Is it possible to configure my local setup (running Wampserver) so that my PHP application thinks HTTPS is enabled locally? The application requires HTTPS (by checking $_SERVER['HTTPS']) before doing stuff, but I don't want to go through the hassle of a full HTTPS setup locally. Thanks.
Edit: I should mention this isn't an application I wrote, just one I am tasked with maintaining. This check is performed in many places (50-100) around the server.
You can mock up this variable in your init file by adding:
$_SERVER['HTTPS'] = true;
Shouldn't be too hard. Even though it is a superglobal, you can still redefine it like any other variable. Do this at the top of your code, and when it gets to the check, it should still recognize it as true.
$_SERVER['HTTPS'] = true;
Move the check into an object
class Request
{
function isHttps()
{
// check for local site here,
// or better still, use a DevRequest class or a Mock to pass
// your local requirements
}
}
and then use
if($request->isHttps()) {...}
Related
Should we check $_SERVER['REMOTE_SERVER'] or what?
This will do the trick:
if($_SERVER['REMOTE_ADDR'] === '127.0.0.1') {
// do something
}
Be careful you don't rely on X_FORWARDED_FOR as this header can be easily (and accidentally) spoofed.
The correct way to do this would be to set an environmental variable in your server configuration and then check that. This will also allow you to toggle states between a local environment, staging and production.
This code will help you.
<?php
if($_SERVER['SERVER_NAME'] == 'localhost')
{
echo 'localhost';
}
?>
Check
$_SERVER['REMOTE_ADDR']=='127.0.0.1'
This will only be true if running locally. Be aware that this means local to the server as well. So if you have any scripts running on the server which make requests to your PHP pages, they will satisfy this condition too.
refered from :
How to check if the php script is running on a local server?
Well. I read some topics in SO but I not found a very specific answer.
I need to check with PHP if a PHP code is running in local or remote host. Currently I check with $_SERVER['SERVER_NAME'] but it is inconsistent. In this case, if I run PHP with listed IPs like 127.0.0.1 or localhost it'll consider local, otherwise remote. If I share my IP with a friend, my code still local, but it consider remote because the shared IP isn't listed.
Well, I think that check IP for localhost is not a good idea (except if you know a good method). I tried methods like gethostbyaddr() and gethostbyname() but don't work correctly too.
I don't have a PHP code to show, but my code is basically that:
// true = localhost
return $_SERVER['SERVER_NAME'] === '127.0.0.1';
The fundamental question is: what can determine that PHP is running local? What is "local" for PHP? I think that it can solve the problem.
Obs.: I don't have access to CMD/Shell with PHP.
You could do what most PHP frameworks do and set a flag during your app's bootstrap phase that defines which environment the code is running in. In it's simplest form:
// the setting when run on a dev machine
define('ENV', 'local');
Then it's a simple case of:
if ( ENV == 'local' )
{
// do stuff
}
This is how I do it, which I find more reliable than trying to detect for 127.0.0.1:
if( strpos(gethostname(), '.local') !== false ) { }
Basically, the hostname's on my workstations all have .local appended to it. You can change this to match your workstation's hostname entirely.
Check $_SERVER['REMOTE_ADDR']=='127.0.0.1'. This will only be true if running locally. Be aware that this means local to the server as well. So if you have any scripts running on the server which make requests to your PHP pages, they will satisfy this condition too.
If someone is visiting your site via the web, the IP address you see will never be 127.0.0.1 (or ::1 for IPV6), regardless of the usage of a proxy. (Unless of course you're running the proxy yourself on the same server ;)
As far as I know, only you will be able to know what addresses are local or not. Your network could be set up with IP addresses that don't look local at all. PHP cannot as far as I know determine this by itself.
I have site which has installed ssl certificate but it can be accessed also without it.
Till now i have used: on my pages but now i need to have some option to show different file if site has been accessed using https. Example:
If using http: to show if using https: to show instead.
Is this possible?
Thank you for any reply.
Gent.
You can check for https with
if (isset($_SERVER["HTTPS"]) AND $_SERVER["HTTPS"] == "on") {
include("file1.php");
}
else {
include("file2.php");
}
You can check if $_SERVER['HTTPS'] is non-empty:
if(!empty($_SERVER['HTTPS']))
include 'https.php';
else
include 'http.php';
If you're accessing via HTTPS, $_SERVER['HTTPS'] should be set (although this depends on server config).
