I have my SSL cert installed on my server, but yet I can't figure out how to enable SSL on 7.0.2
I read a post in the dolphin 6.1 forum about editing my template/scripts/function.php but that file doesn't exist in dolphin 7.0.2
I am using a custom template so I went in and copied the BxTemplFunctions.php from the templates/base/scripts/ folder to my template folder /templates/tmpl_baseball1/scripts/functions folder and I pasted in the follow text per the instructions in the forum post for dolphin 6.1
if ($_SERVER['HTTPS'] && ($_SERVER['HTTPS'] != 'off')) { // Replace Global Site values foreach($GLOBALS['site'] as $szTempKey => $szTempVal) { $GLOBALS['site'][$szTempKey] = str_replace('http://', 'https://', $szTempVal); } $GLOBALS['page']['extra_js'] = str_replace('http://', 'https://', $GLOBALS['page']['extra_js']); $GLOBALS['page']['extra_css'] = str_replace('http://', 'https://', $GLOBALS['page']['extra_css']); $GLOBALS['sHomeUrl'] = str_replace('http://', 'https://', $GLOBALS['sHomeUrl']); $GLOBALS['sGlobalPath'] =str_replace('http://', 'https://', $GLOBALS['sGlobalPath']); $GLOBALS['sGlobalUrl'] =str_replace('http://', 'https://', $GLOBALS['sGlobalUrl']); $GLOBALS['sDataPath'] = str_replace('http://', 'https://', $GLOBALS['sDataPath']);
// Replace Template Config values foreach($GLOBALS['oTemplConfig'] as $szTempKey => $szTempVal) { if (is_string($szTempVal)) $GLOBALS['oTemplConfig']->$szTempKey = str_replace('http://', 'https://', $szTempVal); } // Replace Template Site values foreach($GLOBALS['oTemplConfig']->aSite as $szTempKey => $szTempVal) { if (is_string($szTempVal)) $GLOBALS['oTemplConfig']->aSite[$szTempKey] = str_replace('http://', 'https://', $szTempVal); } }
However that didn't seem to do anything when I went to https://www.MYDOMAIN.com/index.php it just redirected me to http://www.MYDOMAIN.com/index.php
So I completely undid that and I am back to the way it was. So again, I am left with the question of, how do you enable SSL for Dolphin 7.0.2 ?? Seems like it should be a core feature considering many people use dolphin for paid memberships.
Thanks,
Chad
|
Why don't you change the domain in your header.inc.php file to use HTTPS? BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin |
Well I could do that, but I would rather not have every single page on the site to be forced to use SSL. I really only want to specify specific pages like the join.php and edit and the payment page. |
Why don't you change the domain in your header.inc.php file to use HTTPS?
Changing the entire site to redirect to https would make loading incredibly slow.
Have you got this working yet? You know you need to also apply rules to your .htaccess in order to specify which pages are to redirect to https...
That code is located here:
RewriteRule "^(pedit.php)$" - [env=whwSecure:https] RewriteRule "^(join.php.*)$" - [env=whwSecure:https]
#Redirect to normal site. RewriteCond %{HTTPS} on RewriteCond %{env:whwSecure} !https RewriteCond %{REQUEST_URI} !^.*simg.php RewriteCond %{REQUEST_URI} ^.+.php [OR] RewriteCond %{REQUEST_URI} ^.+/$ RewriteRule "^(.*)$" "http://%{HTTP_HOST}/community/$1" [R=301,L]
#Redirect to Secure site RewriteCond %{HTTPS} off RewriteCond %{env:whwSecure} https RewriteRule "^(.*)$" "https://%{HTTP_HOST}/community/$1" [R=301,L]
Taking Dolphin and Making Profitable Websites Since 2009 :) |
We really need a solution to this.
