SitePoint Sponsor

User Tag List

Results 1 to 2 of 2

Hybrid View

  1. #1
    SitePoint Evangelist
    Join Date
    Mar 2011
    Location
    Bellingham, WA
    Posts
    450
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)

    Avoiding Apache mod_rewrite

    Hi,

    I need to redirect users who go to one of my pages (http://www.mydomain.com/place_to_go.php) to a secure version, so that they can pay for a product with a credit card. Apache's mod_rewrite seemed like a good approach, but I'm much more comfortable with php and was wondering if there are any apparent pitfalls in using:

    PHP Code:
    $var1 = (int) $_GET['var1'];
    $var2 = (int) $_GET['var2'];
    if (isset(
    $_SERVER['SCRIPT_URI']) && (substr($_SERVER['SCRIPT_URI'],0,5)) != 'https') {
    //I put in the isset business because SCRIPT_URI didn't seem to be defined on my local server
    //SCRIPT_URI seemed like the best thing to check, but it's here that I'm worried that I might be missing something...
        
    header('Location: https://www.mydomain.com/place_to_go.php?var1='.$var1.'&var2='.$var2);
        exit;

    Thoughts/comments would be appreciated!

    -Eric

  2. #2
    SitePoint Wizard bronze trophy chris.upjohn's Avatar
    Join Date
    Apr 2010
    Location
    Melbourne, AU
    Posts
    2,191
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    A better way to determine if they are using TLS or not would be to use the $_SERVER['HTTPS'] array key as it will give you a much nicer way of detecting it.

    http://stackoverflow.com/a/7304205


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •