SSL issue on step two

Updating Status to: Cannot Reproduce

Please submit a support request.

This is a result of a support ticket.

I tested it on default IPB skin and so did Rhett Buck. We both found the issue.

Please communicate with him for more info.

Ah sorry, I didn't notice this was filed by Rhett

I'll get that ticket reopened for you.

Mark, the problem here may actually be twofold. The nexus_https setting is set up as a TRUE/FALSE setting. So, if it's set to Use HTTPS, then the value for the setting is 1.

However, the register process within Nexus itself expects that value to be either http or https, as the setting is passed directly to publicOuput::buildUrl().

$this->request['return'] = $this->registry->getClass('output')->buildUrl( 'app=nexus&module=payments&section=pay&id=' . $this->invoice->id, $this->settings['nexus_https'] );

Changing that to this will fix that part, though not this issue.

$this->request['return'] = $this->registry->getClass('output')->buildUrl( 'app=nexus&module=payments&section=pay&id=' . $this->invoice->id, ( $this->settings['nexus_https'] ? 'https' : 'http' );

Something I recommend looking into at least, as I just happened to notice it and it may be contributing to this issue.

The other part is actually in the memberSync.php file.

At the time the memberSync.php file runs the onLogin method ipsRegistry::$settings['base_url'] still hasn't been adjusted to use HTTPS if it is currently in use. Simple fix would be to add this above the if ( $member['cm_reg'] ) check there.

if ( isset( $_SERVER['HTTPS'] ) AND $_SERVER['HTTPS'] == 'on' )
        {
            ipsRegistry::$settings['base_url'] = str_replace( 'http://', 'https://', ipsRegistry::$settings['base_url'] );
        }

Doing that allows it to properly redirect after the Nexus based Registration Form to the Checkout Screen while remaining under HTTPS.

Updating Fixed In to: 1.5.4
Updating Status to: Fixed

If the issue is coming from memberSync::onLogin this should fix it:

        if ( $member['cm_reg'] )
        {
            if ( !in_array( ipsRegistry::$settings['nexus_https'], array( 'https', 'public' ) ) )
            {
                ipsRegistry::$settings['nexus_https'] = ipsRegistry::$settings['nexus_https'] ? 'https' : 'public';
            }    

            require_once( IPSLib::getAppDir('nexus') . '/sources/invoiceModel.php' );/*noLibHook*/
            $invoice = new invoice( $member['cm_reg'] );
            if ( $invoice->id AND $invoice->member == $member['member_id'] and $invoice->status == 'pend' )
            {
                ipsRegistry::getClass('output')->silentRedirect( ipsRegistry::getClass('output')->buildUrl( 'app=nexus&module=payments&section=pay&id=' . $invoice->id . '&boinked=1', ipsRegistry::$settings['nexus_https'] ) );
            }
            elseif ( $invoice->id and !$invoice->member )
            {
                ipsRegistry::DB()->update( 'nexus_invoices', array( 'i_member' => $member['member_id'] ), "i_id={$invoice->id}" );
                ipsRegistry::getClass('output')->silentRedirect( ipsRegistry::getClass('output')->buildUrl( 'app=nexus&module=payments&section=pay&id=' . $invoice->id . '&boinked=1', ipsRegistry::$settings['nexus_https'] ) );
            }
            else
            {
                IPSCookie::set( 'cm_reg', NULL );
                ipsRegistry::DB()->update( 'members', array( 'cm_reg' => 0 ), "member_id={$member['member_id']}" );
            }
        }

ipsRegistry::$settings['nexus_https'] is already converted from a boolean to the appropriate value in app_class_nexus so your first part should be unnecessary.

For the second part, it's better to check the setting value and pass it to buildUrl as if they came from a non-Nexus page they won't be on HTTPS, plus it's bad practice to rely on $_SERVER['HTTPS'] and if you edit the ipsRegistry::$settings['base_url'] like that it'll cause issues if onLogin doesn't redirect them (all links will be HTTPS).


If you still have the ticket, please test that fix and pass to me if there's any issues.