. I read somewhere on this forum that a shared one could be used. It's already setup with the hosting account. I use it by calling my pages using the follwing link: https://rs522.securehostsever.com/~hometown/yadayada

So if I bought a dedicated cert that would fix the problem with why I can't find or login to my admin area?

Hi Topgun -

Not sure if I can help you to rectify the prob. But I went through the same thing that you did. Here is my thread, if someone has any better idea, I am open to it. Here is what I did:

Doing business online carries certain amount of liabilities, i.e. to ensure customer privacy, etc.; I'd prefer to transfer as much liabilities to someone else other than me...Therefore, on my website, I set up 3 ways of pmt.

1. Mail in form - it's old but it may still be applicable for some.

2. PayPal checkout, where the actual cc processing takes place at PP instead of my site. Since I don't collect cc information, I am less liable to ensure the security for it.

3. 2CO.com checkout, it applies the same methodology - no cc processing at my site.

Here are the pros:

a. I don't have to purchase a SSL certificate, which adds more to my ever growing expense list.

b. I have less things to manage besides being many other things - you know, the less is the better!

c. The 2CO setup took me about 5 minutes, it was a total shocked!

d. 2CO confirmed the payments and let you know when it is safe to ship your goods - now, that's I call "Security".

Here are the cons:

a. I don't have those fancy SSL certificate to display on my site to entrust customer to transact; I tried to rectify this by mention it in my "Privacy Policy".

b. I have to pay fees, just like at any other places:

For PP, I think it was bet. 3 - 5% per transaction?

For 2CO, there is a $45 flat fee up front; thereafter, 5% per trans.

c. I heard some naughty things that PP did to people who fell victim to fraud transactions, I sure don't want to be in their shoes and have my business disruppted.

That's all, folks! :innocent:

Sign In

Cart worked fine, I turned on SSL and the whole thing died

Recommended Posts

Guest

Link to comment

Share on other sites

roban

Link to comment

Share on other sites

Guest

Link to comment

Share on other sites

roban

Link to comment

Share on other sites

Guest

Link to comment

Share on other sites

roban

Link to comment

Share on other sites

Guest Meow Meow

Link to comment

Share on other sites

Join the conversation

Browse

Activity