SSL on Dolphin 7.0.2

I have my SSL cert installed on my server, but yet I can't figure out how to enable SSL on 7.0.2

 

I read a post in the dolphin 6.1 forum about editing my template/scripts/function.php but that file doesn't exist in dolphin 7.0.2

I am using a custom template so I went in and copied the BxTemplFunctions.php from the templates/base/scripts/ folder to my template folder /templates/tmpl_baseball1/scripts/functions folder and I pasted in the follow text per the instructions in the forum post for dolphin 6.1

if ($_SERVER['HTTPS'] && ($_SERVER['HTTPS'] != 'off'))
{
// Replace Global Site values
foreach($GLOBALS['site'] as $szTempKey => $szTempVal)
{
$GLOBALS['site'][$szTempKey] = str_replace('http://', 'https://', $szTempVal);
}
$GLOBALS['page']['extra_js'] = str_replace('http://', 'https://', $GLOBALS['page']['extra_js']);
$GLOBALS['page']['extra_css'] = str_replace('http://', 'https://', $GLOBALS['page']['extra_css']);
$GLOBALS['sHomeUrl'] = str_replace('http://', 'https://', $GLOBALS['sHomeUrl']);
$GLOBALS['sGlobalPath'] =str_replace('http://', 'https://', $GLOBALS['sGlobalPath']);
$GLOBALS['sGlobalUrl'] =str_replace('http://', 'https://', $GLOBALS['sGlobalUrl']);
$GLOBALS['sDataPath'] = str_replace('http://', 'https://', $GLOBALS['sDataPath']);

// Replace Template Config values
foreach($GLOBALS['oTemplConfig'] as $szTempKey => $szTempVal)
{
if (is_string($szTempVal))
$GLOBALS['oTemplConfig']->$szTempKey = str_replace('http://', 'https://', $szTempVal);
}
// Replace Template Site values
foreach($GLOBALS['oTemplConfig']->aSite as $szTempKey => $szTempVal)
{
if (is_string($szTempVal))
$GLOBALS['oTemplConfig']->aSite[$szTempKey] = str_replace('http://', 'https://', $szTempVal);
}
}

However that didn't seem to do anything when I went to https://www.MYDOMAIN.com/index.php  it just redirected me to http://www.MYDOMAIN.com/index.php

 

So I completely undid that and I am back to the way it was.  So again, I am left with the question of, how  do you enable SSL for Dolphin 7.0.2 ??  Seems like it should be a core feature considering many people use dolphin for paid memberships.

Thanks,

 

Chad

Quote · 15 Aug 2010

Why don't you change the domain in your header.inc.php file to use HTTPS?

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
Quote · 15 Aug 2010

Well I could do that, but I would rather not have every single page on the site to be forced to use SSL.  I really only want to specify specific pages like the join.php and edit and the payment page.

Quote · 15 Aug 2010

 

Why don't you change the domain in your header.inc.php file to use HTTPS?

Changing the entire site to redirect to https would make loading incredibly slow.

Have you got this working yet? You know you need to also apply rules to your .htaccess in order to specify which pages are to redirect to https...

That code is located here:

 

RewriteRule "^(pedit.php)$" - [env=whwSecure:https]
RewriteRule "^(join.php.*)$" - [env=whwSecure:https]

#Redirect to normal site.
RewriteCond %{HTTPS} on
RewriteCond %{env:whwSecure} !https
RewriteCond %{REQUEST_URI} !^.*simg.php
RewriteCond %{REQUEST_URI} ^.+.php [OR]
RewriteCond %{REQUEST_URI} ^.+/$
RewriteRule "^(.*)$" "http://%{HTTP_HOST}/community/$1" [R=301,L]

#Redirect to Secure site
RewriteCond %{HTTPS} off
RewriteCond %{env:whwSecure} https
RewriteRule "^(.*)$" "https://%{HTTP_HOST}/community/$1" [R=301,L]

Taking Dolphin and Making Profitable Websites Since 2009 :)
Quote · 2 Sep 2010

We really need a solution to this.