You can also check which port is being used:
if($_SERVER['SERVER_PORT']==443){
}
Neither of these works in every possible config (for example behind load balancers) but they should work in straightforward setups.
Is it possible to check if the website (php) is running locally or on a hosted server?
I want to enable some logs if the website is running locally and I don't want these to appear on the site online..
I can set a variable $local=1; but I'll have to change that before uploading.. is there anyway to automate this task?
Local Server : WampServer 2.0 / Apache
WebServer: Apache
Check $_SERVER['REMOTE_ADDR']=='127.0.0.1'. This will only be true if running locally. Be aware that this means local to the server as well. So if you have any scripts running on the server which make requests to your PHP pages, they will satisfy this condition too.
I believe the best approach is to 'fake' a testing mode, which can be done by creating a file in your local environment.
When I used this approach I created an empty text file called testing.txt and then used the following code:
if (file_exists('testing.txt')) {
// then we are local or on a test environment
} else {
// we are in production!
}
This approach is 100% compatible with any Operating System and you can use several test files in case you want a more granular approach (e.g. development.txt, testing.txt, staging.txt, or production.txt) in order to customise your deployment process.
You should automate deployment
This is not directly the answer to your question, but in my opinion the better way. In an automated deployment process, setting a variable like $local = true, like other configuration values (for example your db-connection), would be no manual, error prone, task.
Checking for 'localness' is in my opinion the wrong way: you dont want to show your logs to every local visitor (a Proxy may be one), but only when deployed in a testing environment.
A popular tool for automated deployment is Capistrano, there should be PHP-Centric tools too.
Just in case this is useful to anybody, I made this function as the above answers didn't really do what I was looking for:
function is_local() {
if($_SERVER['HTTP_HOST'] == 'localhost'
|| substr($_SERVER['HTTP_HOST'],0,3) == '10.'
|| substr($_SERVER['HTTP_HOST'],0,7) == '192.168') return true;
return false;
}
$whitelist = array(
'127.0.0.1',
'::1'
);
if(!in_array($_SERVER['REMOTE_ADDR'], $whitelist)){
// not valid
}
I have build this function that checks if current server name has name server records, normally local server don't has.
<?php
function isLocal ()
{
return !checkdnsrr($_SERVER['SERVER_NAME'], 'NS');
}
?>
Your remote server is unlikely to have a C drive! So I run with this:
//Local detection
$root = $_SERVER["DOCUMENT_ROOT"];
$parts = explode("/",$root);
$base = $parts[0];
$local = false;
if ($base == "C:") {
$local = true; //Change later for if local
}
I've got scripts that call different URLs depending on if they're processed by my online site (release), or my offline localhost (development). I'd like to find a quick way to find which is which.
I can come up with a few clunky ways to do this, but is there a definitive, fast, elegant method? Something like if(is_offline()) { ... }
A variable called $_SERVER["COMPUTERNAME"] is available on IIS servers, you can use it to determine if the script is running on your development server or production server (MYMACHINE vs. WWW37).
You can also use $_SERVER["HTTP_HOST"] variable (localhost vs. www.domain.com).
You can also create an empty text file on your development server (careful not to upload it) and use is_file() to check if its presence (is_file(".foo") == true vs. false).
You can check for PHP_OS if the operating systems on the two servers are different (WINNT vs. Linux).
You can check for the presence of certain path inside the __FILE__ constant (C:/inetpub/wwwroot/website/ vs. /home/www37/).
A variant of 3: #include("override_server_with_local_config.php");
You can look at $_SERVER['HTTP_HOST'] to see what hostname the script is running under.
You can look at $_SERVER['REMOTE_ADDR'] to see if the user requesting the page's IP is 127.0.0.1.
You can ping something on your local network to see if you're connected to it.
You can define a constant at the start of your code which you set to 'release' or 'development' on the appropriate machine.
The best way is to set a configuration variable somewhere that indicates production or development.
You could do it by hostname (localhost vs www.foobar.com), but this is a wonky solution. You may access your app using different host names for testing as well. Therefore, explicit is better than implicit.
a couple of checkings could make it possible
define('IS_LOCAL', !(
in_array($_SERVER['HTTP_HOST'], array('localhost','127.0.0.1')) === false &&
$_SERVER['REMOTE_ADDR'] !== '127.0.0.1' &&
$_SERVER['REMOTE_ADDR'] !== '::1'
));
One function can Help get_headers('URL').
get_headers
Tt fetches all the headers sent by the server. Check returned array to check status of URL. First element of returned array contains URL status.