huggettm Posted September 14, 2012 Share Posted September 14, 2012 Hi, just added SSL to my cc4 site, first of all it caused errors when I did not have it set to 'forced' as then I could not log in as a shopper, so i have set it to forced now. However, in the address bar it is showing session id info - eg : "ccUser=a04306f542b83c1392971e6423a50dd7" Which is obviously not ideal, this disappears if I turn off "Use search engine friendly URL?" - but obviously I don't want to do that either! (as it looks rubbish and Ill have to redo all my google merchant center feeds) Am I missing a setting somewhere? Any help would be great Thanks Mark Quote Link to comment Share on other sites More sharing options...
bsmither Posted September 14, 2012 Share Posted September 14, 2012 The ccUser is what CC4 would use as a cookie if cookies were permitted to be used in your server/php/ssl environment. There must be some sort of issue with SSL and Cubecart pages if you have to 'force' SSL to be used instead of letting CC4 decide for itself. Viewing Products, Categories, and Documents are all that search engines and links to merchant center feeds need to have access to. And those pages don't need to be behind SSL. Quote Link to comment Share on other sites More sharing options...
huggettm Posted September 14, 2012 Author Share Posted September 14, 2012 Hi bsmither, Thank you for the reply, when I didnt have 'force ssl' enabled i get an error when customers try to log in like this - ********************** Warning: preg_match() [function.preg-match]: Unknown modifier '/' in /home/wildfan/public_html/store/classes/session/cc_session.php on line 191 Warning: Cannot modify header information - headers already sent by (output started at /home/wildfan/public_html/store/classes/session/cc_session.php:191) in /home/wildfan/public_html/store/includes/functions.inc.php on line 98 Warning: Cannot modify header information - headers already sent by (output started at /home/wildfan/public_html/store/classes/session/cc_session.php:191) in /home/wildfan/public_html/store/includes/functions.inc.php on line 99 Warning: Cannot modify header information - headers already sent by (output started at /home/wildfan/public_html/store/classes/session/cc_session.php:191) in /home/wildfan/public_html/store/includes/functions.inc.php on line 101 ********************** Any ideas? Thanks Mark Quote Link to comment Share on other sites More sharing options...
bsmither Posted September 14, 2012 Share Posted September 14, 2012 I think you may be running CC4.4.3 or CC4.4.4? These are the only versions I have that have preg_match on line 191. And the statement looks fine to me. This statement is as it appears all the way to CC4.4.7, the latest version. Warnings 2-4 are because of the first warning. Quote Link to comment Share on other sites More sharing options...
huggettm Posted September 14, 2012 Author Share Posted September 14, 2012 Hello yes its 4.4.3, but I also have a 4.4.7 store doing exactly the same :( Quote Link to comment Share on other sites More sharing options...
bsmither Posted September 14, 2012 Share Posted September 14, 2012 Would you check the following with a copy of the statement from line 191 in the file /classes/session/cc_session.php: if (preg_match('/^http(s?):///i', $redir) && !preg_match('/^'.$glob['storeURL'].'|^'.$config['storeURL_SSL'].'/i', $redir)) { Also, in the file /includes/global.inc.php, find this statement and report what yours says: $glob['storeURL'] = 'YOUR_STORE_ADDRESS'; Then, in the admin screen for the Store's General Settings, what do you have for HTTPS Absolute URL:? Note: For these settings, there must not be a trailing slash. Quote Link to comment Share on other sites More sharing options...
huggettm Posted September 14, 2012 Author Share Posted September 14, 2012 Hi, Line 191 is if (preg_match('/^http(s?):///i', $redir) && !preg_match('/^'.$glob['storeURL'].'|^'.$config['storeURL_SSL'].'/i', $redir)) { /includes/global.inc.php = $glob['storeURL'] has 'www' in it whereas the https absolute does not. Quote Link to comment Share on other sites More sharing options...
bsmither Posted September 14, 2012 Share Posted September 14, 2012 The statement looks correct. I need to see the actual values you have given these items. I will recognize a rogue character if there is one. Can you verify if the SSL certificate you installed on your server specifies your domain without requiring the www? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.