I've contacted Anton about this and he said the following:

 

Unfortunately I don't know how to apply SSL protocol to site or pages. Never was trying that.
You can try to apply those instructions to templates/base/scripts/BxBaseFunctions.php but I doubt that it'll work, because many mechanisms and variables were changed since Dolphin 6.1 to Dolphin 7.0

 

-From Anton

Taking Dolphin and Making Profitable Websites Since 2009 :)
Quote · 2 Sep 2010

Solution from AntonLV

It is working form me :)

In the .htaccess file right after the line

RewriteEngine on

add the code

RewriteRule "^(pedit.php)$" - [env=whwSecure:https]
RewriteRule "^(join.php.*)$" - [env=whwSecure:https]

#Redirect to normal site.
RewriteCond %{HTTPS} on
RewriteCond %{env:whwSecure} !https
RewriteCond %{REQUEST_URI} !^.*simg.php
RewriteCond %{REQUEST_URI} !^.*tiny_mce_gzip.php
RewriteCond %{REQUEST_URI} ^.+.php [OR]
RewriteCond %{REQUEST_URI} ^.+/$
RewriteRule "^(.*)$" "http://%{HTTP_HOST}/$1" [R=301,L]

#Redirect to Secure site
RewriteCond %{HTTPS} off
RewriteCond %{env:whwSecure} https
RewriteRule "^(.*)$" "https://%{HTTP_HOST}/$1" [R=301,L]

then in the inc/header.inc.php file before the line and change "yoursite.com" with your actual site

$admin_dir                 = "administration";

insert the code

$aSSLURLs = array(
'/pedit.php',
'/join.php',
'/simg/simg.php',
'/plugins/tiny_mce/tiny_mce_gzip.php',
);
if(in_array($_SERVER['PHP_SELF'], $aSSLURLs)) {
$site['url'] = "https://yoursite.com/";
}

------------------------------------

Or if you site is in a subdirectory, for example http://yoursite.com/subdir

Once again, make sure you update the URLS to your site in both header.inc.php and .htaccess

 

.htaccess:

RewriteRule "^(join.php)$" - [env=whwSecure:https]

RewriteRule "^(pedit.php)$" - [env=whwSecure:https]

#Redirect to normal site.
RewriteCond %{HTTPS} on
RewriteCond %{env:whwSecure} !https
RewriteCond %{REQUEST_URI} !^.*simg.php
RewriteCond %{REQUEST_URI} !^.*tiny_mce_gzip.php
RewriteCond %{REQUEST_URI} !^.*member_menu_queries.php
RewriteCond %{QUERY_STRING} !^.*simple_messenger
RewriteCond %{REQUEST_URI} ^.+.php [OR]
RewriteCond %{REQUEST_URI} ^.+/$
RewriteRule "^(.*)$" "http://%{HTTP_HOST}/subdir/$1" [R=301,L]

#Redirect to Secure site
RewriteCond %{HTTPS} off
RewriteCond %{env:whwSecure} https
RewriteRule "^(.*)$" "https://%{HTTP_HOST}/subdir/$1" [R=301,L]

header.inc.php

$aSSLURLs = array(
'/subdir/join.php',

'/subdir/pedit.php',

);

if(in_array($_SERVER['PHP_SELF'], $aSSLURLs)) {
$site['url'] = "https://yoursite.com/subdir/";
}

Taking Dolphin and Making Profitable Websites Since 2009 :)
Quote · 3 Sep 2010

Hi,

Firstly, thank you to all for posting the above Smile

 

I've followed the instructions and they work up to a point. Not all the content within join.php is delivered via the SSL connection so the site doesn't have the full SSL connection (e.g. in IE you get a message about part of the content not being delivered securely and in Chrome the https:// is marked as red!). How do I go about making all content in join.php and also for the member login section?

Thanks in advance for your help,

Bhavesh

Quote · 11 Sep 2010

I am experiencing the same issue within chrome.  Within firefox it starts loading the SSL icon in the addressbar but then it goes away after a second.

Quote · 11 Sep 2010

I have the same problem my hosting don't want to install my SSL on my site

here is the last messages from hem

_________________________________________________

 

Hello,

If you view your source code on your page, you will still see that there are links using http instead of https. Until these are updated you will continue to see the exclamation mark on the SSL lock in your browser.

Some examples that I see are
On https://www.site.com

<link rel="shorcut icon" href="HTTP://mysite.com/media/images/favicons/mysite.png" />
<link rel="image_src" href="HTTP://mysite.com/templates/tmpl_uni/banners/big2/mysite.png" />

Unfortunately we are not able to update your source code for you. You must make the changes yourself and republish the website. I do apologize for the inconvenience.

Please feel free to contact us if you have any more questions or concerns.


Best regards,
Matthew L. Johnson

____________________________________________________________

 

I don't realy know wat he want me to do I make the changes to this

 

<link rel="shorcut icon" href="HTTP:/media/images/favicons/mysite.png" />
<link rel="image_src" href="HTTP:/templates/tmpl_uni/banners/big2/mysite.png" />

 

but still no fix or update can you help me with this guy

 

Thank's

 

 

Post Reply - if you going to help - No for - bla bla bla bla
Quote · 11 Sep 2010

Hi,

I take it that they do want you to go through the php code and amend to be https://

Having just viewed the source code (on my site) whilst on the join.php page there are lots of links to just http://

I wonder if a 'replace http with https' would do the trick for everything within join.php ?