I've contacted Anton about this and he said the following:
Unfortunately I don't know how to apply SSL protocol to site or pages. Never was trying that. You can try to apply those instructions to templates/base/scripts/BxBaseFunctions.php but I doubt that it'll work, because many mechanisms and variables were changed since Dolphin 6.1 to Dolphin 7.0
-From Anton
|
Taking Dolphin and Making Profitable Websites Since 2009 :) |
Solution from AntonLV
It is working form me :)
In the .htaccess file right after the line
RewriteEngine on
add the code
RewriteRule "^(pedit.php)$" - [env=whwSecure:https] RewriteRule "^(join.php.*)$" - [env=whwSecure:https]
#Redirect to normal site. RewriteCond %{HTTPS} on RewriteCond %{env:whwSecure} !https RewriteCond %{REQUEST_URI} !^.*simg.php RewriteCond %{REQUEST_URI} !^.*tiny_mce_gzip.php RewriteCond %{REQUEST_URI} ^.+.php [OR] RewriteCond %{REQUEST_URI} ^.+/$ RewriteRule "^(.*)$" "http://%{HTTP_HOST}/$1" [R=301,L]
#Redirect to Secure site RewriteCond %{HTTPS} off RewriteCond %{env:whwSecure} https RewriteRule "^(.*)$" "https://%{HTTP_HOST}/$1" [R=301,L]
then in the inc/header.inc.php file before the line and change "yoursite.com" with your actual site
$admin_dir = "administration";
insert the code
$aSSLURLs = array( '/pedit.php', '/join.php', '/simg/simg.php', '/plugins/tiny_mce/tiny_mce_gzip.php', ); if(in_array($_SERVER['PHP_SELF'], $aSSLURLs)) { $site['url'] = "https://yoursite.com/"; }
------------------------------------
Or if you site is in a subdirectory, for example http://yoursite.com/subdir
Once again, make sure you update the URLS to your site in both header.inc.php and .htaccess
.htaccess:
RewriteRule "^(join.php)$" - [env=whwSecure:https]
RewriteRule "^(pedit.php)$" - [env=whwSecure:https]
#Redirect to normal site. RewriteCond %{HTTPS} on RewriteCond %{env:whwSecure} !https RewriteCond %{REQUEST_URI} !^.*simg.php RewriteCond %{REQUEST_URI} !^.*tiny_mce_gzip.php RewriteCond %{REQUEST_URI} !^.*member_menu_queries.php RewriteCond %{QUERY_STRING} !^.*simple_messenger RewriteCond %{REQUEST_URI} ^.+.php [OR] RewriteCond %{REQUEST_URI} ^.+/$ RewriteRule "^(.*)$" "http://%{HTTP_HOST}/subdir/$1" [R=301,L]
#Redirect to Secure site RewriteCond %{HTTPS} off RewriteCond %{env:whwSecure} https RewriteRule "^(.*)$" "https://%{HTTP_HOST}/subdir/$1" [R=301,L]
header.inc.php
$aSSLURLs = array( '/subdir/join.php',
'/subdir/pedit.php',
);
if(in_array($_SERVER['PHP_SELF'], $aSSLURLs)) { $site['url'] = "https://yoursite.com/subdir/"; }
Taking Dolphin and Making Profitable Websites Since 2009 :) |
Hi,
Firstly, thank you to all for posting the above
I've followed the instructions and they work up to a point. Not all the content within join.php is delivered via the SSL connection so the site doesn't have the full SSL connection (e.g. in IE you get a message about part of the content not being delivered securely and in Chrome the https:// is marked as red!). How do I go about making all content in join.php and also for the member login section?
Thanks in advance for your help,
Bhavesh
|
I am experiencing the same issue within chrome. Within firefox it starts loading the SSL icon in the addressbar but then it goes away after a second. |
I have the same problem my hosting don't want to install my SSL on my site
here is the last messages from hem
_________________________________________________
Hello,
If you view your source code on your page, you will still see that there are links using http instead of https. Until these are updated you will continue to see the exclamation mark on the SSL lock in your browser.
Some examples that I see are On https://www.site.com
<link rel="shorcut icon" href="HTTP://mysite.com/media/images/favicons/mysite.png" /> <link rel="image_src" href="HTTP://mysite.com/templates/tmpl_uni/banners/big2/mysite.png" />
Unfortunately we are not able to update your source code for you. You must make the changes yourself and republish the website. I do apologize for the inconvenience.
Please feel free to contact us if you have any more questions or concerns.
Best regards, Matthew L. Johnson
____________________________________________________________
I don't realy know wat he want me to do I make the changes to this
<link rel="shorcut icon" href="HTTP:/media/images/favicons/mysite.png" /> <link rel="image_src" href="HTTP:/templates/tmpl_uni/banners/big2/mysite.png" />
but still no fix or update can you help me with this guy
Thank's
Post Reply - if you going to help - No for - bla bla bla bla |
Hi,
I take it that they do want you to go through the php code and amend to be https://
Having just viewed the source code (on my site) whilst on the join.php page there are lots of links to just http://
I wonder if a 'replace http with https' would do the trick for everything within join.php ?
