On 4/10/07, Zoltán Németh <znemeth@xxxxxxxxxxxxxx> wrote:> I have separate document roots for the http and the https stuff, say> "htdocs" and "htdocs-secure" - this can be done with apache> configuration> then I need only to put a single redirecting line into the> htdocs/index.php like>> <?php> header("Location: https://my.server.com/";);> ?>>> and that's all>> greets> Zoltán Németh>> 2007. 04. 9, hétfő keltezéssel 08.40-kor Ben Liu ezt írta:> > What's the prescribed method for redirecting a user forcibly to from> > the non-SSL secured version of a page to the SSL-secured version? Is> > this handled at the web server level or at the script level. I found> > this by googling:> >> > <?php> > if($_SERVER['SERVER_PORT'] !== $encport || $_SERVER['HTTPS'] !== "on")> > {header("Location: https://".$_SERVER['SERVER_NAME'].$_SERVER> > ['SCRIPT_NAME']);exit;}> > ?>> >> > What do people think about this solution?> >> > Thanks,> >> > - Ben> >>> --> PHP General Mailing List (http://www.php.net/)> To unsubscribe, visit: http://www.php.net/unsub.php>>
I believe you should also be sending a 301 status header so useragents can be made aware of the redirect and make updates accordingly(bookmarks, etc.)
http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.2
