                                        
                                   * * * * *
                                        
                      Lovely … I get to debug code in PHP
                                        
> I made a test order and when I clicked confirm order the next page said
> page cannot be displayed or error page, I am not sure. Please place a test
> order and let us know if it is working properly.
> 
> “Trouble ticket I recieved this afternoon.”
> 

And thus I started my descent into osCommerce [1], written in PHP [2] of
course.

It took long enough, but I was able to finally track the problem down to the
following bit of code:

> function tep_href_link(
> 	$page = '', 
> 	$parameters = '', 
> 	$connection = 'NONSSL', 
> 	$add_session_id = true, 
> 	$search_engine_safe = true
> ) 
> {
>   global $request_type, $session_started, $SID;
> 
>   if (!tep_not_null($page)) {
>     die( error message with embedded HTML code, of course );
>   }
> 
>   if ($connection == 'NONSSL') {
>     $link = HTTP_SERVER . DIR_WS_HTTP_CATALOG;
>   } elseif ($connection == 'SSL') {
>     if (ENABLE_SSL == true) {
>       $link = HTTPS_SERVER . DIR_WS_HTTPS_CATALOG;
>     } else {
>       $link = HTTP_SERVER . DIR_WS_HTTP_CATALOG;
>     }
>   } else {
>     die( yet another error message with embedded HTML code );
>   }
>   // rest of function deleted 
> }
> 
> “catalog/includes/functions/html_output.php”
> 

The checkout code is running under a secure server (secure.example.**net**)
while the actual site itself is under a different domain
(www.example.**com**) and for some reason, the code, in generating the link,
is getting things mixed up and the link is being generated incorrectly. It's
getting the secure server name (HTTPS_SERVER) but tacking on the location on
the non-secure site (DIR_WS_HTTP_CATALOG) and thus leading to the dreaded 404
Not Found [3] error.

I'm not really keen on trying to debug this any futher than I have to (the
osCommerce package comprises over 500 files), I basically changed the code to
look like:

> if ($connection == 'NONSSL') {
>   $link = HTTPS_SERVER . DIR_WS_HTTPS_CATALOG; // XXX - spc hack
> } elseif ($connection == 'SSL') {
> // rest snipped
> 

It works (even if it is a hack). Customer is happy. I'm happy (that I no
longer have to dig into this program).

Now back to the salt mines—the customer is now wondering why he isn't getting
his email … 

[1] http://www.oscommerce.org/
[2] http://www.php.net/
[3] http://www.plinko.net/404/

Email Sean Conner at sean@conman.org

.