开发者

How do I make the login and registration to be in ssl mode?

开发者 https://www.devze.com 2023-01-26 02:18 出处:网络
I am using CodeIgniter on Windows 7 along with wamp. I generated a self-signed certificate and all the other things that are needed to run a website under https. My website is working perfec开发者_如何

I am using CodeIgniter on Windows 7 along with wamp. I generated a self-signed certificate and all the other things that are needed to run a website under https. My website is working perfec开发者_如何学Ctly in SSL mode. The problem is I only want my login and registration page to be in SSL mode. In CI, we can only configure one url i.e. :

$config['base_url'] = "https://localhost/abc";

I do not want to run my whole website in SSL mode. How can I achieve this? I read the following link:

http://stackoverflow.com/questions/1500527/how-to-use-ssl-with-codeigniter

But it did not solve any of my problems. I do not want to duplicate my whole website folder that the person is talking about. I want to maintain the same session data and cookies for http as well as https. Can I hardcode the pages that need SSL in my controller's constructor? And if a request is received for that secured page on http I should redirect to https. Is this approach valid or do I need to work on it? If any proper and elegant solution is available please let me know.


I had the same problem. In my case, I had to use SSL in the control panel only.

I solved this problem by rewriting the URL helper:

function base_url($flag = true)
{
    $CI = CI_Controller::get_instance();
    if (strpos(current_url(), '/cp/') and $flag) {
        return str_ireplace('http://', 'https://', $CI->config->slash_item('base_url')).'index.php/';
    }
    return $CI->config->slash_item('base_url');
}

In this case '/cp/' means "control panel". I was forced to do it this way because other ways (like adding secure_base_url to config.php or different SSL helpers) didn't work for me.

The additional $flag parameter is for images, CSS and JS files which should be loaded in the control panel. Use base_url(false) in these cases as https://www.example.com/**index.php**/image.png is a wrong address for the image.png file).

You can do the same thing for your website.

Hope this helps.


using the .htaccess file would be my best guess

RewriteRule ^my-account\/?(.+)?$ https://mydomain.com/my-account/$1 [NC,R,L]

would that work for you?

0

精彩评论

暂无评论...
验证码 换一张
取 消