Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming https for only some views?
https for only some views?
  • El Forum
    Unregistered
  •  
#11
10-06-2008, 05:20 PM

[eluser]Unknown[/eluser]
[quote author="nevercraft" date="1220609256"]Although this thread is a few months old, I thought I'd share the way I accomplished this with just a simple helper function.

Code:
if ( ! function_exists('force_ssl'))
{
    function force_ssl()
    {
        $CI =& get_instance();
        $CI->config->config['base_url'] = str_replace('http://', 'https://', $CI->config->config['base_url']);
        if ($_SERVER['SERVER_PORT'] != 443)
        {
            redirect($CI->uri->uri_string());
        }
    }
}

Simply call force_ssl() from within any controller method (or the constructor). The user will be redirected to https:// if needed. Also, https:// will show up correctly on any of the other URL helpers used AFTER force_ssl() is called.[/quote]

Thanks, nevercraft - this worked perfectly. While the .htaccess solution is viable - it is not very dynamic
  • El Forum
    Unregistered
  •  
#12
01-19-2009, 01:25 PM

[eluser]GSV Sleeper Service[/eluser]
thanks nevercraft, force_ssl() is now a permanent addition to my helpers collection.
  • El Forum
    Unregistered
  •  
#13
03-22-2009, 02:03 PM

[eluser]Unknown[/eluser]
[quote author="nevercraft" date="1220609256"]Although this thread is a few months old, I thought I'd share the way I accomplished this with just a simple helper function.

Code:
if ( ! function_exists('force_ssl'))
{
    function force_ssl()
    {
        $CI =& get_instance();
        $CI->config->config['base_url'] = str_replace('http://', 'https://', $CI->config->config['base_url']);
        if ($_SERVER['SERVER_PORT'] != 443)
        {
            redirect($CI->uri->uri_string());
        }
    }
}

Simply call force_ssl() from within any controller method (or the constructor). The user will be redirected to https:// if needed. Also, https:// will show up correctly on any of the other URL helpers used AFTER force_ssl() is called.[/quote]

The function works perfectly although at the beginning I had some problems because I didn't have 'http://' in my base_url. Also I was using .htaccess to get rid of index.php from url's and this function was redirecting using index.php, all I had to do was to set $config['index_page'] from config.php so it was blank. Maybe it will help someone.
  • El Forum
    Unregistered
  •  
#14
08-26-2009, 11:27 AM

[eluser]k00k[/eluser]
[quote author="Mahtar" date="1237770232"][quote author="nevercraft" date="1220609256"]Although this thread is a few months old, I thought I'd share the way I accomplished this with just a simple helper function.

Code:
if ( ! function_exists('force_ssl'))
{
    function force_ssl()
    {
        $CI =& get_instance();
        $CI->config->config['base_url'] = str_replace('http://', 'https://', $CI->config->config['base_url']);
        if ($_SERVER['SERVER_PORT'] != 443)
        {
            redirect($CI->uri->uri_string());
        }
    }
}

Simply call force_ssl() from within any controller method (or the constructor). The user will be redirected to https:// if needed. Also, https:// will show up correctly on any of the other URL helpers used AFTER force_ssl() is called.[/quote]

The function works perfectly although at the beginning I had some problems because I didn't have 'http://' in my base_url. Also I was using .htaccess to get rid of index.php from url's and this function was redirecting using index.php, all I had to do was to set $config['index_page'] from config.php so it was blank. Maybe it will help someone.[/quote]


Thanks, that did help me as well.


Also, please note, you must be using the URL helper as well because force_ssl() calls the redirect() function. Either in your controller or in your autoload config file.

$this->load->helper('url');
  • El Forum
    Unregistered
  •  
#15
10-13-2009, 03:41 AM

[eluser]Andrew G.[/eluser]
For an alternate solution to this - using a customised Config class and hook - check out this thread:
http://ellislab.com/forums/viewthread/131918/
  • El Forum
    Unregistered
  •  
#16
03-31-2010, 08:59 AM

[eluser]Unknown[/eluser]
Hi All,
I'm trying to use the helper function below but I am getting a "The page isn't redirecting properly" error when navigating to a controller where force_ssl() is called. Any ideas why this might be?

