I am a little confused. Before upgrading I always didn't switch the customer to my SSL until they selected what they wanted. On most carts that I use it doesn't go to the SSL until private information is entered. Do I need to start that sooner and make the cart.php page secure which is one step before I had in the past before any personal information is entered? Or Is it possible When I updated ecart that I updated the checkout pages on browngrotta.com and not on https://secure.browngrotta.com so I am directing my customers to the pages created from the old version of ecart?