SyntaxFix

[php] Redirecting from HTTP to HTTPS with PHP

I'm working on a shopping cart website and I would like to redirect the user to a HTTPS page when he's entering his billing details and maintain the HTTPS connection for the next pages until he logs out.

What do I need to install on the server (I'm using Apache) in order to do this, and how can this redirect be done from PHP?

This question is related to php https

The answer is

Redirecting from HTTP to HTTPS with PHP on IIS

I was having trouble getting redirection to HTTPS to work on a Windows server which runs version 6 of MS Internet Information Services (IIS). I’m more used to working with Apache on a Linux host so I turned to the Internet for help and this was the highest ranking Stack Overflow question when I searched for “php redirect http to https”. However, the selected answer didn’t work for me.

After some trial and error, I discovered that with IIS, $_SERVER['HTTPS'] is set to off for non-TLS connections. I thought the following code should help any other IIS users who come to this question via search engine.

<?php
if (! isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] == 'off' ) {
    $redirect_url = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
    header("Location: $redirect_url");
    exit();
}
?>

Edit: From another Stack Overflow answer, a simpler solution is to check if($_SERVER["HTTPS"] != "on").

On my AWS beanstalk server, I don't see $_SERVER['HTTPS'] variable. I do see $_SERVER['HTTP_X_FORWARDED_PROTO'] which can be either 'http' or 'https' so if you're hosting on AWS, use this:

if ($_SERVER['HTTP_HOST'] != 'localhost' and $_SERVER['HTTP_X_FORWARDED_PROTO'] != "https") {
    $location = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
    header('HTTP/1.1 301 Moved Permanently');
    header('Location: ' . $location);
    exit;
}

This is a good way to do it:

<?php
if (!(isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on' || 
   $_SERVER['HTTPS'] == 1) ||  
   isset($_SERVER['HTTP_X_FORWARDED_PROTO']) &&   
   $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'))
{
   $redirect = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
   header('HTTP/1.1 301 Moved Permanently');
   header('Location: ' . $redirect);
   exit();
}
?>

You can always use 

header('Location: https://www.domain.com/cart_save/');

to redirect to the save URL.

But I would recommend to do it by .htaccess and the Apache rewrite rules.

Source: Stackoverflow.com

Examples related to php

I am receiving warning in Facebook Application using PHP SDK Pass PDO prepared statement to variables Parse error: syntax error, unexpected [ Preg_match backtrack error Removing "http://" from a string How do I hide the PHP explode delimiter from submitted form results? Problems with installation of Google App Engine SDK for php in OS X Laravel 4 with Sentry 2 add user to a group on Registration php & mysql query not echoing in html with tags? How do I show a message in the foreach loop?

Examples related to https

What's the net::ERR_HTTP2_PROTOCOL_ERROR about? Requests (Caused by SSLError("Can't connect to HTTPS URL because the SSL module is not available.") Error in PyCharm requesting website Android 8: Cleartext HTTP traffic not permitted ssl.SSLError: tlsv1 alert protocol version Invalid self signed SSL cert - "Subject Alternative Name Missing" How do I make a https post in Node Js without any third party module? Page loaded over HTTPS but requested an insecure XMLHttpRequest endpoint How to force Laravel Project to use HTTPS for all routes? Could not create SSL/TLS secure channel, despite setting ServerCertificateValidationCallback Use .htaccess to redirect HTTP to HTTPs

Tags

Uml Sqlanywhere Mozart Dev-to-production Case-statement Beyondcompare X-sendfile Error-detection Psmtabbarcontrol Hbm2java Derived-instances Displaylist Depth-first-search Disconnected-session Metalc Jmenubar Statechart Pressed Processing Whois Phpthumb Iis-logs Partial-application Caliper Core-video Pnunit Loopback Payment-gateway Dbstop Microprocessors Tapestry Scrollviewer Fallback Rome Idn Tree-nodes Context-specification Jquery-tabs Ntruencrypt Microbenchmark Serializationbinder Stack-based Acceptance-testing Jaro-winkler Fedex Keyhook Machine-instruction Pki Mdsd Lnk Self-reference Visual-editor .net-1.1 Nohup Nullable Openurl Prefetch Xml-database Abstract-type Cnf Sequential Font-replacement Eventlet Openvpn Oftype Activescaffold Markup Aix Web-crawler Phpdoc Rsync Dojo Ajax.beginform Referenceproperty Dynamic-import Ultrasphinx Parasoft Gridviewcolumn Outlook-2003 Hyperlink Calendar-store Mahjong Businessworks File-copying Emboss Color-profile Lockout Git-config Ms-solver-foundation Filezilla Highdpi Spawn Eventtrigger Analyzer Iphone-sdk-2 Ostream Phar Controllercontext Cobol Mysql-error-1046