Guess there's only one way to find out! lol
Bhav
|
I've managed to get rid of all the IE and Chrome SSL warnings by taking a few steps. The most important for me was the following:
Make a separate base header and footer file for your secure pages. This can be done in the template folders. This way you can eliminate any not-needed non-https links within those files.
The pages you'd like to apply this to you will need to change the template page_x.html to call the secure header and footer.
If you need some professional help in doing this please pm me. I've worked a lot with dolphin and SSL.
Taking Dolphin and Making Profitable Websites Since 2009 :) |
You want to run SSL for the whole site? Or just for payment? ---- |
I like to run this for the hole site
if you talking to me if not I will liek to run this on my hole site two
You want to run SSL for the whole site? Or just for payment?
Post Reply - if you going to help - No for - bla bla bla bla |
I like to run this for the hole site
if you talking to me if not I will liek to run this on my hole site two
You want to run SSL for the whole site? Or just for payment?
If you want to run it for the entire site you simply need to change the link in inc/header.inc.php to https://www.yoursite.com
And you obviously need the SSL cert installed on your server by your host.
Taking Dolphin and Making Profitable Websites Since 2009 :) |
Ok
So you telling me to change from this http://www.mysite.com/ to this >> https://wwwmysite.com/
Post Reply - if you going to help - No for - bla bla bla bla |
Ok
So you telling me to change from this http://www.mysite.com/ to this >> https://wwwmysite.com/
Yes that's what I'm telling you.
Taking Dolphin and Making Profitable Websites Since 2009 :) |
Thank's
a lot let see wat my host say maybe they gime me another stupid excuses
Ok
So you telling me to change from this http://www.mysite.com/ to this >> https://wwwmysite.com/
Yes that's what I'm telling you.
Post Reply - if you going to help - No for - bla bla bla bla |
Thank's
a lot let see wat my host say maybe they gime me another stupid excuses
This is a change you make in your inc/header.inc.php, not a hosting server change. (The SSL is installed by your host though.)
Taking Dolphin and Making Profitable Websites Since 2009 :) |
See my hosting is driving me nuts with this pc shit SSL
look wat they tell me know
__________________________________________________
11:34:32 PM) David Ha: has entered the chat. (11:34:34 PM) David Ha: Hello, welcome to Hosting Live Chat. My name is David. (11:34:49 PM) UFO360: Hi David (11:35:10 PM) UFO360: I'm waiting for some one to install my SSL on my site mysite.com (11:35:59 PM) David Ha: Is that the primary domain on the account or an addon? (11:36:06 PM) UFO360: MHW-13896747 (11:36:14 PM) UFO360: my primary is: mysite.com (11:36:26 PM) UFO360: but the SSL is going to be install on mysite.com (11:39:23 PM) David Ha: I am at https://www.mysite.com and The page is loading. What is the issue you are seeing with the site? (11:39:30 PM) UFO360: i change the likns from http: to https: (11:39:54 PM) UFO360: this is my ticket (11:39:55 PM) UFO360: MHW-13896747 (11:41:25 PM) David Ha: I see the ticket and I have the page loaded. What is the specific issue you are having with the SSL installation? (11:42:59 PM) UFO360: is not issue I don't see my SSL install on my site (11:43:13 PM) UFO360: I don't see the icon for the lock (11:48:29 PM) David Ha: I see the lock but there is the warning that there is some unauthenticated content on the page. (11:48:50 PM) UFO360: Noo (11:48:55 PM) UFO360: I see the lock now two (11:49:15 PM) UFO360: but with the warning icon (11:50:24 PM) UFO360: my site is a social network (11:51:12 PM) David Ha: What that warning is saying is that there is some content on the page that is not compatible with the SSL certificate. (11:51:50 PM) UFO360: wat do you mean is not compatible (11:52:21 PM) David Ha: There are either images, links, or scripts that are not set to use the SSL. (11:52:53 PM) UFO360: ooh ok (11:52:59 PM) UFO360: I set all the links (11:53:54 PM) David Ha: Even the scripts need to be set to where they use the SSL certificate. (11:54:33 PM) UFO360: can you tell me in wat part the on the site is not set to >> https (11:55:54 PM) David Ha: I cannot see that from viewing the page. You will need to check the script documentation and also check the plugins you are using. (11:56:41 PM) UFO360: No problem (11:56:45 PM) UFO360: Thank's (11:56:48 PM) UFO360: closed this chat intentionally.
