If you have configured a SecureURL in your virtuemart configuration, the checkout is routed to SSL-secured connection (https). This should normally work. But if you use the virtuemart login module, the “register-link” goes to an unsecure page. Even if you hardcode the link with https, the site automatically redirects to http (if set VM_GENERALLY_PREVENT_HTTPS to 1, which makes sense to load the normal pages through http to keep the server load down).
Unfortunately, we need a small hack to correct this behavior – if you pay a lot of money for your SSL-certificate, you surely want to use it where it makes sense. Our changes are based on virtuemart 1.1.3 – other 1.1.x versions may have different line numbers but should work similar:
(Please make sure that you have a backup of your files and database! There is no warranty for the hack below!)
edit /administrator/components/com_virtuemart/html/shop.registration.php. At line 19 insert the following code:
Now the registration page should work with https and also the form submits the data encrypted. After the registration, the user is redirected back to the default http connection.
What did we do?
Very simple. In the shop.registration.php we have told virtuemart to use a secure connection if one is configured and not yet used. The line “if(!JRequest::getInt('redirected'))” checks if the page is already redirected (to prevent a neverending loop). In the ps_session.php we have to tell virtuemart to “allow” https for the shop.registration page, otherwise virtuemart would redirect the page back to http.
[Note: the more obvious solution to add the registration to the $VM_MODULES_FORCE_HTTPS-Array doesn’t work. I haven’t had the time to check the reason why. I’ll update this page when i found out…]
VM-Expert.com is part of the B01 Consulting Network. Since 2003 we build shops and websites with Joomla and Virtuemart. We are specialised in developing custom Joomla and Virtuemart Extensions.
TrackBack URI for this entry
