Enforce protocol

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
getawy
Forum Newbie
Posts: 3
Joined: Wed Apr 26, 2006 4:10 pm

Enforce protocol

Post by getawy »

feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


Hello.  I am currently using the following code to enforce https protocol:

Code: Select all

<?php
function enforce_protocol($p){
	if($p=="https"){
		if($_SERVER['HTTPS']==""){

header("Location:https://".$_SERVER['HTTP_HOST'].":443".$_SERVER["PHP_SELF"].(($_SERVER["QUERY_STRING"]=="")?"":("?".$_SERVER["QUERY_STRING"])));
			}
		}
		else if($p=="http"){
			if($_SERVER['HTTPS']=="on"){
			header("Location:http://".$_SERVER['HTTP_HOST'].$_SERVER["PHP_SELF"].(($_SERVER["QUERY_STRING"]=="")?"":("?".$_SERVER["QUERY_STRING"])));
		}
	}
}
enforce_protocol(https);
?>
Is there a way to use this code to enforce http on exit of the page?


feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Can you define "exit of the page?"
getawy
Forum Newbie
Posts: 3
Joined: Wed Apr 26, 2006 4:10 pm

Post by getawy »

When the enter the page, the page https is enforced. When they leave or navigate to another web page, the http is enforced.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

There are a few options:
  • All links on the secured page are full URL's
  • The pages pointed to "enforce" standard protocol.
getawy
Forum Newbie
Posts: 3
Joined: Wed Apr 26, 2006 4:10 pm

Post by getawy »

Yeah, I can do these, but I wasn't sure if there was a way to have the originating https page enforce the http when a user left the page.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

The only way to force it, reliably is with full URLs.
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Post by Christopher »

You would "enforce" it by having the links on the page be full URL starting with "http://www.mydomain.com/"
(#10850)
Post Reply