Welcome, Guest ( Customer Panel | Login )




 All Forums
 VPCart Forum
 Problems and bugs
 Systems stays in secure mode after order
 New Topic  Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

dandlyin
VP-CART New User

USA
73 Posts

Posted - February 10 2006 :  09:48:07  Show Profile  Visit dandlyin's Homepage  Reply with Quote
RE: V 6.07 on windows server

At the completion of an order, if one clicks on the top buttons or side navigation links, he/she remians in secure mode. I noticed this also happened when I ordered the FedEx realtime add-on from the VP-ASP site. Those links are relative in my setup, which is the logical arrangment.
If one clicks on the 'Return to the homepage' text link, the system breaks out of secure mode but we can't count on them to do so.
I am using 'shopdisplaycategories.asp' for xcontinueshopping and 'Yes' for xcontinueshoppingdynamic (to try to return to the last url), if that matters.
The first solution I can see is to make all the links absolute, which seems a poor technique. The second is to make shopthanks.asp a 'continue' page, lacking the normal page headers, etc., which would force a return to non-secure mode.
Is there a better way?
Thanks,
Dan Dotson

dandlyin
VP-CART New User

USA
73 Posts

Posted - February 10 2006 :  10:02:30  Show Profile  Visit dandlyin's Homepage  Reply with Quote
I commented out line 84 in shopthanks.asp, eliminating the presentation of normal headers. This forces a click on the 'return to home page' link. It's not pretty but it works.
If anyone has a better solution, I would like to hear it.
Thanks,
Dan
Go to Top of Page

devshb
Senior Member

United Kingdom
1904 Posts

Posted - February 10 2006 :  13:21:20  Show Profile  Visit devshb's Homepage  Reply with Quote
we've got a "domain tools" addon which isn't officially for-sale yet (ie we haven't packaged it up yet, but it all works really nicely and have been using it on loads of vpasp sites), where you can specify a list of all the asp files that you want to force ssl onto, and a function which automatically redirects you on/off ssl according to which page you're on; it means that you don't need to change any of your links (as long as your links are relative and not absolute) and can instead just add the new function to your shop$db.asp file to do the necessary jumping-about and set whatever pages you want in your "ssl page list" config file.

is that what you're after ?

if anyone else would also find this useful, can you post here so that we can get an idea of demand for it ? (and how much people'd be prepared to pay, if you're feeling very generous in giving out your thoughts on that aspect!)

Simon Barnaby
Developer
[email protected]
www.BigYellowZone.com
Web Design, Online Marketing and VPASP addons
Go to Top of Page

dandlyin
VP-CART New User

USA
73 Posts

Posted - February 10 2006 :  13:50:21  Show Profile  Visit dandlyin's Homepage  Reply with Quote
shopthanks.asp must be kept secure or MSIE whines about insecure items.
I don't think your add-on solves my problem- but correct me if I'm wrong.
Thank you,
Dan
Go to Top of Page

devshb
Senior Member

United Kingdom
1904 Posts

Posted - February 10 2006 :  14:16:58  Show Profile  Visit devshb's Homepage  Reply with Quote
I think it'd solve the problem; if someone tried to access shopthanks on a non-ssl url then it'd automatically redirect them to the ssl.

the redirection would happen before any of the shopthanks.asp stuff is done (ie from shop$db.asp).

you'd set shopthanks.asp as one of the ssl files in your ssl-page-list config file, and just leave all your other links as they are (ie relative, not absolute), that'd force shopthanks.asp to always be loaded on ssl, but all other pages to force you off ssl.

if one of your links points to, say, "https://blah.com/mypage.asp" when you're on the shopthanks page (ie a relative link on an ssl page to a non-ssl page), then as long as "mypage.asp" isn't in your list of ssl pages, the tool will automatically force you onto "http://blah.com/mypage.asp" after you've clicked on the link; I think that's the problem that you were unsure about on your reply above; hope that helps clarifies a bit.

Simon Barnaby
Developer
[email protected]
www.BigYellowZone.com
Web Design, Online Marketing and VPASP addons

Edited by - devshb on February 10 2006 14:56:47
Go to Top of Page

dandlyin
VP-CART New User

USA
73 Posts

Posted - February 10 2006 :  16:42:13  Show Profile  Visit dandlyin's Homepage  Reply with Quote
OK, I can see where it might work. Have you seen this as a problem on other sites? I suppose this is unique to this new version.
I really think it should be fixed in the package, not with an add-on but I'm satisfied with my solution until then.
BTW, I added this line after the original Line 84:
response.write "<html><HEAD><link href=""stylesheets/shop.css"" rel=""stylesheet"" type=""text/css""></HEAD><body>"
It keeps the HTML correct and the plain page from being too plain.
I also killed the following line:
'Shopthanksprint
because the plain page is already printer friendly.
The only way out is through the link to shopend.asp, which kills the secure process.
Thank you for your replies.
Dan
Go to Top of Page

devshb
Senior Member

United Kingdom
1904 Posts

Posted - February 10 2006 :  18:29:32  Show Profile  Visit devshb's Homepage  Reply with Quote
yep; I've seen it on lots of sites; it's a generic problem/issue for any site (not just vpasp). whether it's perceived as a bug in cart/site software or a more general/higher-level/generic aspect that you'd want a separate tool for is up for debate I guess, but personally I'd see it as a generic problem which you'd have a tool for.

there's a similar problem of when people jump from "http://www.blah.com" to "http://blah.com" (or vice-versa) where your cookies get treated as-if they're on a separate domain, hence you end up losing your cart contents. again, that's a generic problem with all sites.

our tool deals with both those aspects, and is pretty generic asp so could also be used in other (non-vpasp) asp applications.

these problems are quite involved; it took us ages to define generic solutions that'd work for all the various setups etc (we've spent a lot of time over the years investigating and fixing these kinds of problems; they can sometimes be quite nasty and cause lots of dropped carts)

Simon Barnaby
Developer
[email protected]
www.BigYellowZone.com
Web Design, Online Marketing and VPASP addons
Go to Top of Page

devshb
Senior Member

United Kingdom
1904 Posts

Posted - February 28 2006 :  08:44:15  Show Profile  Visit devshb's Homepage  Reply with Quote
we've now developed an addon which allows you to specify which pages you want to put people onto ssl for so that you don't need to change any of your links.

It also reduces the number of dropped carts as you can allow people to stay on the same domain when they return from the gateway, and/or you can force people onto a specific domain.

See our new domain tools addon for vpasp:

http://www.bigyellowzone.com/shopexd.asp?id=64

and:
http://vpasp.com/virtprog/vpaspforum/topic.asp?TOPIC_ID=4688

Simon Barnaby
Developer
[email protected]
www.BigYellowZone.com
Web Design, Online Marketing and VPASP addons
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
Snitz Forums 2000
0 Item(s)
$0.00