Programming Forums > Web Development and Design > PHP

KyrinComaBlack · Jan 21st, 2006, 12:45 AM

I just need it for certain files like login and out. And submitting info.

Like say I go to http://something.com/app.php I want it to hit https://something.com/app.php and if the user tried to hit http://something.com/app.php it would give an error. And also I just want to like when they hit the file it is auto https://

sorry if its confusing

Server Info
--------------
Apache/2.2.0 (Win32) DAV/2 mod_ssl/2.2.0 OpenSSL/0.9.8a mod_autoindex_color PHP/5.1.1

Arevos · Jan 21st, 2006, 4:32 AM

HTTP Redirects, perhaps? Or some fiddling of the Apache configuration might do it, though I wouldn't like to try the latter

KyrinComaBlack · Jan 22nd, 2006, 5:50 PM

If I use https://www.something.com/login.php?user=XXX. It works but I can easyily change teh https to http and it works I don't want the users to do that. And I want to use https on logins, uploads, and downloads and also on the forums login

Lich · Jan 22nd, 2006, 11:24 PM

can you set a different secure site directory via apache?

KyrinComaBlack · Jan 23rd, 2006, 12:00 AM

how do I do that im not that strong in the apache configurations

Mocker · Jan 30th, 2006, 9:56 PM

Look up mod_rewrite and editing your .htaccess file. You can set the .htaccess to automatically turn requests for http://somedomain.com/app.php to https://somedomain.com/app.php use RewriteEngine ON
(google the specific syntax, i cant think of it off the top of my head)

Depending on the webserver you are using, https may be loading files from a different directory, so you need to have your copy of your app there. Plesk systems use a different directory, I think default systems or cPanel systems use the same files. Other systems I wouldn't know

If you just want to do this in the php code itself you could have something like (correct me if i'm wrong, this also depends on if the server uses these)

(Toggle Plain Text)

if($_SERVER['HTTPS']){ //page was accessed using https, continue
}
{
else { //page was not accessed using https
echo '<html><head><title>Error - redirecting</title><META HTTP-EQUIV="Refresh"
      CONTENT="5; URL=http://somedomain.com/app.php"></head><body>Error - you accessed the wrong page. You will be redirected in 5 seconds</body></html>

Thats an example, but yea, either way I guess depends on preference

Jan 21st, 2006, 12:45 AM	#1
KyrinComaBlack Programmer Join Date: Dec 2005 Location: Toronto, Ontario, Canada Posts: 48 Rep Power: 0	Php Https I just need it for certain files like login and out. And submitting info. Like say I go to http://something.com/app.php I want it to hit https://something.com/app.php and if the user tried to hit http://something.com/app.php it would give an error. And also I just want to like when they hit the file it is auto https:// sorry if its confusing Server Info -------------- Apache/2.2.0 (Win32) DAV/2 mod_ssl/2.2.0 OpenSSL/0.9.8a mod_autoindex_color PHP/5.1.1

Jan 22nd, 2006, 11:24 PM	#4
Lich Professional Programmer Join Date: May 2005 Location: Detroit Posts: 254 Rep Power: 4	can you set a different secure site directory via apache? __________________ --John Cruz Web Developer www.cruzweb.net

Jan 30th, 2006, 9:56 PM	#6
Mocker Hobbyist Programmer Join Date: Oct 2005 Location: Indiana Posts: 216 Rep Power: 0	Look up mod_rewrite and editing your .htaccess file. You can set the .htaccess to automatically turn requests for http://somedomain.com/app.php to https://somedomain.com/app.php use RewriteEngine ON (google the specific syntax, i cant think of it off the top of my head) Depending on the webserver you are using, https may be loading files from a different directory, so you need to have your copy of your app there. Plesk systems use a different directory, I think default systems or cPanel systems use the same files. Other systems I wouldn't know If you just want to do this in the php code itself you could have something like (correct me if i'm wrong, this also depends on if the server uses these) (Toggle Plain Text) if($_SERVER['HTTPS']){ //page was accessed using https, continue } { else { //page was not accessed using https echo '<html><head><title>Error - redirecting</title><META HTTP-EQUIV="Refresh" CONTENT="5; URL=http://somedomain.com/app.php"></head><body>Error - you accessed the wrong page. You will be redirected in 5 seconds</body></html> if($_SERVER['HTTPS']){ //page was accessed using https, continue } { else { //page was not accessed using https echo '<html><head><title>Error - redirecting</title><META HTTP-EQUIV="Refresh" CONTENT="5; URL=http://somedomain.com/app.php"></head><body>Error - you accessed the wrong page. You will be redirected in 5 seconds</body></html> Thats an example, but yea, either way I guess depends on preference __________________ #programmingforums relay - http://thegupstudio.com/cgi-bin/pforelay.cgi freelance scripts - http://ryanguthrie.com/index.html

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Jan 21st, 2006, 4:32 AM	#2
Arevos Programming Guru Join Date: Aug 2005 Location: England Posts: 1,499 Rep Power: 5	HTTP Redirects, perhaps? Or some fiddling of the Apache configuration might do it, though I wouldn't like to try the latter

Jan 22nd, 2006, 5:50 PM	#3
KyrinComaBlack Programmer Join Date: Dec 2005 Location: Toronto, Ontario, Canada Posts: 48 Rep Power: 0	If I use https://www.something.com/login.php?user=XXX. It works but I can easyily change teh https to http and it works I don't want the users to do that. And I want to use https on logins, uploads, and downloads and also on the forums login

Jan 23rd, 2006, 12:00 AM	#5
KyrinComaBlack Programmer Join Date: Dec 2005 Location: Toronto, Ontario, Canada Posts: 48 Rep Power: 0	how do I do that im not that strong in the apache configurations

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Programming Forums > Web Development and Design > PHP

Php Https