Guess there's only one way to find out! lol

 

Bhav

Quote · 12 Sep 2010

I've managed to get rid of all the IE and Chrome SSL warnings by taking a few steps. The most important for me was the following:

Make a separate base header and footer file for your secure pages. This can be done in the template folders. This way you can eliminate any not-needed non-https links within those files.

The pages you'd like to apply this to you will need to change the template page_x.html to call the secure header and footer.

 

If you need some professional help in doing this please pm me. I've worked a lot with dolphin and SSL.

Taking Dolphin and Making Profitable Websites Since 2009 :)
Quote · 13 Sep 2010

You want to run SSL for the whole site? Or just for payment?

----
Quote · 14 Sep 2010

I like to run this for the hole site

if you talking to me if not  I will liek to run this on my hole site two

 

You want to run SSL for the whole site? Or just for payment?

 

Post Reply - if you going to help - No for - bla bla bla bla
Quote · 15 Sep 2010

 

I like to run this for the hole site

if you talking to me if not  I will liek to run this on my hole site two

 

You want to run SSL for the whole site? Or just for payment?

 

If you want to run it for the entire site you simply need to change the link in inc/header.inc.php to https://www.yoursite.com

And you obviously need the SSL cert installed on your server by your host.

Taking Dolphin and Making Profitable Websites Since 2009 :)
Quote · 15 Sep 2010

Ok

So you telling me to change from this http://www.mysite.com/  to this >> https://wwwmysite.com/

Post Reply - if you going to help - No for - bla bla bla bla
Quote · 15 Sep 2010

 

Ok

So you telling me to change from this http://www.mysite.com/  to this >> https://wwwmysite.com/

Yes that's what I'm telling you.

Taking Dolphin and Making Profitable Websites Since 2009 :)
Quote · 15 Sep 2010

Thank's

a lot let see wat my host say maybe they gime me another stupid excuses

 

 

Ok

So you telling me to change from this http://www.mysite.com/  to this >> https://wwwmysite.com/

Yes that's what I'm telling you.

 

Post Reply - if you going to help - No for - bla bla bla bla
Quote · 15 Sep 2010

 

Thank's

a lot let see wat my host say maybe they gime me another stupid excuses

 

This is a change you make in your inc/header.inc.php, not a hosting server change. (The SSL is installed by your host though.)

Taking Dolphin and Making Profitable Websites Since 2009 :)
Quote · 15 Sep 2010

See my hosting is driving me nuts with this pc shit SSL

look wat they tell me know

__________________________________________________

 

11:34:32 PM) David Ha: has entered the chat.
(11:34:34 PM) David Ha: Hello, welcome to Hosting Live Chat.  My name is David.
(11:34:49 PM) UFO360: Hi David
(11:35:10 PM) UFO360: I'm waiting for some one to install my SSL on my site mysite.com
(11:35:59 PM) David Ha: Is that the primary domain on the account or an addon?
(11:36:06 PM) UFO360: MHW-13896747
(11:36:14 PM) UFO360: my primary is: mysite.com
(11:36:26 PM) UFO360: but the SSL is going to be install on mysite.com
(11:39:23 PM) David Ha: I am at https://www.mysite.com and The page is loading.  What is the issue you are seeing with the site?
(11:39:30 PM) UFO360: i change the likns from http:  to https:
(11:39:54 PM) UFO360: this is my ticket
(11:39:55 PM) UFO360: MHW-13896747
(11:41:25 PM) David Ha: I see the ticket and I have the page loaded.  What is the specific issue you are having with the SSL installation?
(11:42:59 PM) UFO360: is not issue I don't see my SSL install on my site
(11:43:13 PM) UFO360: I don't see the icon for the lock
(11:48:29 PM) David Ha: I see the lock but there is the warning that there is some unauthenticated content on the page.
(11:48:50 PM) UFO360: Noo
(11:48:55 PM) UFO360: I see the lock now two
(11:49:15 PM) UFO360: but with the warning icon
(11:50:24 PM) UFO360: my site is a social network
(11:51:12 PM) David Ha: What that warning is saying is that there is some content on the page that is not compatible with the SSL certificate.
(11:51:50 PM) UFO360: wat do you mean is not compatible
(11:52:21 PM) David Ha: There are either images, links, or scripts that are not set to use the SSL.
(11:52:53 PM) UFO360: ooh ok
(11:52:59 PM) UFO360: I set all the links
(11:53:54 PM) David Ha: Even the scripts need to be set to where they use the SSL certificate.
(11:54:33 PM) UFO360: can you tell me in wat part the on the site is not set to >> https
(11:55:54 PM) David Ha: I cannot see that from viewing the page.  You will need to check the script documentation and also check the plugins you are using.
(11:56:41 PM) UFO360: No problem
(11:56:45 PM) UFO360: Thank's
(11:56:48 PM) UFO360: closed this chat intentionally.