[quote author="nevercraft" date="1220609256"]Although this thread is a few months old, I thought I'd share the way I accomplished this with just a simple helper function.

Code:
if ( ! function_exists('force_ssl'))
{
    function force_ssl()
    {
        $CI =& get_instance();
        $CI->config->config['base_url'] = str_replace('http://', 'https://', $CI->config->config['base_url']);
        if ($_SERVER['SERVER_PORT'] != 443)
        {
            redirect($CI->uri->uri_string());
        }
    }
}

Simply call force_ssl() from within any controller method (or the constructor). The user will be redirected to https:// if needed. Also, https:// will show up correctly on any of the other URL helpers used AFTER force_ssl() is called.[/quote]

This is the contents of my htaccess file - could there by a conflict in here?
Code:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /

#Removes access to the system folder by users.
#Additionally this will allow you to create a System.php controller,
#previously this would not have been possible.
#ÔsystemÕ can be replaced if you have renamed your system folder.
RewriteCond %{REQUEST_URI} ^system.*
RewriteRule ^(.*)$ /index.php/$1 [L]

#Checks to see if the user is attempting to access a valid file,
#such as an image or css document, if this isnÕt true it sends the
#request to index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
#This last condition enables access to the images and css folders, and the robots.txt file
#Submitted by Michael Radlmaier (mradlmaier)
RewriteCond $1 !^(index\.php|images|robots\.txt|css)
RewriteRule ^(.*)$ index.php/$1 [L]
</IfModule>

<IfModule !mod_rewrite.c>
# If we donÕt have mod_rewrite installed, all 404Õs
# can be sent to index.php, and everything works as normal.
# Submitted by: ElliotHaughin

ErrorDocument 404 /index.php
</IfModule>
  • El Forum
    Unregistered
  •  
#17
06-03-2010, 12:48 PM

[eluser]ali oygur[/eluser]
hi everybody

I m little speak english.

im use this way

Code:
&lt;?php $base_url = (@$_SERVER['HTTPS'])? preg_replace('/http:/', 'https:', base_url()) : base_url(); ?&gt;

example:

this is my header view file
location: ./aplication/view/inc/header.php
Code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
&lt;html &gt;
&lt;head&gt;
    &lt;title&gt;&lt;?= $title; ?&gt;&lt;/title&gt;
    
    &lt;meta http-equiv="Content-Type" content="text/html; charset=utf-8" /&gt;
    
    &lt;meta name="author" content="&lt;?= $this-&gt;config->item('author_name').' '.$this->config->item('author_email'); ?&gt;" />
    
    &lt;meta name="audience" content="all" /&gt;
    &lt;meta name="Robots" content="all" /&gt;
    &lt;meta name="googlebot" content="all" /&gt;
    &lt;?php $base_url = (@$_SERVER['HTTPS'])? preg_replace('/http:/', 'https:', base_url()) : base_url(); ?&gt;
    
    &lt;base href="&lt;?= $base_url ?&gt;" /&gt;
        
    &lt;!-- Css --&gt;
    &lt;link rel="stylesheet" type="text/css" href="inc/css/style.css" media="screen" /&gt;
    &lt;!-- //Css --&gt;
    
    &lt;!-- Javascripts --&gt;
    [removed]
        var base_url = '&lt;?= base_url() ?&gt;';
        var site_url = '&lt;?= site_url() ?&gt;';
    [removed]
    [removed][removed]
    [removed][removed]
    [removed][removed]
    &lt;!-- //Javascripts --&gt;
        ........................ other lines

how do you think ?
  • El Forum
    Unregistered
  •  
#18
09-16-2010, 03:24 PM

[eluser]C4iO [PyroDEV][/eluser]
Hi there.... I just want to share a quick update to nevercraft's solution.

