Nope, it works like a charm for me, but I have it in an IF statement checking to see if the requestor is https or not to begin with.
I actually have it called as a function that passes in the rest of the path of the file that is being requested, which is called within an included page, which is included via a function call in a page that is automagically pre-pended to every page on the site.
And it works like a charm no matter where you are trying to hit it or how many sites/links you move in an out of.
Wolf
---- Stephen Johnson <maillists@xxxxxxxxxxxxxxxx> wrote:
> > Or you can cheat...
> >
> > $url = $_SERVER['SERVER_NAME'];
> > header( 'Location:https://'.$url.'');
> >
> >
>
> I think that would cause an infinite loop of redirection...
>
> This would be better
>
> <?php
>
> $curPort = $_SERVER['SERVER_PORT'];
> $pageTo = $_SERVER['REQUEST_URI'];
>
> if($curPort == "80") {
> // go secure
> header("location:https://www.domain.com$pageTo";);
> exit;
> }
> ?>
>
>
> --
> Stephen Johnson c | eh
> The Lone Coder
>
> http://www.thelonecoder.com
> continuing the struggle against bad code
>
> http://www.fortheloveofgeeks.com
> I¹m a geek and I¹m OK!
> --
>
>
>
>
> > From: Wolf <lonewolf@xxxxxxxxx>
> > Date: Mon, 25 Feb 2008 13:55:41 -0500
> > To: Rick Pasotto <rick@xxxxxxxx>
> > Cc: <php-general@xxxxxxxxxxxxx>
> > Subject: Re: checking for and enforcing https
> >
> >
> > ---- Rick Pasotto <rick@xxxxxxxx> wrote:
> >> What is the best or recomended proceedure for making sure that a page is
> >> accessed only via a secure connection?
> >>
> >
> > Make the server only send over 443 instead of 80...
> >
> > But if you don't have the ability to change .htaccess or httpd.conf then you
> > can use the $SERVER variables and make them work that way...
> >
>
> > Wolf
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
