Jump to content

[SOLVED] SSL Deadlock in Multishop


Recommended Posts

Hi folks,

 

I am having an Issue with an updated PS from 1.4.6 to 1.5.4. In my development Server, the problem wasn't showing because SSL isn't on. I've got 2 shops in multi-shop config.

 

Here's the history :

First I had problem with the Cartin AJAX. When I was on my website in non-secure protocol (ex : http://www.mydomain.com/) the website couldn't add product to cart. Without AJAX it was okay, but unacceptable for the client requierement. I searched a lot and found out the secure protocol needed to be ON to communicate with my cart controller. So...

 

I changed my htaccess to be able to ALWAYS reroute to secure domain (The whole website, didn't really want to, but since I don't know where the client will put "add_to_cart" button, I must). The code in the htaccess goes like this :

 

RewriteCond %{HTTPS} off
# First rewrite to HTTPS:
# Don't put www. here. If it is already there it will be included, if not
# the subsequent rule will catch it.
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Now, rewrite any request to the wrong domain to use www.
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Found on : stackoverflow

 

Home page, my "hot deals" custom module and cart are working fine. But categories, product and CMS are in a deadlock position (Trying to redirect to secure when non-secure and redirecting to non-secure when in secure).

 

So I investigated. Tools.php manage redirections and is using the function redirectLink($url) to redirect. But the URL alreayd as "http://" in it when getting there...

 

I also noted that my URL for both of my shops start with http://

 

My question (FINALLY) : How can I configure Prestashop to ALWAYS use HTTPS url??? My Redirection are working in Htaccess, I just want prestashop to STOP redirecting to Non-secured.

 

Best ragards to the community

 

Martin

Edited by Martin Uker K (see edit history)
Link to comment
Share on other sites

Okay, took me a while to figure this one out.

 

First of all : _PS_BASE_URL_ is the main problem here. By conceptional decision, it seems that Prestashop team decided that 1.5 wouldn' have choice for categorie, and product to use SSL or not. This constant is defined in two different place : Controller.php (init) and Link.php (constructor).

 

To make the whole shop SSL redirected we need to put this code in the htaccess :

RewriteCond %{HTTPS} off
# First rewrite to HTTPS:
# Don't put www. here. If it is already there it will be included, if not
# the subsequent rule will catch it.
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Now, rewrite any request to the wrong domain to use www.
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

 

But also, we need to make sure that link.php will use SSL domain. We've got 2 ways for doing this :

 

1. (Prefered in my situation) Override link.php (__contruct) and controller.php (init). Just recall the parrent::function and redefine the variable _PS_BASE_URL_ to match the Ssl value you want (_PS_BASE_URL_ = Tools::getShopDomainSsl(true)).

Exemple :

class Link extends LinkCore
{

   /**
     * Constructor (initialization only)
     */
   public function __construct($protocol_link = null, $protocol_content = null)
   {
       parent::__contruct($protocol_link, $protocol_content);

       define('_PS_BASE_URL_', Tools::getShopDomainSsl(true));

   }

}

//THAT does'nt work in my case but it should...Construct can't be overrided on my server, no clue why, must be my php version.

 

2. Override link.php getProductLink function. For a strange reason (Human error or the fact that th form with action="add to cart" isn't using ssl neither...) it isn't using the constant ('http://' is hardcoded...CReated an issu on presta forge). You need to override the WHOLE function for that reason (Sucks I know)

 

3. Product.tpl has a form for product adding. Make sure hte action is calling sll (add true parameter after "cart.php").

 

That's the working version. Took me a time to find it.

 

Marking this as solved, notice me if you think I did something wrong, or if there's a reason why, in the first place, my add to cart AJAX didn't work.

 

Martin

Link to comment
Share on other sites

×
×
  • Create New...