jeremysawesome

Good Job guys. The wp-e-commerce team seems to be squashing bugs left and right. Keep up the good work!

You could try the Admin SSL plugin – however I have had mixed results with it.

I wrote a quick little plugin that redirects any specified page to SSL. I just have to edit it so that it properly redirects to SSL for the administration section as well. (Not much good to have information sent over SSL if you read it in the Admin over an insecure connection!)

In any case you should try the Admin SSL plugin – if that doesn’t work for you contact me and we can see if we can get something figured out.

Steps to solve your issue (from memory).

1. Set your checkout page in the WP-Ecommerce Plugin options to the https page you want.
2. Install HTTPS for WordPress plugin and activate.
3. Check your checkout page – it should redirect properly now.

You may have to run through the source of the checkout page to find files that aren’t sent over HTTPS (usually these are related to plugins). These files do not get filtered by HTTPS for WordPress and can sometimes cause the “viewing non-secure and secure items” error.

Hello All,

I also ran into the “do you want to include secure and non-secure content” issue and was able to fix it. I am using HTTPS for WordPress.

You will need to change two files in order to make the https work.

First file: nextgen-gallery/nggallery.php
On or around line 210 you will see the definition for “NGGALLERY_URLPATH”.
Change this line:
define('NGGALLERY_URLPATH', WP_PLUGIN_URL . '/' . plugin_basename( dirname(__FILE__) ) . '/' );

To:

if(!empty($_SERVER['HTTPS']))
      {define('NGGALLERY_URLPATH', str_replace('https://', 'https://', WP_PLUGIN_URL) . '/' . plugin_basename( dirname(__FILE__) ) . '/' );}
      else
      {define('NGGALLERY_URLPATH', WP_PLUGIN_URL . '/' . plugin_basename( dirname(__FILE__) ) . '/' );}

That should take care of all of the NextGen css and js files. The next change you will have to make is to the media-rss.php file in the “Cool Iris” support section.

Second File: nextgen-gallery/lib/media-rss.php
Find line 21, you should see an HTML comment being echoed out that says ‘<!– NextGeEN Gallery CoolIris/PicLens support –>’.

Change line 22 From:
echo "\n" . '<script type="text/javascript" src="https://lite.piclens.com/current/piclens_optimized.js"></script>';

To:

if(!empty($_SERVER['HTTPS']))
      {echo "\n" . '<script type="text/javascript" src="https://lite.piclens.com/current/piclens_optimized.js"></script>';}
      else
      {echo "\n" . '<script type="text/javascript" src="https://lite.piclens.com/current/piclens_optimized.js"></script>';}

That’s it – your page should no longer display those pesky “unauthenticated” content errors.

how about this:

function isSSL()
{
   if(!empty($_SERVER['HTTPS']){ return true; }
   else{ return false; }
}

I suppose if you really wanted to you could check the server port.

function isSSL()
{
   if(!empty($_SERVER['HTTPS'])||$_SERVER['SERVER_PORT']==443)
   { return true; }
   else{ return false; }
}

I always check if $_SERVER[‘HTTPS’] is not empty. The PHP Documentation says that $_SERVER[‘HTTPS’] is, “Set to a non-empty value if the script was queried through the HTTPS protocol.”