Re: [FreeTrade] Oops! One other goof...

Mon, 17 Apr 2000 16:41:23 -0700 

> The SSL connection is working okay when logging in as a user. However, after
> logging in, all the navigation links on the side have the base URL of
> http://server4000.net/mysite/..." instead of correct SSL base URL of
> "https://server4000.net/mysite/..." (or is the nav menu even *supposed* to
> be using the secure URL when a user is logged in??)
> 
> Here's what I have set in the ScreenURL function in the standard_library:
> 
> function ScreenURL($screen, $secure=FALSE, $extra='')
>  {
>   global $sid;
>   global $UserInfo;
> 
>   if(USE_SSL AND $secure)
>   {
>    $URL = "https://server4000.net/mysite";
>    $URL .= EXTERNAL_PATH . SCRIPT_NAME . "?SCREEN=$screen";
>   }
>   else
>   {
>    $URL = "http://";
>    $URL .= SERVER_NAME . EXTERNAL_PATH . SCRIPT_NAME . "?SCREEN=$screen";
>   }
> 
>   if((!USE_COOKIES) OR (!COOKIE_FOUND))
>   {
>    $URL .= "&sid=$sid";
>   }
> 
>   if(is_array($extra))
>   {
>    for(reset($extra); $key=key($extra); next($extra))
>    {
>     $URL .= "&$key=" . prepareText($extra[$key]);
>    }
>   }
> 
>   return($URL);
>  }
> 
> Aren't the navigation links supposed to begin with https:// if the user is
> logged in, or is just the login process itself using the SSL connection? Try
> it yourself to see what I mean...
> http://tomorrowsworld.com/index.php3
> login: ssltest
> passwd: demo
Yes, this is how it is supposed to work.  SSL must be explicitly set for
every link.  Hence, during the order process, every form explicitly uses
SSL, yet if the user "clicks away" on the side navigation, SSL is turned
off (i.e. SSL is not explicitly turned on for those links).  It is
fortunate that this was an easy way to work, and it suited us
perfectly.  Perhaps if you situation is different, you can set up
ScreenURL to always use SSL (if that's what you want) or to use SSL if
the user is logged in, or use SSL if SSL is already being used.

Cheers,
-jj

-- 
if (shannon - jj) * behrens == webEngineer["CLEAR INK�"]:
    print "<i>imagination is the only real medium(sm)</i><br>"


------------------------------------------------------------
To subscribe:    [EMAIL PROTECTED]
To unsubscribe:  [EMAIL PROTECTED]
Site:            http://www.working-dogs.com/freetrade/
Problems?:       [EMAIL PROTECTED]

Reply via email to