From 36e6b22f7e84fb249f5282ddb935d8a694f30dc3 Mon Sep 17 00:00:00 2001 From: mc12345678 Date: Fri, 20 Jan 2017 05:45:31 -0500 Subject: [PATCH] Forces visitor to https if full site is setup for https and http is entered. Per https://www.zen-cart.com/content.php?56-how-do-i-enable-ssl-after-i-have-installed-zen-cart, if one is to set the entire site to https, then it is recommended that SSL_ENABLED be set to false, but if the uri entered begins with http, then the redirect to force the page to load via SSL is not activated and the customer could enter enter data to the webpage without using the SSL. Fixes #1369 --- includes/modules/pages/contact_us/header_php.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/includes/modules/pages/contact_us/header_php.php b/includes/modules/pages/contact_us/header_php.php index 79d2bb4b82..7639a9a536 100644 --- a/includes/modules/pages/contact_us/header_php.php +++ b/includes/modules/pages/contact_us/header_php.php @@ -91,7 +91,7 @@ } // end action==send -if (ENABLE_SSL == 'true' && $request_type != 'SSL') { +if (ENABLE_SSL == 'true' && $request_type != 'SSL' || ENABLE_SSL != 'true' && $request_type != 'SSL' && substr(HTTP_SERVER, 0, 5) == 'https') { zen_redirect(zen_href_link(FILENAME_CONTACT_US, '', 'SSL')); }