X-Cart: shopping cart software

X-Cart forums (https://forum.x-cart.com/index.php)
-   Changing design (https://forum.x-cart.com/forumdisplay.php?f=51)
-   -   HTTPS for Admin? (https://forum.x-cart.com/showthread.php?t=996)

fusionartstamps 12-18-2002 01:13 PM
HTTPS for Admin?
 
I'm storing the credit card numbers of customers and can access them via the x-cart admin page. Is there a way to make the admin section have https?

-Amy

shan 12-18-2002 02:30 PM
All you need to do is access your admin by the https value and it should work the same but be secure.

This should be done as standard realy

fusionartstamps 12-18-2002 02:37 PM
Gracias Senor!!!

Amy

tlieberman 03-14-2003 09:53 AM
Solution To Force HTTPS for admin pages (works with IIS)
 
Add to the top of admin/auth.php:

Defines $REQUEST_URI (since IIS doesn't provide it). I'm not sure if apache provides $_SERVER['HTTPS'], but you can do some string manipulation to determine whether the client is using ssl or not.

Anyway, if https is not active, it redirects to the secure version

Code:
$REQUEST_URI=$_SERVER['PHP_SELF']."?".$_SERVER['QUERY_STRING']; #For IIS's sake
if($_SERVER['HTTPS'] == 'off'){
        Header("Location: $https_location".substr($REQUEST_URI, 1, strlen($REQUEST_URI)-1));
}


All times are GMT -8. The time now is 03:14 PM.

Powered by vBulletin Version 3.5.4
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.