Web Hosting Talk : Web Hosting Main Forums : Programming Discussion : PHP and SSL

[bvanderwerf]

Is there anyway to use relative addressing and specify that a page needs to be loaded via SSL?

Or do you always have to use absolute addressing (e.g. "https://www.foo.com/foo.php")?

--Bruce

[ChickenSteak]

Good question, i've been wondering the same .

[RackNine]

Use .htaccess on a directory, domain, or subdomain and set a rewrite condition forcing all http:// to https://

-Matt

[RackNine]

Or - if you desire - track the port the user's connecting to($_SERVER['SERVER_PORT']) and if 80 do a header('location: ...'); pointing to https.

-Matt

[ChickenSteak]

Hmm, are there any other ways?

[bvanderwerf]

RackNine,

Could you post an example please?

--Bruce

[ChickenSteak]

What he's saying is

PHP Code:

<?php
if($_SERVER['SERVER_PORT'] == "80")
{
header('location: [url]https://domain.com[/url]');
exit;
}
?>

Which is pretty much still a "force push" as you have to point it to either https://domain.com, or https://www.domain, instead of it pushing from the current location of the user ie user is at http://domain.com, script pushes him to https://www.domain.com ;o).

[bvanderwerf]

Thanks for the example, but I was really asking for an example of the .htaccess mrthod.

I understand the header(location: xxx) method, but I was asking about sending the user to https via a call to a page relative to the current page, without having to specify the complete URL.

--Bruce

[Ahmad]

There is no way to do that using HTML. You either use JavaScript or a server side solution (PHP, CGI, mod_rewrite, ASP, ..)

[getweb]

With PHP:

PHP Code:

if($_SERVER['SERVER_PORT'] != "443") {
    $newURL = "https://" . $_SERVER['SERVER_NAME'] . $_SERVER['SCRIPT_URL'];
    header("location: $newURL");
    exit;
}
?> 


With mod_rewrite... tested in .htaccess:

Code:

RewriteEngine On 
RewriteCond %{SERVER_PORT} !^443$ 
RewriteRule ^(.*)         https://%{SERVER_NAME}/$1 [R]