Just wondering,


This can be related to EVA as well with their orderform.php scripts that you host )optional).


How is everyone as a MyRXBiz affiliate handling those order.php scripts? Basically, as they give you the site, the order form accepting credit card information in not on a SSL (secure) site.


Are you using a shared certificate or do you purchase a new cert for each site?


During the enroll and when I received the template, I never was told that I needed to prepare for this. Now that I have the site online, I am scrambling to get a SSL cert installed on my server.


Do some of you use one cert for all myrxbiz sites? In otherwords, install the cert on www.myrxbizsite1.com (http://www.myrxbizsite1.com) and then all future sites you do, point the sites order forms to https://www.myrxbizsite1.com/order/newdomain2.com/order.phpor does everyone purchase a new SSL for each domain (can get costly.. and not worth it).


Thanks all.


Scott

Obviously, I am new. I couldn't figure out how to turn off the linking... even when I unchecked "Enable Forum Codes."


If someone wants to buy myrxbizsite1.com, you can get a reciprocal link! LOL


Scott

I am finding so many MyRXBiz sites out there that don't have a secure cert and accepting credit cards!!!!


That can't be good.


Not to mention the lost sales from people like me who actually look to see if it's a secured page before purchasing.


My host is charging me $75 a year + $2 a month for the IP. That is easily made up in a day of sales.


This serves as a heads up to all! It is required that you need a SSL cert if you want to accept credit cards online. Think about it from your customers stand point, any minimum wage worker for an ISP can SEE THE CARD INFO!!


Scott

Hey this is great. I'm having a conversation with myself smileys/smiley5.gif

I understand what you are saying. However, any one who knows about processing credit cards on line, or having a secured site, would know that they need to buy a ssl cert. You shouldn't assume that a company who gives you a free website, will also include with that a free ssl cert


smileys/smiley4.gif

go look at my site, www.suddenrx.com (http://www.suddenrx.com) I changed the "Table.php" file so the orderform in secure. If you want me to show you how let me know.

No, you're not, I have taken note of your discovery and appreciate the post. I am new as well.http://www.rxaffiliateforum.com/smileys/smiley2.gif





alakangyrl

@Spunky


I'm sorry, did I ever state I EXPECTED a cert from MyRXBiz? Ummm, no. I think your misunderstanding me. I simply feel that MyRXBiz should TELL US that this is needed so it isn't overlooked. It's a major issue.


@SuddenRX


I see you are using a shared cert. That's great. At least you are protecting your customers. Yes, actually, if you can assist me in manipulating the PHP script. I am having my cert installed as we speak so in 24 hours, I will desperately need this bit of info.


Post it here or PM me!

@scottdaman


If you go to www.sitesandbanners4u.com (http://www.sitesandbanners4u.com), which by the way is the template site for MyRxBiz, you will notice writen right there, that MyRxBiz does not secure its sites that it bulds for affiliates, and that you would need to contact your host to get that.





smileys/smiley4.gif

I'm not with myrxbiz so I don't know their systems but I host order forms of many websites. I purchased a generic domain (like eapps.com is there for EVA affiliates) anda SSL certificate for that domain. Now that domain is hosting order forms formultiple websites. My order links on all sites point to that domain which iswith SSL cert. Edited by: phalaris

Phalaris has a good idea and I've seen many use that method. I usually buy the cheap cert for $50 a yr from my hosting company.

@spunky,


You know, I totally missed that. Maybe they should include this statement in the email when they send you the template. A good suggestion.


@Affiliate


I agree. I guess my host is a little more expensive ($75) but that is what I am going to do. I just need to open those PHP scripts (table) and figure out how to point to the secure pages. I shouldn't be too hard.


I am just amazed at the amount of sites that don't secure this order page. I certainly hope some of the affiliates of MyRxBiz see this thread.

all secure here...

scottdaman,


The truth of it is that most customers shopping online don't even realize if a site is secure or not. We are lucky if they can find our "BUY" buttons and links.

You will be greatly surprised at how many more orders you get, immediately after securing your order form. I took a long time to do it and after seeing the results wish I had done it months ago. Ask yourself the question would you order from yourself? I answered no until I was secure!

RX69,


I'd have to agree.


