PHP 5.3.10
joomla 2.5.11
vm 2.0.22a
I have a problem. When I turn on ssl in the VM2 configure page, go to the cart in an unregistered/unlogged in state and change the country, no matter what I do I can't get it to populate the State / Province / Region drop-down - required field, so no one can register.
http(s)://oxfordgenetics.com
Works for me in Firefox22 but you have some non-ssl urls in your page head which can stop some browsers from working correctly - and they may also flash up a security warning.
eg. <link rel="stylesheet" href="http://oxfordgenetics.com/components/com_mijosearch/assets/css/mijosearch.css" type="text/css" />
<script src="http://oxfordgenetics.com/components/com_mijosearch/assets/js/autocompleter.js" type="text/javascript"></script>
Hii Jenkinhill. Many thanks for your response.
I have had the site in non-secure mode, because browser won't load insecure and secure items. I have tried turning off sef urls and that allows the cart to load. I need sef urls though. the mijosearch box can be turned off no problem. Is the <base href...http:///> causing this?
When I had the ssl in the cart turned on (very early) this morning I found these "http://" links:
<base href="http://oxfordgenetics.com/component/virtuemart/cart" />
<iframe src="http://oxfordgenetics.com/index.php?nosef=1&format=html&option=com_virtuemart&view=vendor&layout=tos&virtuemart_vendor_id=1&tmpl=component" class="tos_iframe" ></iframe>
<br style="clear: both;"/>
<input value="1" type="checkbox" id="agreed_field" name="tosAccepted" class="terms-of-service" required="required" autocomplete="off" />
<label for="agreed_field">I agree to the Terms of Service<a target="_blank" href="http://oxfordgenetics.com/index.php?nosef=1&format=html&option=com_virtuemart&view=vendor&layout=tos&virtuemart_vendor_id=1&tmpl=component" onclick="javascript: return op_openlink(this); " >(Terms of Purchase )</a><strong>* </strong> </label>
Is one of these the culprit?
I only have one link remaining item in the source with http:
<base href="http://oxfordgenetics.com/component/virtuemart/cart" /> (http://<base%20href="http://oxfordgenetics.com/component/virtuemart/cart"%20/>)
The browsers are still unable to show the checkout page without moaning or blocking css/js Funny because I had it working yesterday when I turned off sefs.
Can anyone see anything that I have missed?
Hi jenkinhill. Yes, it seems to work in ff22 because ff pretends to make it work. For how it really is lok at chrome or ie. I am at my wits end as I am out of ideas. I had the http links down to zero and it still wouldn't work. (try updating shipping and payment options via country dropdown).
Everythiing works perfectly when sefs are turned off.
It is the <base> tag.
Why would Joomla! keep an http base tag on a https page?
Why doesn't everyone else using vm not have this problem? Do they just turn sefs off?
is it set in your joomla configuration?
root/configuration.php
var live site=
Thanks for your reply PRO.
I haven't set it in the configuration.php because we only need the cart to be secure, not the whole site. Is there a way of achieving this?
Quote from: Valdez360 on July 27, 2013, 10:21:10 AM
Thanks for your reply PRO.
I haven't set it in the configuration.php because we only need the cart to be secure, not the whole site. Is there a way of achieving this?
did you check the file?
public $live_site = '';
does this only happen with the 1 page checkout?
Dear PRO. Happens with or without OPC. I have spent hours trying every possible combination of options. Using Nextor template.
you are running 2 different jquery files
&&
nobody can really check when you are running 1 page checkout.
Have you asked about this in their forum?
I checked the POST with httpfox & there is NO response at all.
BUT! also the site is VERY slow for me when going into https
Have you tested with a standard joomla template?
& without 1 page checkout?
Many thanks for the feedback PRO.
I have heeded your httpfox suggestions. I know that this could almost be the subject of a new topic thread, but can you suggest a template that definitely has full compatibility with VM2 that will sort this out for us once and for all?
I have turned/deactivated OPC (RUPOSTEL's OPC) off/on many times and can see no difference.
Quote from: Valdez360 on August 07, 2013, 11:19:33 AM
Many thanks for the feedback PRO.
I have heeded your httpfox suggestions. I know that this could almost be the subject of a new topic thread, but can you suggest a template that definitely has full compatibility with VM2 that will sort this out for us once and for all?
I have turned/deactivated OPC (RUPOSTEL's OPC) off/on many times and can see no difference.
