SitePoint Sponsor

User Tag List

Results 1 to 5 of 5
  1. #1
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,764
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)

    Handling Logo in HTTPS Connection

    Let's see if I can remember/explain this...

    In the past I had a Config file that looked like this...
    Code:
    <?php
    	define('ENVIRONMENT', 'development');
    	//define('ENVIRONMENT', 'production');
    
    	// File Root
    	define('ROOT', ENVIRONMENT === 'development'
    					? '/Users/user1/Documents/DEV/++htdocs/03_MySite/'
    					: '/var/www/vhosts/mysite.com/httpdocs/');
    
    	// Web Server Root
    	define('WEB_ROOT', ENVIRONMENT === 'development'
    					? 'http://local.dev3/'
    					: 'http://www.mysite.com/');
    
    	// Secure Web Server Root
    	define('SECURE_WEB_ROOT', ENVIRONMENT === 'development'
    					? 'http://local.dev3/'
    					: 'https://www.mysite.com/');
    ?>
    So a few months ago I *finally* learned how to create Virtual Hosts on my laptop so that I didn't need this silliness above?!

    But one problem still exists...

    As I recall, when someone goes to check out on my website, I was getting some error message complaining that a unencrypted image/file was being sent over the HTTPS connection.

    To fix this, I did this...
    Code:
    	<div id="header">
    		<a href="<?php echo WEB_ROOT ?>index.php">
    			<img id="logo" src="<?php echo SECURE_WEB_ROOT ?>images/mylogo_200x50.png"
    					 width="200" alt="My Logo" />
    		</a>
    	</div>
    Is there some way that I can get rid of this code so I can totally eliminate my "Config" file? (Obviously I could hard-code in the HTTPS path, but I am wondering - as I re-factor my website - if maybe there is a better approach?!)

    Thanks,



    Debbie

  2. #2
    SitePoint Wizard
    Join Date
    Dec 2003
    Location
    USA
    Posts
    2,582
    Mentioned
    29 Post(s)
    Tagged
    0 Thread(s)
    I usually use a bit of code that checks if the page is HTTPS, and if it does it prints the HTTPS version of the page.

    Here is a stripped down version of the code:
    Code:
    $is_https = isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']);
    
    function getDomain() {
      if($is_https)
        return 'https://' . WEB_ROOT;
      return 'http://' . WEB_ROOT;
    }
    And then you can just do something like:
    Code:
    <img src="<?php echo getDomain() ?>/image.png">
    This is a stripped down version, but shows the basic idea. I generally have this wrapped up in functions that I just feed some info and it prints out the HTML for the image/script/style/etc.

  3. #3
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,764
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by samanime View Post
    I usually use a bit of code that checks if the page is HTTPS, and if it does it prints the HTTPS version of the page.

    Here is a stripped down version of the code:
    Code:
    $is_https = isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']);
    
    function getDomain() {
      if($is_https)
        return 'https://' . WEB_ROOT;
      return 'http://' . WEB_ROOT;
    }
    Where would you put this code...
    Code:
    $is_https = isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']);
    I'm not getting how/when/where $_SERVER['HTTPS'] gets a value?!


    And then you can just do something like:
    Code:
    <img src="<?php echo getDomain() ?>/image.png">
    This is a stripped down version, but shows the basic idea. I generally have this wrapped up in functions that I just feed some info and it prints out the HTML for the image/script/style/etc.
    Is this code secure from hackers?


    Debbie

  4. #4
    SitePoint Zealot
    Join Date
    Feb 2001
    Posts
    134
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    $_SERVER['HTTPS'] is one of the many variables that are already available to you in any PHP script.
    see http://php.net/manual/en/reserved.variables.server.php for more information on the other ones.

    Here's a question though, Why are you defining your image URL with the full url anyway? If you used
    <img src="/image.png"> then it would serve from the proper location whether you were using http or https
    Guava

  5. #5
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,764
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Guava View Post
    $_SERVER['HTTPS'] is one of the many variables that are already available to you in any PHP script.
    see http://php.net/manual/en/reserved.variables.server.php for more information on the other ones.

    Here's a question though, Why are you defining your image URL with the full url anyway? If you used
    <img src="/image.png"> then it would serve from the proper location whether you were using http or https
    Good point!

    I *think* this was a downside of my Config file...

    Since my Logo was in the Header file which was "included" in all pages in my site, sometimes I needed:

    Code:
    <?php echo WEB_ROOT ?>
    and other times I needed

    Code:
    <?php echo SECURE_WEB_ROOT ?>

    So I just used this all of the time...

    Code:
    <?php echo SECURE_WEB_ROOT ?>


    Now that I am using a "Virtual Server", maybe I don't need to do that, huh?


    Debbie


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •