Page 1 of 1

Ensuring SSL

Posted: Wed Nov 15, 2006 7:40 pm
by chas688
All,

My site is set up for SSL and I have links to go to the https://www.mysite.com/order.php portion. This does not prevent a user from accessing /order.php without being having SSL enabled. I've searched, but to no avail on this topic, but does anybody know if there is a way to ensure that the page gets viewed in SSL?

Thanks,

Chas688

Posted: Wed Nov 15, 2006 7:44 pm
by feyd
$_SERVER['HTTPS'] will tell you whether they are in secure mode or not. You can header() redirect from that information to secure mode if needed.

Would this work?

Posted: Wed Nov 15, 2006 7:49 pm
by chas688
how does this look?

Thanks -

Code: Select all

<?

session_start();

if (!isset($_SERVER['HTTPS'])
{
	header("Location: https://www.mysite.com/testsite/order2.php");
	exit;
}
?>

Posted: Wed Nov 15, 2006 7:50 pm
by feyd
Have you tried it?

Tried it

Posted: Wed Nov 15, 2006 7:54 pm
by chas688
Strange -

I was missing a ")" at the end of the conditional, but once I fixed that, it actually works somewhat. I get a secure symbol in the bottom of the browser, but it does not update the address bar with https://

Is that normal?

Thanks,
Chas

Posted: Wed Nov 15, 2006 8:00 pm
by feyd
I have not experienced such behavior.

Works fine

Posted: Wed Nov 15, 2006 8:09 pm
by chas688
I cleared my cache in the browser and it works just fine now.

Thanks for the nifty tip.

Chas