Have you atleast checked to see if it is the template?
You do that by testing with a standard joomla template
Thanks again
We have come to the reluctant conclusion that the template is not the major culprit here, but in fact that the choice of cart software might have been critical. I tried different templates. I have tried weeding through the cart page for http links (and still have an amber warning padlock in Chrome). I have tried dumping OPC (which on the whole behaves well).
Is there a VM2 site out there which has no problems where only the cart page is secure? I think that we are pushing this technology to the limit here.
other problems:
- Jotcache stops the updating/removal of cart items
- Auto currency switcher doesn't work (latest pre release version only works with Germany)
IfI could get rid of these I would be a happy fellow.
btw, the initial problem that the thread was started with was a no ajax problem whilst the cart thought it was really insecure. We have shipping and pay auto select etc. now working.
Quote from: Valdez360 on August 07, 2013, 21:10:58 PM
Thanks again
We have come to the reluctant conclusion that the template is not the major culprit here, but in fact that the choice of cart software might have been critical. I tried different templates. I have tried weeding through the cart page for http links (and still have an amber warning padlock in Chrome). I have tried dumping OPC (which on the whole behaves well).
Is there a VM2 site out there which has no problems where only the cart page is secure? I think that we are pushing this technology to the limit here.
other problems:
- Jotcache stops the updating/removal of cart items
- Auto currency switcher doesn't work (latest pre release version only works with Germany)
IfI could get rid of these I would be a happy fellow.
btw, the initial problem that the thread was started with was a no ajax problem whilst the cart thought it was really insecure. We have shipping and pay auto select etc. now working.
to find the unsecure items.
Go to the cart page.
Turn on HTTPFOX, refresh the page.
Then scroll through the list for anything that starts with http without the S
http://oxfordgenetics.com/images/stories/virtuemart/payment/authorize_net_logo.jpg
http://oxfordgenetics.com/images/stories/virtuemart/payment/PayPal.gif
Quote from: Valdez360 on August 07, 2013, 21:10:58 PM
Is there a VM2 site out there which has no problems where only the cart page is secure? I think that we are pushing this technology to the limit here.
My whole site is secure if I want it to be. I use relative urls.
I dont know about jot cache
I use jch optimize to speed the site up.
http://www.kaizenmediaworks.com/jch-optimize-virtuemart-2-0
I have found that it is these causing the secure and insecure items:
- Paypal gateway
- Authorize.net Gateway
I have removed these many times before with no improvement, but due to browser caching or whatever I have found out that these are it.
Quote from: Valdez360 on August 08, 2013, 10:20:41 AM
I have found that it is these causing the secure and insecure items:
- Paypal gateway
- Authorize.net Gateway
I have removed these many times before with no improvement, but due to browser caching or whatever I have found out that these are it.
have you tried deleting your internet history?
and when I checked yesterday they were insecure
Jotcache shouldn't be used in VM.
I just checked Jotcache forum/website.
And I didn't see any reason why Jotcache shouldn't be avoided by us.
Quote from: Valdez360 on August 07, 2013, 21:10:58 PM
... in fact that the choice of cart software might have been critical.
Could you elaborate more about your main issue, please?
Many thanks for your reply Maxim. I think I am getting on top of many of these problems (many of these fixed by advice from this forum). Site speed is going to be an issue if I cannot cache the pages.
Jotcache works, but I have to turn caching off for the cart and the product pages. The reason being that the currency won't auto switch.
Hi
I am having similar issue- State drop down not working when SSL is switched on- works fine with out ssl.
Looking at Google Chrome console for the checkout page this is the error:
https://www.site.com/checkout.html displayed insecure content from http://www.site.com/index.php?option=com_virtuemart&view=state&format=json&virtuemart_country_id=222&_=1382999701323
looks like it is trying to get state with an insecure url - anybody know where is this code located? or how to fix this.
I am using System - SSL Redirection- this is to make sure the https is switched off when not on checkout page.
Joomla! 2.5.6
VM 2.0.24
Thank you
Hi solmab. Chrome flags this insecure content and shows an amber warning in the padlock area. It also stops running JavaScript on the page which is why the country selection doesn't update the cart. If I remember FF is a little more forgiving.
You have to go through the whole page from the top down and make sure that all requests/links/contrent are either secure (beginning with https), or relative links on the same domain (/My-Help).
One of the big culprits for me was the iframe that contains the terms and conditions.
Thanks Valdez360.
All sorted! :)