You have to remember, the default settings on any browser will REMIND you that the information being submitted is over an unsecure page. Netscape even encourages you to CANCEL the submit if you are passing personal information such as a credit card.


And the certs are so cheap, as mentioned here, one day of sales pays for it for an entire YEAR. smileys/smiley1.gif


Scott

tru datsmileys/smiley4.gif

I'm a new affiliate using the MyRxBiz template site. Correct me if I am wrong, you are saying that my hosting company can supply the security nedded?

go look at my site, www.suddenrx.com (http://www.suddenrx.com) I changed the "Table.php" file so the orderform in secure. If you want me to show you how let me know.


What is a "table.php"? I do not have that file in any of my templates thoguh they are a few months old.

aewgolf, you just call your hosting company and tell them you want to secure your site. The cetificate will probably be around $70 and maybe a $25 set up fee. Also your monthly hosting might go up by a buck or two.


I can get hosting for $7.95 a month if any one is interested. Extreemly reliable, never had any problems or been down.

Certs are $25 from ev1servers.net and they work great.

aewgolf, you just call your hosting company and tell them you want to secure your site. The cetificate will probably be around $70 and maybe a $25 set up fee. Also your monthly hosting might go up by a buck or two.


I can get hosting for $7.95 a month if any one is interested. Extreemly reliable, never had any problems or been down.





Thanks Rx69! Do you feel that you get more orders with the ssl certificate?

@Redex


The template I received a few days ago has the following:
Yourdomain.com/order/table.php


Maybe this will help you find it. Perhaps it isn't there? smileys/smiley29.gif


@aewgolf


You almost have to assume the sales would be better. I personally teach all family and friends that ecommerce is fine and generally safe as long as you see the padlock (or Netscape key).


In this case, if any of them wanted to order from an unsecured MyRxBiz site, they would back out and look elsewhere. And forget email, they won't email you. They MAY call though.. but you have to hope that MyRxBiz converts the sale for your site.


My host required $75 + $2/mo extra for the seperate IP address required. But, I plan to use this secured server across all my MyRXBiz sites I do.


Example new secure server: https://www.mysite.com/orders/ (https://www.mysite.com/orders/)
I build a new domain mysite2.com and point the order links to:
https://www.mysite.com/orders/mysite2.com/


This way I can use different price schedules etc.


Hope this helps.

aewgolf, not just more sales since the certificate but seem to be selling more of a varity of medications. Almost the first day I had the certificate, I was selling meds that I had never sold before. Possibly a coincidence but I am not complaining

go look at my site, www.suddenrx.com (http://www.suddenrx.com) I changed the "Table.php" file so the orderform in secure. If you want me to show you how let me know.


Took look at the table.php file.


Is the only thing you had to change on line 13?
<td width=79><a href=order/order.php?itemNum=".$itemNum.">


If that is it, this is CAKE!


I assume you'd change it to the full path:
https://www.yourpharmsite.com/order/order.php


Let me know, ok?
(Copying this post to PM)

@Redex


The template I received a few days ago has the following:
Yourdomain.com/order/table.php


Maybe this will help you find it. Perhaps it isn't there? smileys/smiley29.gif


Thanks, I actually beta tested their PHP order form many months back and that is the last time I got a template from them. I am going to order a new one today andto getthe changes and improvements.

Redex,


Not sure, but you may want to wait? I was told in an AIM conversation that the PHP ordering system doesn't have a COD option YET.


Therefore, an update to this update is coming. I emailed MyRX and I haven't got a response. I do know that those on ASP do in fact have it (according to MyRxBizcom in IMs.


Just a little heads up.


Scott

Oops, btw, those following along, SuddenRX did confirm in PMs that this was the only change needed to point to a secure path.


Is the only thing you had to change on line 13?
<td width=79><a href=order/order.php?itemNum=".$itemNum.">Edited by: scottdaman

Yea, check it out

this is what it looks like when you get it:
<a href=order/order.php?itemNum=".$itemNum.">


this is what mine looks like
<a href=https://svr8.ehostpros.com/~suddXXXX/order/order.php?itemNum=".$itemNum.">

the https://svr8.ehostpros.com/~suddXXXX/is just the secure path on my server, yours all will be different. but it will work just the same, the customer will see the "Https" in the URL and the little lock in there browser.