Post Reply - if you going to help - No for - bla bla bla bla |
See my hosting is driving me nuts with this pc shit SSL
look wat they tell me know
__________________________________________________
11:34:32 PM) David Ha: has entered the chat. (11:34:34 PM) David Ha: Hello, welcome to Hosting Live Chat. My name is David. (11:34:49 PM) UFO360: Hi David (11:35:10 PM) UFO360: I'm waiting for some one to install my SSL on my site mysite.com (11:35:59 PM) David Ha: Is that the primary domain on the account or an addon? (11:36:06 PM) UFO360: MHW-13896747 (11:36:14 PM) UFO360: my primary is: mysite.com (11:36:26 PM) UFO360: but the SSL is going to be install on mysite.com (11:39:23 PM) David Ha: I am at https://www.mysite.com and The page is loading. What is the issue you are seeing with the site? (11:39:30 PM) UFO360: i change the likns from http: to https: (11:39:54 PM) UFO360: this is my ticket (11:39:55 PM) UFO360: MHW-13896747 (11:41:25 PM) David Ha: I see the ticket and I have the page loaded. What is the specific issue you are having with the SSL installation? (11:42:59 PM) UFO360: is not issue I don't see my SSL install on my site (11:43:13 PM) UFO360: I don't see the icon for the lock (11:48:29 PM) David Ha: I see the lock but there is the warning that there is some unauthenticated content on the page. (11:48:50 PM) UFO360: Noo (11:48:55 PM) UFO360: I see the lock now two (11:49:15 PM) UFO360: but with the warning icon (11:50:24 PM) UFO360: my site is a social network (11:51:12 PM) David Ha: What that warning is saying is that there is some content on the page that is not compatible with the SSL certificate. (11:51:50 PM) UFO360: wat do you mean is not compatible (11:52:21 PM) David Ha: There are either images, links, or scripts that are not set to use the SSL. (11:52:53 PM) UFO360: ooh ok (11:52:59 PM) UFO360: I set all the links (11:53:54 PM) David Ha: Even the scripts need to be set to where they use the SSL certificate. (11:54:33 PM) UFO360: can you tell me in wat part the on the site is not set to >> https (11:55:54 PM) David Ha: I cannot see that from viewing the page. You will need to check the script documentation and also check the plugins you are using. (11:56:41 PM) UFO360: No problem (11:56:45 PM) UFO360: Thank's (11:56:48 PM) UFO360: closed this chat intentionally.
Your hosting provider is correct and has been very clear. You need to eliminate any content on that page that may not be secure. I posted the solution to this above, creating a separate header and footer file for your secure pages and eliminating the unsecured content from them.
If you'd like professional help in doing this please pm me.
Taking Dolphin and Making Profitable Websites Since 2009 :) |
Wat content I need to remove from my site
lol
my members
my videos
my music
wat content
lol
Post Reply - if you going to help - No for - bla bla bla bla |
I use AntonLVs code for pedit.php and join.php and it works very well. I only have one problem, how to force the payment pages to switch to SSL? It's not a normal php file i could just add, it is a modules that is
a) rewritten to a friendly URL like m/payment/cart/
b) but the normal URL is like modules/index.php?r=payment/cart/
I tried lots but without real success because it affects other modules then too and also i always loose the friendly URLs
Anybody has payment on SSL yet? This drives me nuts. Without SSL on payment it's not possible to run a paid site with dolphin.
Check my GeoDistance, Watermark, TorBlock and Android Push Notifications mods | http://goo.gl/H3Vp81 |
Hello, I need help in this case. Now I have Dolphin 7.1.3 (soon I update to 7.1.4) I bought on my server SSL service, because I'm interested in the appearance of https:// at the join page for example. This will increase the importance and credibility of my website.
