I have two domain for my site. The main site is example.net, and I have example.com.
If someone type example.com (or www.example.com, http://example.com or whatever) then I redirect them to example.net (my provider set domain redirecting).
So, is it possible, to take into a php variable if someone come from .com or directly type .net?
Thank you
If the host is doing the redirecting and you don't have control over it, then it might be worth looking at $_SERVER['HTTP_REFERER'] depending on how they are doing the redirect. Note that this is header not guaranteed to be there and can be spoofed by the client.
why don't use just redirect them to .net?from=com ?
Related
I have bought a domain and I want to redirect it to a directory on another subdomain.
Exemple:
A user type www.firstweb.com in the URL bar and he has to be redirected to www.secondweb.com/directory/ but the URL shown has to be www.firstweb.com without iframe.
Other exemple:
www.firstweb.com/contact/ shows the content of www.secondweb.com/directory/contact.php but the URL shown has to be www.firstweb.com/contact/ even after the redirect.
Both domain and servers are hosted by the same company (OVH).
I don't know if it is understandable but I dont know how to figure it out.
Thanks a lot for your help.
J.ROX
You can do this by installing NGINX (http://nginx.org/) on the webserver. Then you can check from which base URL the user is coming from, and return the appropriate content. This is also possible with an Apache server using Virtual Domain Names.
Or you can setup your DNS correctly, this can be done by your domain provider.
I'm looking for a way to get a page address exactly how it is displayed in the address bar of the browser.
My site is basically a PHP script and my goal is to determine if the users use http://mysite.com or http://www.mysite.com or just mysite.com or www.mysite.com to access the site. I hope to use this information to redirect the link so it would be in a single format. This is required for some third party tools I'm using.
so what I'm askin is if it's possible to get the url of a site, in PHP exactly how the browser is requesting it.
You can tell the difference between www.mysite.com and mysite.com by looking at $_SERVER['HTTP_HOST'], however the browser will always automatically add http:// to a URL (and some browsers hide it from the users as unnecessary information) so there's no way to know what they actually typed in.
The first two lines of an HTTP request look like:
GET /index.php
Host: www.mysite.com
The first line specifies the local resource (usually a file in your web directory), and the second specifies what hostname the user entered to find your site (this is especially useful for servers running multiple virtual web hosts). PHP allows you to extract both of these:
$_SERVER['HTTP_HOST']
$_SERVER['PHP_SELF']
Technically, $_SERVER['PHP_SELF'] specifies the filepath of the current PHP script relative to the root directory of this web host, but that should, in practice, be the same as the resource listed on the first line of the HTTP request.
As the other responses have mentioned, there's no way to tell whether the user typed http:// or not.
You cannot determine whether or not the user typed http:// or left it off directly from PHP. PHP will only be able to tell the final domain name ($_SERVER['HTTP_HOST']). The other functionality is handled in the browser.
I have some PHP pages that I need to force SSL for. I don't want to do it with mod_rewrite or anything like that, I want to keep all the logic in PHP. Right now I have code that looks like this:
if($_SERVER["HTTPS"] != "on") {
header("HTTP/1.1 301 Moved Permanently");
header("Location: https://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]);
exit();
}
This does not work however because the server name is generic as I am hosting multiple sites with different domain names. So the SERVER_NAME is "www". The above code will redirect to https://www/index.php which is not valid.
I have tried print_r($_SERVER) to see the variables available to me but none of them give me the full URI request (http://example.com/index.php), and the next closest option I can see instead of SERVER_NAME is SERVER_ADDR which will also not help me, because going to https://127.0.0.1/index.php will go to the default apache site and not to the definition for "example.com" (not to mention that my SSL cert would no longer be valid).
Any suggestions?
If you can't get the host name from any $_SERVER variable, and you don't want to explicitly set it in a config or anything, the only other option I can think of (besides doing it using mod_rewrite, which you stated you don't want to do for whatever reason) is to serve the user a blank page that says, "Please wait while we redirect you to the secure site..." and then handle the redirect using JavaScript to parse the current URL and redirect to the HTTPS version.
In the end I had the guy who manages the Apache proxy server to add ProxyPreserveHost On to apache2.conf and this enabled forwarding of HTTP_HOST (and SERVER_NAME) properly to the backend Apache server.
Thank you everyone for your suggestions, I'm sorry the problem ended up being something stupid that wasn't even in the scope of my question. If the Apache server I was working on did not have a proxy in front of it, most of your suggestions would have proven completely accurate.
I suspect you want to use the $_SERVER['HTTP_HOST'] setting in place of SERVER_NAME.
