Return to Snippet

Revision: 23007
at January 27, 2010 15:35 by dalethedeveloper


Initial Code
protected function _checkSSL() {
		$needSSL = $inSSL = $destURL = false;
		$inSSL = ( isset($_SERVER['SSL']) || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ) ? true : false;

		// Get static $ssl_actions and see if we need to switch in or out of SSL
		if($all_ssl_actions = Object::combined_static($this, 'ssl_actions') and is_array($all_ssl_actions) ) {
			$action = $this->getRequest()->latestParam('Action');	//  $this->getAction() always empty??
			if( in_array($action,$all_ssl_actions) or
				(in_array('index',$all_ssl_actions) and is_null($action) )	) {
				$needSSL = true;
			}
		}

		if( $needSSL and !$inSSL ){
			$destURL = str_replace('http:','https:', Director::absoluteURL($_SERVER['REQUEST_URI']));
		} elseif( !$needSSL and $inSSL ) {
			$destURL = str_replace('https:','http:', Director::absoluteURL($_SERVER['REQUEST_URI']));
		}

		if( $destURL ) {
			header("Location: $destURL", true, 301);
			die('<h1>Your browser is not accepting header redirects</h1><p>Please <a href="'.$destURL.'">click here</a>');
		}
	}

Initial URL

                                

Initial Description
A little function I add to the base Page_Controller class that allows you to define what actions are explicitly SSL.  It will put users in SSL when they access it and take them out of it when they navigate somewhere else.  It is available in any controllers that extend Page_Controller.

Be sure to add `$this->_checkSSL();` to the Page_Controller's `init()` function.

Initial Title
SilverStripe SSL switching by statics

Initial Tags
php

Initial Language
PHP