After I make changes I have acces denied on my website when I try register. And website not work about 5 hours after that because was sometnhing wrong with my .htaccess
Can someone help me with this installation SSL please?
Solution from AntonLV
It is working form me :)
In the .htaccess file right after the line
RewriteEngine on
add the code
RewriteRule "^(pedit.php)$" - [env=whwSecure:https] RewriteRule "^(join.php.*)$" - [env=whwSecure:https]
#Redirect to normal site. RewriteCond %{HTTPS} on RewriteCond %{env:whwSecure} !https RewriteCond %{REQUEST_URI} !^.*simg.php RewriteCond %{REQUEST_URI} !^.*tiny_mce_gzip.php RewriteCond %{REQUEST_URI} ^.+.php [OR] RewriteCond %{REQUEST_URI} ^.+/$ RewriteRule "^(.*)$" "http://%{HTTP_HOST}/$1" [R=301,L]
#Redirect to Secure site RewriteCond %{HTTPS} off RewriteCond %{env:whwSecure} https RewriteRule "^(.*)$" "https://%{HTTP_HOST}/$1" [R=301,L]
then in the inc/header.inc.php file before the line and change "yoursite.com" with your actual site
$admin_dir = "administration";
insert the code
$aSSLURLs = array( '/pedit.php', '/join.php', '/simg/simg.php', '/plugins/tiny_mce/tiny_mce_gzip.php', ); if(in_array($_SERVER['PHP_SELF'], $aSSLURLs)) { $site['url'] = "https://yoursite.com/"; }
------------------------------------
Or if you site is in a subdirectory, for example http://yoursite.com/subdir
Once again, make sure you update the URLS to your site in both header.inc.php and .htaccess
.htaccess:
RewriteRule "^(join.php)$" - [env=whwSecure:https]
RewriteRule "^(pedit.php)$" - [env=whwSecure:https]
#Redirect to normal site. RewriteCond %{HTTPS} on RewriteCond %{env:whwSecure} !https RewriteCond %{REQUEST_URI} !^.*simg.php RewriteCond %{REQUEST_URI} !^.*tiny_mce_gzip.php RewriteCond %{REQUEST_URI} !^.*member_menu_queries.php RewriteCond %{QUERY_STRING} !^.*simple_messenger RewriteCond %{REQUEST_URI} ^.+.php [OR] RewriteCond %{REQUEST_URI} ^.+/$ RewriteRule "^(.*)$" "http://%{HTTP_HOST}/subdir/$1" [R=301,L]
#Redirect to Secure site RewriteCond %{HTTPS} off RewriteCond %{env:whwSecure} https RewriteRule "^(.*)$" "https://%{HTTP_HOST}/subdir/$1" [R=301,L]
header.inc.php
$aSSLURLs = array( '/subdir/join.php',
'/subdir/pedit.php',
);
if(in_array($_SERVER['PHP_SELF'], $aSSLURLs)) { $site['url'] = "https://yoursite.com/subdir/"; }
|
The same problem on my site. I bought a dedicated SSL certificate on my VPS server, but the join page does not work correctly in chrome. |
So if anyone can help us on this please? |
100 days later the solution is still not found in header.inc.php is possible to redirect the site but i dont want everything just m/payement + login system and profile
anyone |
100 days later the solution is still not found in header.inc.php is possible to redirect the site but i dont want everything just m/payement + login system and profile
anyone |
All I want is the logon page to be https... how hard is that? LOL
P.
Peer L. Plaut Executive Director, Single Booklovers Connecting Bookworms Since 1970 |
Do yourself a favor and switch your site totally to SSL, believe me, not just single pages. I got pedit and join to run on SSL but the most important part, the shopping cart, brings you more trouble than expected regarding JavaScript etc. Check my GeoDistance, Watermark, TorBlock and Android Push Notifications mods | http://goo.gl/H3Vp81 |
Ok fine the whole site but i cant get the game section OFF the ssl?
Is there a way to do that because the game system is not from my site and as such i can't have SSL activated or else it would not work... |
Why not? If these games (Flash?) are embedded from an external site the only problem you will experience is a browser warning that you are loading unsecure data or your SSL certificate appears to be broken in the browsers address bar. Does the external site not offer SSL so you can replace all links from http to https? Check my GeoDistance, Watermark, TorBlock and Android Push Notifications mods | http://goo.gl/H3Vp81 |