Hello everyone,

I am having yet another problem stop me from opening my store (believe me, I have had nothing but trouble so far).

My website shopping cart system runs on cookies (Javascript program). I am also using frames. As I understand it, the cookie information is stored under that particular URL's content. The problem is that I have added SSL security to my checkout page, and because the new url for a checkout page changes from http:// to https:// none of the cookie information is being sent to the checkout form. The only way I could fix it was to secure the whole website, but this makes it run exceptionally slow and is really not the way I wanted to go about it.

Does anyone have any ideas?? I am really getting desperate at this point and would be extremely grateful for any help I can get.


Thanks so much for taking the time to read this post.

p.s the testsite is running at http://reptilemart1.netfirms.com/main.html

Kind Regards,

Peter.

I think the form action is wrong here: http://reptilemart1.netfirms.com/managecart.html

Just read this page (again): http://www.nopdesign.com/freecart/index.html

Should be something like this:
<form action="https://www.secure.com/checkout.cgi" method="post" onsubmit="return ValidateCart(this)">

Thanks for that. I checked the code and changed it but it still doesn't work. I can't use method "Post" as I get an error. The webpage actually works fine if I don't secure the checkout.html page. Once it is secured though everything stuffs up. The only way I can get it to work is by securing the whole site. This tells me that the code is fine, but the fact that cookies have to go from a non-secure to a secure area just doesn't work. Just to re-explain myself, I think that the cookies are being stored in "http://reptilemart1.netfirms.com". But when they are called in the checkout page they are being called from "https://secure.sslpowered.com/reptilemart1" where there is nothing stored. I don't know how to make the cookies "global" in that they are available to every page secured or not.

Thanks for your help though, much appreciated.

It's not the cookies. Look at this website: http://www.crystalstar.com/
They're doing the same thing and use the same shopping cart and secure server to check out.

yeah I had a look at that website as well as the others that he had posted on his site. They seem to be using files with the extension ".esiml" ?? I don't know what they are of if they are any different from html, but the seem to be the only thing they have that I don't..

I can't understand why the site works if the checkout.html is not secured. The site also works when I secure the whole thing. It doesn't make sense, the security is obviously not an issue, as when the whole site is secured it works. The code or script is not an issue as it works if the site is totally un-secured or totally secured. The only thing I can bring it down to is the when the site is unsecured the cookies are being stored at "http://reptilemart1.netfirms.com/......" when the whole site is secured the cookies are being stored at "https://secured.sslpowered.com/reptilemart1/........". The problem arises when cookies that were stored at "http://reptilemart1.netfirms.com/......" are being called to a totally different address at "https://secured.sslpowered.com/reptilemart1/........" and they aren't there.

I can't figure it out. I was thinking that somehow I have to make the cookies available to all pages, or I have to set the to go to window.parent, that way being a frameset the URL never changes. I don't know how to set them to go to the parent location though :( and I don't know if this would work.

Thanks for your help anywayz, it is appreciated :)


Kind Regards,

Peter.

I can't figure it out. I was thinking that somehow I have to make the cookies available to all pages, or I have to set the cookies to go to window.parent, that way being a frameset the URL never changes. I don't know how to set them to go to the parent location though and I don't know if this would work