uShop English (U.S.) for 179!

uStorekeeper English (U.S.) for 149!

 Products
       uTest
       uReserve
       uShop
       uStorekeeper
       uGolf
       uDirectory
       uSignIn
 Tech Support
       Support Policy
       Knowledge Base
            uTest
            uReserve
            uShop
            uStorekeeper
            uGolf
            uDirectory
            uSignIn
       Documentation
       Reference Sites
 Legal
       Software Piracy
       Legal Notices
       Privacy Policy
       Licensing
 Miscellaneous
       Reseller Info
       Contact Us
       Site Map
Going to HTTPS via multiple domains

Knowledge Base Lobby : uShop Support Conference : Problems with trying to Place Orders
Oct-22-17 02:32 AM EST
Original Message
Going to HTTPS via multiple domains
Author lawrence on 02-12-2001 at 20:24 (EST)
We have multiple domains by which our site can be entered. Though most people use http://www.adventistsaffirm.org, we also have the .com and .net version of that name and .org/.com/.net of adventistaffirm.

Right now, only the first http I typed above gets transferred from display_cart.html to the https. We would like all domains to be allowed.

I did a search under "multiple domain" and "multiple" and "domain" in the board, but couldn't find any message about this problem.

Your help would be must appreciated. Thanks.

Lawrence
Webmaster
Adventists Affirm
E-MAIL AUTHOR | TABLE OF CONTENTS

Table Of Contents
  RE: Going to HTTPS via multiple domains Bill Weiner, 2001-02-13 05:53:12 (1)
            RE: Going to HTTPS via multiple domains lawrence, 2001-02-13 20:17:27 (2)
            RE: Going to HTTPS via multiple domains lawrence, 2001-02-13 20:19:19 (3)
                 RE: Going to HTTPS via multiple domains Bill Weiner, 2001-02-14 06:22:43 (4)
                      RE: Going to HTTPS via multiple domains lawrence, 2001-02-14 08:26:10 (5)

Messages In This Discussion
         1. RE: Going to HTTPS via multiple domains
        Author Bill Weiner on 02-13-2001 at 05:53 (EST)
Actually, all you have to do is make sure that your uShopOrderButton applets have the "script_url" parameter pointing to the uShop CGI script on your secure server.
TABLE OF CONTENTS
                 2. RE: Going to HTTPS via multiple domains
                Author lawrence on 02-13-2001 at 20:17 (EST)
I do have just that. See:

http://www.adventistsaffirm.org/store/html/topright.html

Unfortunately, if you enter the ordering process from one of the 5 addresses, i.e., http://www.adventistsaffirm.com/store/html/index.html, and place an order, you will move to the display_cart.html correctly, when when you press Continue to go to the Secure Server, you receive an Illegal Referrer Page.

Please try verify that your solution is on the proper page and verify that when you enter via the above url, try to place an order, you will get an Illegal Referrer Page when you try to go to the secure server.

Lawrence
TABLE OF CONTENTS
                 3. RE: Going to HTTPS via multiple domains
                Author lawrence on 02-13-2001 at 20:19 (EST)
Please excuse the misspellings, let's try again.

I do have just that. See:

http://www.adventistsaffirm.org/store/html/topright.html

Unfortunately, if you enter the ordering process from one of the 5 addresses, such as, http://www.adventistsaffirm.com/store/html/index.html, and place an order, you will move to the display_cart.html correctly, then when you press Continue to go to the Secure Server, you receive an Illegal Referrer Page.

Please verify that your solution is on the proper page and verify that when you enter via the above url and try to place an order, you will get an Illegal Referrer Page when you try to go to the secure server.

Lawrence
TABLE OF CONTENTS
                         4. RE: Going to HTTPS via multiple domains
                        Author Bill Weiner on 02-14-2001 at 06:22 (EST)
Oh... your getting an "Illegal Referrer Page" error. Ok, that would be because you probably have the "Referral Page Validation" setting set to "YES". That "Referral Page Validation" setting (which can be found on the uShop Control Panel under "GENERAL SETTINGS - MISCELLANEOUS") specifies whether or not to validate the referrer at the exact point where the Java-side of uShop transfers control over to the CGI-side of uShop. So there are two options:

1) The easiest option is to just put that setting to "NO". Referral page validations will still be performed during all other actions with the uShop CGI script... just not at that first Java-to-CGI transfer point. This will allow you to post to the same uShop CGI script from all of your different domains.

2) Otherwise, if you still want the referral page validation performed at that Java-to-CGI point... and still allow your different domains to link to the same script, then there is a relatively basic modification that you can make to the script:

STEP 1: Make a backup of your current ushop-lib.pl script... just in case.

STEP 2: Open you "ushop-lib.pl" file with any text editor such as WordPad.

STEP 3: Do a search on the following line:

sub display_order_form

STEP 4: About 10 lines into that subroutine, you will see the following lines:

if ($settings[16] =~ /YES/i)
{
&validate_referral_page($store_url);
}

Replace those lines with the following lines:

local ($ref_string,$domain2,$domain3);
if ($settings[16] =~ /YES/i)
{
$domain2 = "http://www.adventistsaffirm.net/";
$domain3 = "http://www.adventistsaffirm.com/";
$ref_string = $ENV{'HTTP_REFERER'};
if ((!($ref_string =~ /$store_url/i)) &&
(!($ref_string =~ /$domain2/i)) &&
(!($ref_string =~ /$domain3/i)))
{
&missing_input("Illegal Referrer Page","The referring page did not meet security requirements.");
}
}

STEP 5: Save the file (as TEXT if your editor asks)... and then try it out!
TABLE OF CONTENTS
                                 5. RE: Going to HTTPS via multiple domains
                                Author lawrence on 02-14-2001 at 08:26 (EST)
Thanks. I Think I'll just turn off the validation message. :)

Lawrence
TABLE OF CONTENTS

© 2003 Microburst Technologies, Inc.