I have a PHP script which receives user and pass as a URL parameter and stores this in a database.
In order to use this script I have to access
http://ipadress/script.php?user=testuser&pass=1234
that's the IP address of a Linux machine.
What changes should I make in order to be able to change from http to https? I have to use SLL certificates or is there a solution which allow me to do this from my PHP script?
Can you offer me some hints, please ?
I hope this helps!
$redirect= false;
if (!isset($_SERVER['HTTPS'])) {
$redirect= true;
} else {
if ($_SERVER['HTTPS'] != "on")
$redirect= true;
}
if ($redirect) {
$url = "https://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
header("HTTP/1.1 301 Moved Permanently");
header("Location: ".$url);
exit();
}
Related
i want to redirect HTTPS to HTTP for spesific url like :
http://www.example.com/abc.php
this script working well redirected to HTTPS for all pages, but i don't know how to redirect HTTP for specific url
if ($_SERVER['HTTPS'] == "on" && $settings['ssl_host'] == "yes") {
$porthttps = "https://" . $_SERVER['SERVER_NAME'];
header("Location: " . $porthttps);
exit();
}
Thank you.
I have this PHP code to force HTTPS (I am aware I could also use .htaccess).
if (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] !== 'on') {
if(!headers_sent()) {
header("Status: 301 Moved Permanently");
header(sprintf(
'Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']
));
exit();
}
}
This changes this URL
http://website/foo/
To
https://website/index.php
But changes this URL
http://website/foo/bar?this=that
To
https://website/foo/bar?this=that
Why is this happening, and how can I get only change to HTTPS without losing the URL
I was trying to use this code:
if($_SERVER['HTTP_PORT'] !== 443 && !isset($_SERVER['HTTPS'])) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit;
}
to make my login page and register page contain https to use the ssl to make sure that everything is secure, but when I run the page an error message shows up Undefined index error using $_SERVER['HTTPS']
so I decided to use another one:
if ( isset( $_SERVER["HTTPS"] ) && strtolower( $_SERVER["HTTPS"] ) == "on" ) {
$pageURL .= "s";
}
but it didn't work. The https didn't show up and http is only there...
any idea how to do that with php...
Thanks
The solution is:
if($_SERVER["HTTPS"] != "on")
{
header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]);
exit();
}
From the manual:
$_SERVER['HTTPS']
Set to a non-empty value if the script was queried through the HTTPS protocol.
Therefore, you should be using the following condition to check for an HTTPS connection:
if(!empty($_SERVER['HTTPS']))
{
// https://...
}
You'd better use $_SERVER['SERVER_PORT'].
HTTP_PORT doesnt always return the portnumber.
Very simple issue we cannot resolve. The following code does not redirect properly:
$location = str_replace("http","https",$this->page->current_url);
header( "Location: ".$location );
I get a 400 Error: "Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.Instead use the HTTPS scheme to access this URL, please."
How can I redirect in PHP from a page served over HTTPS to a page served over HTTP for scenarios such as secure login and then redirect to nonsecure app page?
try this, for me works fine
<?php
if ( $_SERVER['HTTPS'] )
{
$host = $_SERVER['HTTP_HOST'];
$request_uri = $_SERVER['REQUEST_URI'];
$good_url = "http://" . $host . $request_uri;
header( "HTTP/1.1 301 Moved Permanently" );
header( "Location: $good_url" );
exit;
}
?>
This will work for http to https and https to http (use some tweaks to check)
First check whether the https is ON on your hosting if yes than redirect the URL to https using below mentioned function in PHP
function httpToHttps()
{
$pageURL = 'http';
if ($_SERVER["HTTPS"] == "on") {$pageURL .= "s";}
$pageURL .= "://";
if ($_SERVER["SERVER_PORT"] != "80")
{
$pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
}
else
{
$pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_UR
I"];
}
return $pageURL;
}
if( isset($_SERVER['HTTPS'] ) ) {
header( "Location:foo.php");
Not sure if this can cause such a problem, but you should add an exit after calling the header function. This makes sure that the following code will not be executed and the HTTPS request itself returns no data. The header function should be called before anything is returned.
$target = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header('Location: '.$target, true, 303);
exit;
Duh - I have no clue why I did not look at $location. It contained http//localhost:443/[...] which is invalid. I simply remove the :443 and it works fine.
I have a website in Zend framework. Here I want to identify whether the current URL contains HTTPS or HTTP? I have used the following code
if($_SERVER['HTTPS']==on){ echo "something";}else{ echo "something other";}
But the result is not correct. Is there is any other way to identify this?
Also I have one more question.
How to get complete current url (including HTTP/HTTPS) using php?
Please help me
Thanks in advance
if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on") {
echo "something";
} else {
echo "something other";
}
notice the on should be a string .
You could use methods that are already defined in Zend Framework instead of explicitly using $_SERVER superglobals.
To determine if the connection is HTTP or HTTPS (this code should go into your controller):
if ( $this->getRequest()->isSecure() ) { echo 'https'; } else { echo 'http'; }
To get complete current url:
$this->getRequest()->getScheme() . '://' . $this->getRequest()->getHttpHost() . $this->getRequest()->getRequestUri();
The better way to check is
if (isset($_SERVER['HTTPS']) && $_SEREVER['HTTPS'] != 'off')
{
//connection is secure do something
}
else
{
//http is used
}
As stated in manual
Set to a non-empty value if the script
was queried through the HTTPS
protocol.
Note: Note that when using ISAPI with IIS, the value will be off if the
request was not made through the HTTPS
protocol.
you need to fix check it should be
if ($_SERVER['HTTPS'] == 'on')
or try following function
if(detect_ssl()){ echo "something";}else{ echo "something other";}
function detect_ssl() {
return ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1 || $_SERVER['SERVER_PORT'] == 443)
}
This will both check if you're using https or http and output the current url.
$https = ((!empty($_SERVER['HTTPS'])) && ($_SERVER['HTTPS'] != 'off')) ? true : false;
if($https) {
$url = "https://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
} else {
$url = "http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
}