Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    New Coder
    Join Date
    Oct 2008
    Posts
    16
    Thanks
    1
    Thanked 0 Times in 0 Posts

    PHP force HTTPS SSL

    I add the following code to the tops of certain pages in order to force HTTPS access:

    PHP Code:
    <?php
    if($_SERVER["HTTPS"] != "on") {
        
    $newurl "https://" $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"];
        
    header("Location: $newurl");
        exit();
        }
    ?>
    The issue I have is that it causes "PHP Notice: Undefined index: HTTPS..." entries in my error log.

    I've tried adding isset and !isset to the code, but it did not work since I don't know what the heck I'm doing.

    What is the proper code to use? I do not want to change the level of error reporting and I do not want to use @'s.

    Thanks!

  • #2
    Senior Coder kbluhm's Avatar
    Join Date
    Apr 2007
    Location
    Philadelphia, PA, USA
    Posts
    1,509
    Thanks
    3
    Thanked 258 Times in 254 Posts
    If you don't have the HTTPS key available in $_SERVER, you could try the SERVER_PORT key, or .htaccess:

    $_SERVER['SERVER_PORT']
    PHP Code:
    if ( 80 == $_SERVER['SERVER_PORT'] )
    {
        
    // redirect to https

    .htaccess
    Code:
    RewriteEngine On 
    RewriteCond %{SERVER_PORT} 80 
    RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
    Last edited by kbluhm; 01-16-2010 at 04:30 PM. Reason: typoed SERVER_PORT as SERVER_POST

  • #3
    New Coder
    Join Date
    Oct 2008
    Posts
    16
    Thanks
    1
    Thanked 0 Times in 0 Posts
    @kbluhm

    Thank you for your fast reply.

    The script I posted works fine. I just wanted to stop the PHP Notice entries in the error log.

    I did some more Googling and I'm currently using this:

    PHP Code:
    <?php
    if(empty($_SERVER["HTTPS"])) {
        
    $newurl "https://" $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"];
        
    header("Location: $newurl");
        exit();
    }
    ?>
    So far it seems to work the same and I do not get any PHP Notices in the error log.

    Does my code look OK or is there better syntax?

    I really did not want to use .htaccess.

    Thanks!


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •