On 4/10/07, Zoltán Németh <[EMAIL PROTECTED]> wrote:
I have separate document roots for the http and the https stuff, say "htdocs" and "htdocs-secure" - this can be done with apache configuration then I need only to put a single redirecting line into the htdocs/index.php like<?php header("Location: https://my.server.com/";); ?> and that's all greets Zoltán Németh 2007. 04. 9, hétfő keltezéssel 08.40-kor Ben Liu ezt írta: > What's the prescribed method for redirecting a user forcibly to from > the non-SSL secured version of a page to the SSL-secured version? Is > this handled at the web server level or at the script level. I found > this by googling: > > <?php > if($_SERVER['SERVER_PORT'] !== $encport || $_SERVER['HTTPS'] !== "on") > {header("Location: https://".$_SERVER['SERVER_NAME'].$_SERVER > ['SCRIPT_NAME']);exit;} > ?> > > What do people think about this solution? > > Thanks, > > - Ben > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
I believe you should also be sending a 301 status header so user agents can be made aware of the redirect and make updates accordingly (bookmarks, etc.) http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.2
