PHP with SSL but non secure

[itsource]

I use SSL with my webiste.

but all page in my webiste use
include "interface.inc.php";

This include file contain logo, menu and all function
which when use SSL in has pop up like this

This page contain both secure and non secure item
Do you want to display the nonsecure item?

If I click no, it still use SSL
if I click yes,it don't use SSL


It has popup because I use include file,
I can't copy include file and paste because it more that 1000 line, I don't want it show popup and still use SSL. How should I do?

[seanf]

Have an exact copy of your include file, but that calls the image from the secure directory rather than the normal directory

Sean

[itsource]

I have many php file (about 100) and each file include about 3-4 file, Is other way to do?

My web directory is /var/www/htdosc
My include directory is /var/www/php-include


and I don't under stand this quote
but that calls the image from the secure directory rather than the normal directory
why calls image?

I try to copy include dir into /var/www/htdocs/php-include and include from this dir. but it still same problem

[seanf]

The problem is that after the script has been parsed by the server the HTML tells the browser to load an image (I think) from a non-secure directory and that is why you get the error

Sean

[itsource]

but that calls the image from the secure directory rather than the normal directory

I call image in /var/www/htdocs/image

How do I know that which directory secure or normal?


If I don't include file, so username and password that connect to mysql is place with in php file that is non secure when php has problem and generate plain text?

But If I place out side web directory, SSL has some problem?

Is any way to optimize both two method?

[seanf]

Do all of your scripts have to be in one directory so that they can be called through https://?

Sean

[itsource]

I have many directory

/staff/
/articles/
/projects/
/news/
/download/
and more .....

[seanf]

Yes, but is there just one for secure stuff to be accessed through https://?

Sean

[itsource]

I links https:// in many directory, Should I keep them in 1 directory? and Should I keep image in this direcory? Is it can solve problem?

[itsource]

Can you test with my website?

http://161.246.5.02/staff/isagstaff.php or
https://161.246.5.02/staff/isagstaff.php


and click login

I try to place all image in this page in

http://161.246.5.02/staff/image/

but it still problem

Thanks.

[itsource]

I already know problem. Thanks rod k from devshed. I include small picture at the end of my website. This picture is from another website use to check statistic in my website.

also thanks seanf too

[jbh]

for those not aware, I know from experience, any https: page will cause an alert if any image is pointing with http: at first

the trick for future use is to have images using their filename or path, not with http:

this way you never get that error again.

So < img src="image.gif" > (without space) will leave no error, but http://www.domain.com/image.gif will
as it is considered 'non secure'

always remember this