Post Reply - if you going to help - No for - bla bla bla bla
Quote · 15 Sep 2010

 

See my hosting is driving me nuts with this pc shit SSL

look wat they tell me know

__________________________________________________

 

11:34:32 PM) David Ha: has entered the chat.
(11:34:34 PM) David Ha: Hello, welcome to Hosting Live Chat.  My name is David.
(11:34:49 PM) UFO360: Hi David
(11:35:10 PM) UFO360: I'm waiting for some one to install my SSL on my site mysite.com
(11:35:59 PM) David Ha: Is that the primary domain on the account or an addon?
(11:36:06 PM) UFO360: MHW-13896747
(11:36:14 PM) UFO360: my primary is: mysite.com
(11:36:26 PM) UFO360: but the SSL is going to be install on mysite.com
(11:39:23 PM) David Ha: I am at https://www.mysite.com and The page is loading.  What is the issue you are seeing with the site?
(11:39:30 PM) UFO360: i change the likns from http:  to https:
(11:39:54 PM) UFO360: this is my ticket
(11:39:55 PM) UFO360: MHW-13896747
(11:41:25 PM) David Ha: I see the ticket and I have the page loaded.  What is the specific issue you are having with the SSL installation?
(11:42:59 PM) UFO360: is not issue I don't see my SSL install on my site
(11:43:13 PM) UFO360: I don't see the icon for the lock
(11:48:29 PM) David Ha: I see the lock but there is the warning that there is some unauthenticated content on the page.
(11:48:50 PM) UFO360: Noo
(11:48:55 PM) UFO360: I see the lock now two
(11:49:15 PM) UFO360: but with the warning icon
(11:50:24 PM) UFO360: my site is a social network
(11:51:12 PM) David Ha: What that warning is saying is that there is some content on the page that is not compatible with the SSL certificate.
(11:51:50 PM) UFO360: wat do you mean is not compatible
(11:52:21 PM) David Ha: There are either images, links, or scripts that are not set to use the SSL.
(11:52:53 PM) UFO360: ooh ok
(11:52:59 PM) UFO360: I set all the links
(11:53:54 PM) David Ha: Even the scripts need to be set to where they use the SSL certificate.
(11:54:33 PM) UFO360: can you tell me in wat part the on the site is not set to >> https
(11:55:54 PM) David Ha: I cannot see that from viewing the page.  You will need to check the script documentation and also check the plugins you are using.
(11:56:41 PM) UFO360: No problem
(11:56:45 PM) UFO360: Thank's
(11:56:48 PM) UFO360: closed this chat intentionally.

Your hosting provider is correct and has been very clear. You need to eliminate any content on that page that may not be secure. I posted the solution to this above, creating a separate header and footer file for your secure pages and eliminating the unsecured content from them.

 

If you'd like professional help in doing this please pm me.

Taking Dolphin and Making Profitable Websites Since 2009 :)
Quote · 15 Sep 2010

Wat content I need to remove from my site

lol

my members

my videos

my music

wat content

lol

Post Reply - if you going to help - No for - bla bla bla bla
Quote · 15 Sep 2010

I use AntonLVs code for pedit.php and join.php and it works very well. I only have one problem, how to force the payment pages to switch to SSL? It's not a normal php file i could just add, it is a modules that is

a) rewritten to a friendly URL like m/payment/cart/

b) but the normal URL is like modules/index.php?r=payment/cart/

I tried lots but without real success because it affects other modules then too and also i always loose the friendly URLs

Anybody has payment on SSL yet? This drives me nuts. Without SSL on payment it's not possible to run a paid site with dolphin.

Check my GeoDistance, Watermark, TorBlock and Android Push Notifications mods | http://goo.gl/H3Vp81
Quote · 10 Jan 2013

Hello, I need help in this case. Now I have Dolphin 7.1.3 (soon I update to 7.1.4) I bought on my server SSL service, because I'm interested in the appearance of https:// at the join page for example. This will increase the importance and credibility of my website.

After I make changes I have acces denied on my website when I try register. And website not work about 5 hours after that because was sometnhing wrong with my .htaccess

Can someone help me with this installation SSL please?