Well, my host said 24 hours, so hopefully I'll have my cert to play with today!


In conclusion, I sure hope this thread has opened the eyes of affiliates pushing MyRXBiz without a secure cert to switch. Otherwise, I'll gladly take those sales! smileys/smiley2.gif


Everything you need to know as to how to accomplish this task is mentioned here. Just need to get off your a** and do it.


Scott

Off to order my cert now - thanks for all the advice

Well, my host said 24 hours, so hopefully I'll have my cert to play with today!


In conclusion, I sure hope this thread has opened the eyes of affiliates pushing MyRXBiz without a secure cert to switch. Otherwise, I'll gladly take those sales! smileys/smiley2.gif


Everything you need to know as to how to accomplish this task is mentioned here. Just need to get off your a** and do it.


Scott





I did the same with my Host, I hope that it will increase my % of sales on my MyRxBiz site. My close % is not great! Maybe the Cert. will help?

@aewgolf


Well, my site is brand new so I wont be able to report any differences. But if anyone adds a cert to their existing MyRXBiz sites and sees an increase in conversion, post about it here!

will do

Geez, that was easy as hell!


My host emailed me stating the SSL was installed.


Waited 1 hour for the DNS servers to update showing my new IP (an SSL requires a seperate IP address for the domain)


When my site resolved, I edited the table.php file to the https:// full path. Uploaded file.


Now my order links point to a 128 bit secured page!


So easy, anyone can do this. LOL


Scott

Last step: make sure people know they can order securely through your site. Place the cert logo and accompanying text throughout your site and especially at the top of the order form. This wil help gain their trust and also make them more aware.

Very good advice. Thanks.


I'll have to comb through the PHP scripts some more to figure out how to put the logo at the top of the order page.


Do you happen to know what PHP file it is? If not, I'm sure I'll figure it out.

Anywhere in the top are of thie table. The first order screen is at the end of order.php, starts about two thirds of the way through the file. Look for this text:


<?php echo $usrCompany; ?> Medical Questionnaire/Order Request


That appears at teh top of the order form

go look at my site, www.suddenrx.com (http://www.suddenrx.com) I changed the "Table.php" file so the orderform in secure. If you want me to show you how let me know.


The order form doesnt seem to work at all:


https://svr8.ehostpros.com/~suddenr8/order/order.php?itemNum=2173

It loads for me. But hey, that's why I'm not using a shared SSL.


Scott

It loads now for me too....

There is really nothing wrong with shared SSL unless you get alot of traffic. Of course, it should be YOU doing the sharing, not your WebHost. I bought a non-descript domain name and put the cert on that, then I nested the order pages for each of my sites a few folders deep with names like:


https://secure.mycheckoutsite.com/pharmacy/prescriptions/secure-order-form/mydomainname.com/order/order.php (https://secure.mycheckoutsite.com/pharmacy/prescriptions/secure-order-form/mydomainname.com/order/order.php)


When the customer is at the order form, they only see the last part of the url in the browser's address window, they see the site name they bought from and feel better knowing they weren't handed off to some other site. Kinda like this:


secure-order-form/mydomainname.com/order/order.php (https://secure.mycheckoutsite.com/pharmacy/prescriptions/secure-order-form/mydomainname.com/order/order.php)


Couldn't guarantee that it helps sales, but I think it does.


Then again, I could be wrong, I have been before. smileys/smiley14.gif

In long URLS, I show left to right with the ending part cut off in my browser.


Additionally, if I hover over a link with a long URL, the first part of the URL shows first and the ending part is cut off again.


Don't understand this theory.


Scott

I asked MyRxBiz for the table.php file but to date have not heard anything, has anyone received it and if so who did you contact? Thanks

It is in my /order directory...here it is in in it's entirety:


<?php


$searchStr = $_GET['cat'];
include("lib.php");
$prices = getPriceList();
$output = "<table width=325>";
foreach ($prices as $itemNum => $item) {
$itemName=$item["itemName"];
$itemPrice=$item["itemPrice"];

if ((strlen($searchStr) > 0) && (substr_count(strtolower($itemName), strtolower($searchStr)) > 0)) {
if (!ereg("\.[0-9]{2}", $itemPrice)) $itemPrice = $itemPrice.".00";
$output=$output."<tr><td class=desctext width=420>".$itemName."</td><td class=desctext width=100><b>$".$itemPrice."</b></td><td width=79><a href=order/order.php?itemNum=".$itemNum."><img src=images/buynow.gif border=0></a></td></tr>";
}
}
$output=$output."</table>";


print "function writeTable() { document.write('".$output."'); }";


?>

go look at my site, www.suddenrx.com (http://www.suddenrx.com) I changed the "Table.php" file so the orderform in secure. If you want me to show you how let me know.


