On Mon, Feb 25, 2008 at 1:40 PM, Rick Pasotto <rick@xxxxxxxx> wrote:
> What is the best or recomended proceedure for making sure that a page is
> accessed only via a secure connection?
Provided you're running SSL on the standard HTTPS port of 443,
include this at the very top of every file, before any output or
session information is sent. The best option would be to include it
in a file in a switched index.php or similar design.
<?
if($_SERVER['SERVER_PORT'] != '443') {
$url = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] :
$_SERVER['SERVER_NAME'];
header("Location:
https://".$url.$_SERVER['PHP_SELF']."?".$_SERVER['QUERY_STRING']);
exit;
}
?>
--
</Dan>
Daniel P. Brown
Senior Unix Geek
<? while(1) { $me = $mind--; sleep(86400); } ?>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