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
If your site URL isn't in $_SERVER I'd guess that you'd have to register it somewhere as a global variable. Each site would then have to register it's own $SITE_URL variable or some such so that you could fill it in with that.
In my humble opinion you should avoid doing theses absolute url stuff in your application.
The right place to do it si behind your application, for several reasons:
your application could be used in the
same time, via the same apache
server, with different names
your application could be used behind
some proxy, rewriting the base
url. (But you can try to detect
it)
See for a more detailled explanation this link http://www.makina-corpus.org/blog/relativeabsolute-url-and-proxies
So absolute url is bad, should avoid... I would build instead a nice url managment, where the rules would be simple (all /admin or /conn url needs to be on SSL) and let the proxys/web servers/load balancers handle it nicely. But if you really want to make this redirection in your application the used ways are:
using a configuration file where the
https absolute url and the http
abolute url is defined and unique (fine if your site name is unique and your application not done for large usage)
detect absolute url from proxy string
in HTTP_X_FORWARDED_HOST and/or
HTTP_HOST (better)
But most admins will say that absolutes url are bad :-)
I am currently running two websites. I am able to add my domains and set the root folder to / instead of /domain1.com and /domain2.com. That way both websites go to the same folder, however they both maintain their domain names (no redirects). My code determines whether the user is from domain1.com or domain2.com and displays the appropriate content using PHP.
Now, I have switched to another web hoster. The problem is that they don't allow you to specify where the root folder is: so it has to be /domain1.com and /domain2.com. They also don't seem to allow access to httpd.conf to edit VirtualHosts.
I have tried using .htaccess to do a redirect, but the problem is that when I go to domain2.com, it redirects straight to domain1.com, and it doesn't keep its host name of domain2.com.
I have also tried setting up symlinks, but it seems to be doing the exact same thing.
Is there any way to solve this?
Can you do a rewrite rule similar to the following (don't trust my syntax)?
# if domain2.com, send all requests to domain1.com
RewriteEngine on
RewriteRule ^(.*)$ ../domain1.com/index.php/$1
So if someone does go to domain2.com, all requests are passed through the index.php file on domain1.com for processing (I presume you're doing something similar already).
You should be able to set up symbolic links using ssh that don't redirect to the other domain. I have several .co.uk domains that use the same data as the .com that don't redirect. What host is it? You should be able to do this, maybe email them asking why it redirects.
Sure it's not in the htaccess file to redirect the domain2.com to domain1.com?
Why is it that if I create a cookie on www.example.com and check it on example.com, the cookie doesn't exist there? I am planning to just use .htaccess redirect non-www to a www domain. But how do I solve this?
Browsers are the main culprit here, not PHP. They store by domain, and don't know that www is a special case; from their perspective, www.mydomain.com and mydomain.com are different strings, and therefore have different security policies. However, there is something you can do.
When setting the cookie, use .mydomain.com (with the leading dot). This will tell your user's browser make the cookie accessible to mydomain.com and all subdomains, including www. PHP's setcookie has the argument $domain, but it's fifth on the list, so you may need to set $expire and $path to their default values in order to get at it.
setcookie('name', 'value', time()+3600, '/', '.mydomain.com');
For consistency, however, you may wish to consider rerouting all web traffic to a specific domain, i.e. send mydomain.com traffic to www.mydomain.com, or vice-versa. My vague knowledge of SEO (edit if incorrect) tells me that it's helpful so as not to have duplicate content, and it saves you all such authentication issues. Additionally, if you store assets on a subdomain, having cookies on there slows down traffic by having to transport it each time, so storing application cookies only on www earns you that speed boost.
Here is a tutorial on how to accomplish such a redirect in Apache.
setcookie("CookieName", "value", time()+3600, "/", ".mydomain.com");
I believe you can set the cookie at example.com (really .example.com) and it will be sent if they go to www.example.com, but not vice versa. This standard security policy is to prevent users' private data from being sent to unintended servers.
Personally, I use virtualhosts in my apache2.conf:
<VirtualHost *:80>
ServerName example.com
RedirectMatch (.*) http://www.example.com$1
</VirtualHost>
... in this example, everyone trying to load e.g. http://example.com/index.html is redirected to http://www.example.com/index.html.
because php translates www.mydomain.com differently from mydomain.com. If the domains are not 100% identical the cookie wont match.
And I'm sure the browser also looks for 100% match of the domain name before allowing servers to overwrite them.
Just use .htaccess to redirect. It's the only SURE way to tackle this in all browsers.