Solution from AntonLV

It is working form me :)

In the .htaccess file right after the line

RewriteEngine on

add the code

RewriteRule "^(pedit.php)$" - [env=whwSecure:https]
RewriteRule "^(join.php.*)$" - [env=whwSecure:https]

#Redirect to normal site.
RewriteCond %{HTTPS} on
RewriteCond %{env:whwSecure} !https
RewriteCond %{REQUEST_URI} !^.*simg.php
RewriteCond %{REQUEST_URI} !^.*tiny_mce_gzip.php
RewriteCond %{REQUEST_URI} ^.+.php [OR]
RewriteCond %{REQUEST_URI} ^.+/$
RewriteRule "^(.*)$" "http://%{HTTP_HOST}/$1" [R=301,L]

#Redirect to Secure site
RewriteCond %{HTTPS} off
RewriteCond %{env:whwSecure} https
RewriteRule "^(.*)$" "https://%{HTTP_HOST}/$1" [R=301,L]

then in the inc/header.inc.php file before the line and change "yoursite.com" with your actual site

$admin_dir                 = "administration";

insert the code

$aSSLURLs = array(
'/pedit.php',
'/join.php',
'/simg/simg.php',
'/plugins/tiny_mce/tiny_mce_gzip.php',
);
if(in_array($_SERVER['PHP_SELF'], $aSSLURLs)) {
$site['url'] = "https://yoursite.com/";
}

------------------------------------

Or if you site is in a subdirectory, for example http://yoursite.com/subdir

Once again, make sure you update the URLS to your site in both header.inc.php and .htaccess

 

.htaccess:

RewriteRule "^(join.php)$" - [env=whwSecure:https]

RewriteRule "^(pedit.php)$" - [env=whwSecure:https]

#Redirect to normal site.
RewriteCond %{HTTPS} on
RewriteCond %{env:whwSecure} !https
RewriteCond %{REQUEST_URI} !^.*simg.php
RewriteCond %{REQUEST_URI} !^.*tiny_mce_gzip.php
RewriteCond %{REQUEST_URI} !^.*member_menu_queries.php
RewriteCond %{QUERY_STRING} !^.*simple_messenger
RewriteCond %{REQUEST_URI} ^.+.php [OR]
RewriteCond %{REQUEST_URI} ^.+/$
RewriteRule "^(.*)$" "http://%{HTTP_HOST}/subdir/$1" [R=301,L]

#Redirect to Secure site
RewriteCond %{HTTPS} off
RewriteCond %{env:whwSecure} https
RewriteRule "^(.*)$" "https://%{HTTP_HOST}/subdir/$1" [R=301,L]

header.inc.php

$aSSLURLs = array(
'/subdir/join.php',

'/subdir/pedit.php',

);

if(in_array($_SERVER['PHP_SELF'], $aSSLURLs)) {
$site['url'] = "https://yoursite.com/subdir/";
}

 

Quote · 6 Aug 2013

The same problem on my site. I bought a dedicated SSL certificate on my VPS server, but the join page does not work correctly in chrome.

Quote · 6 Aug 2013

So if anyone can help us on this please?

Quote · 10 Aug 2013

100 days later the solution is still not found in header.inc.php is possible to redirect the site but i dont want everything just m/payement + login system and profile

anyone

Quote · 27 Nov 2013

100 days later the solution is still not found in header.inc.php is possible to redirect the site but i dont want everything just m/payement + login system and profile

anyone

Quote · 27 Nov 2013

All I want is the logon page to be https... how hard is that? LOL

P.

Peer L. Plaut Executive Director, Single Booklovers Connecting Bookworms Since 1970
Quote · 27 Nov 2013

Do yourself a favor and switch your site totally to SSL, believe me, not just single pages. I got pedit and join to run on SSL but the most important part, the shopping cart, brings you more trouble than expected regarding JavaScript etc.

Check my GeoDistance, Watermark, TorBlock and Android Push Notifications mods | http://goo.gl/H3Vp81
Quote · 27 Nov 2013

Ok fine the whole site but i cant get the game section OFF the ssl?

Is there a way to do that because the game system is not from my site and as such i can't have SSL activated or else it would not work...

Quote · 28 Nov 2013

Why not? If these games (Flash?) are embedded from an external site the only problem you will experience is a browser warning that you are loading unsecure data or your SSL certificate appears to be broken in the browsers address bar. Does the external site not offer SSL so you can replace all links from http to https?

Check my GeoDistance, Watermark, TorBlock and Android Push Notifications mods | http://goo.gl/H3Vp81
Quote · 28 Nov 2013
 
 
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.