Go Back   CodingForums.com > :: Server side development > PHP
Reload this Page Resolved How to switch HTTP to HTTPS without redirect

Before you post, read our: Rules & Posting Guidelines

Reply
 
Thread Tools Rate Thread
Enjoy an ad free experience by logging in. Not a member yet? Register.
Old 01-14-2012, 07:02 PM   PM User | #1
just.a.guy
New Coder

 
Join Date: Dec 2011
Posts: 12
Thanks: 6
Thanked 1 Time in 1 Post
just.a.guy is an unknown quantity at this point
How to switch HTTP to HTTPS without redirect
Hi,

New to PHP, and server side programming.

Does using header() to redirect input, actually cause
a round trip from server to client resending the same information
from the client but in an encrypted mode?

I understand that a "redirect" can be used to switch between
HTTP and HTTPS. Is there another way without an additional
the round trip?


-----------------------------------------------------------------

Let me describe what I want to do. It is very simple.

The client types in my URL: domain.com/index.php
or whatever the default page is (most likely in HTTP mode).

The INDEX.PHP returns the login page but the response
should be in HTTPS mode. (Is there a way without doing a redirect
to a secure directory/page. but to just send the response
and force the HTTPS to be the response mode?)

The login page at the client returns the userid and password
in a cookie (which should be encrypted).

The login response file on the server, handles the userid and
password. It returns a secure response if the userid-password
do not match - and continues the secure conversation.

If userid/password is valid, then it serves the first page of the application
(probably in HTTP mode). It would be nice if a session was started
as part of the HTTP response. I understand there are problems with
passing sessions between HTTPS and HTTP.

Is this possible?
-------------------------------------------------------------------

Thanks for your time and consideration.
Last edited by just.a.guy; 01-15-2012 at 04:30 PM..
just.a.guy is offline   Reply With Quote
Old 01-15-2012, 02:52 AM   PM User | #2
12k
New Coder

 
Join Date: Jan 2012
Posts: 29
Thanks: 0
Thanked 6 Times in 6 Posts
12k is an unknown quantity at this point
Unfortunately no because it has to communicate on a different port.
12k is offline   Reply With Quote
Users who have thanked 12k for this post:
just.a.guy (01-15-2012)
Old 01-15-2012, 10:06 AM   PM User | #3
BluePanther
Senior Coder

 
Join Date: Jul 2011
Posts: 1,226
Thanks: 3
Thanked 171 Times in 171 Posts
BluePanther is on a distinguished road
It's not as inefficient as you think. Putting the header redirect at the very top, and accompanied with either exit or die, won't process under the exit message - in other words, the processing on the first page is limited to the if condition, then the header redirect to redirect to https. No other output is sent to the client until they're on https.

So there's no better method really, but there doesn't need to be.
__________________
Useful function to retrieve difference in times
The best PHP resource
A good PHP FAQ
PLEASE remember to wrap your code in [PHP] tags.
PHP Code:
// Replace this
if(isset($_POST['submitButton']))
// With this
if(!empty($_POST))
// Then check for values/forms. Some IE versions don't send the submit button 
Quote:
Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live.
BluePanther is offline   Reply With Quote
Users who have thanked BluePanther for this post:
just.a.guy (01-15-2012)
Reply

Bookmarks

Jump To Top of Thread


« Previous Thread | Next Thread »
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 11:48 AM.
Advertisement
Log in to turn off these ads.