What is a "table.php"? I do not have that file in any of my templates thoguh they are a few months old.





Redex- I don't have this file in my Order directory. I see from above that you orginally couldn't find it. Did you just not look in the right place or did you have MyRxBix send it to you. How come I am functioning ok without it, sounds like I haven't got the latest files.


Thanks

Will I be ok to just take to create the file from the message above and ftp it to the right folder with the necessary SSL change ?





THanks

Grrr, this forum! smileys/smiley7.gif


I spent 10 minutes just trying to login.. It would login then when I go to post, it says I need to login! smileys/smiley7.gif


Anyways, after much fighting,


Shark Attack, look at your html documents. On the med pages, it calls info from the /order section to pull prices.


My default template before I hacked it up to pieces was:
<script language="JavaScript" type="text/JavaScript" src="order/table.php?cat=Didrex"></script>
<script language="JavaScript">writeTable();</script>


You'll see there, for me, it is pulling from table.php. In your template, they may have called it the same and it may be functionally the same. You can verify that with the code Redex posted.


Maybe this will help you... I don't know how the old templates work, I'm obviously new to MyRxBiz....

P.S. Shark,


If it would help you to have me look at it for you, PM me. Going to watch the Rams game tonight but between commercials, I'm free.. smileys/smiley4.gif


If not, hopefully my post above will point you to the right place

I had a look at my didrex page and the code is as follows:


<td align="left"><a href="order/order.php?itemNum=47 "><img src=images/buynow.gif width="69" height="22" border="0"></a></td></tr><tr><td><img src="images/bullet.gif" width="11" height="11"></td><td height="22" class="desctext"> 2 Month Supply (60 pills) of Didrex 50mg Tablets</td>
<td><strong> $***.00 </strong></td>


Seems to be completely different, no mention of javascript !

I see that their template site http://www.sitesandbanners4u.com/now says :
<DIV align=center>MyRxBiz does not secure sites, if you would like to secure a site please contact your host about buying a security certificate.</DIV>

Yeah Shark, someone pointed that out to me as well when I started this thread. I overlooked it then FREAKED when I saw I was taking credit cards via an unsecure connection.


At least *I* don't want to be the one responsible for someone having their idetity stolen.


Who knows if a credit card can come down on a person who takes credit cards without SSL? ANy liability here?


That's why I freaked. Sure, sales will improve over SSL but what about liability when someone's identity is nabbed?


Something to think about. It's worth $75 a year to me to protect my customers and myself.

I had a look at my didrex page and the code is as follows:


&lt;td align="left"&gt;&lt;a href="order/order.php?itemNum=47 "&gt;&lt;img src=images/buynow.gif width="69" height="22" border="0"&gt;&lt;/a&gt;&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td&gt;&lt;img src="images/bullet.gif" width="11" height="11"&gt;&lt;/td&gt;&lt;td height="22" class="desctext"&gt; 2 Month Supply (60 pills) of Didrex 50mg Tablets&lt;/td&gt;
&lt;td&gt;&lt;strong&gt; $***.00 &lt;/strong&gt;&lt;/td&gt;





Just wondering, is this the code you see on your computer before you upload it or is this what you see when you view your site then view &gt; source?


If its from the website itself (view &gt;source), you may want to login via FTP and download a local copy of that html file and see what it says then. Wondering if there is some sort of script being called that is outputting this info.


However, I will say, this *is* pointing to the same path /order/table.php. You should be able to find that file when you FTP into the server. Download a local copy and check out the code.

Oops, sorry. It's pointing to order.php not table.php. Check out the code in that order.php file and see if it is similar.


Post the code here as well.


Or, MyRxBiz.com, where are you anyways?Edited by: scottdaman