In force_ssl_helper.php, I've added a function to remove SSL if it isn't needed, as follows:

Code:
if ( ! function_exists('force_ssl'))
{
    function force_ssl()
    {
        $CI =& get_instance();
        $CI->config->config['base_url'] = str_replace('http://', 'https://', $CI->config->config['base_url']);
        if ($_SERVER['SERVER_PORT'] != 443)
        {
            redirect($CI->uri->uri_string());
        }
    }
}

if ( ! function_exists('remove_ssl'))
{
    function remove_ssl()
    {
        $CI =& get_instance();
        $CI->config->config['base_url'] = str_replace('https://', 'http://', $CI->config->config['base_url']);
        if ($_SERVER['SERVER_PORT'] != 80)
        {
            redirect($CI->uri->uri_string());
        }
    }
}

but where does the page knows to use or not SSL? Simply enough.

Just add the following code to the very top of your page:

Code:
&lt;?php
    $this->load->helper('force_ssl');
    if (in_array($this->uri->segment(1), $this->config->item('ssl_pages'))){
        force_ssl();
    } else {
        remove_ssl();
    }
?&gt;

than you just have to create an item in the config file called 'ssl_pages' that is a single dimension array with the controller names that you which to force SSL to.


EXAMPLE:

If I have a header file which is called on every view page and a controller named My_secure_checkout, than I'll have to do this:


1. Create a helper file named force_ssl_helper.php in my application/helpers folder and paste the code I've mentioned earlier on this post.

2. On header.php file or whatever you name it, paste the following code to the very top:
Code:
&lt;?php
    $this->load->helper('force_ssl');
    if (in_array($this->uri->segment(1), $this->config->item('ssl_pages'))){
        force_ssl();
    } else {
        remove_ssl();
    }
?&gt;

3. On config.php, add the following line to the very end:
Code:
$config['ssl_pages'] = array('my_secure_checkout');

and.... Voilá! Now I have My_secure_checkout controller using SSL, leaving others untouched.

I know this is not the best solution, but it works fine for me. I hope it can help somebody.




HAPPY CODING....
  • El Forum
    Unregistered
  •  
#19
11-16-2010, 12:45 AM

[eluser]Unknown[/eluser]
force_ssl_helper.php may not be useful when you send an HTTP request with POST method to execute an action(function), which is required SSL.

When redirect() is executed, it sends an GET HTTP request via https to execute the same action, but the data of POST is lost.

There is an example:

Code:
class Welcome extends Controller {

    // use to authenticate a user by email and password
    function authenticate() {
       force_ssl();    // this action requires SSL

       $email = $this->input->post('email');
       $password = $this->input->post('password');
       .....

When the login form is submitted, browser sends a request using POST method to http://192.168.1.1/index.php/welcome/authenticate, and it is redirected to https://192.168.1.1/index.php/welcome/authenticate at once, because this action requires SSL. Unfortunately, I can not retrieve email and password any more.
  • El Forum
    Unregistered
  •  
#20
02-03-2011, 08:44 AM

[eluser]manisha[/eluser]
I have tried all the suggestions in this thread for Htaccess to remove index.php from Code Igniter URL.
This rewrite rules removes index.php from URL but does not display under Secure URL.
for example:
http://www.mysite.com/CodeIg/MyController -- Works perfect

https://www.mysite.com/CodeIg/index.php/MyController -- Works perfect

But

https://www.mysite.com/CodeIg/MyController -- Does not Work at all. It gives page not found server error.

Then I tried adding the htaccess rules in Virtual host file...
Now the Screen get displayed but without any css, js and Images included in the page.

All these folder like css, images and JS are in application directory.

Does anyone know why this problem is coming?

REply to post would be appreciated a lot....


Thanks




Theme © iAndrew 2016 - Forum software by © MyBB