Managing Secure Protocol in Apache-Based Websites using PHP - Second Potential Problem: 301 Redirection from non-secure to secure protocol (
Page 4 of 4 )
There are times when you do really need to redirect the http to the https version. A good example would be to convert an http URL to the https version of the URL so that any transaction between the browser and the server that happens on that URL will be encrypted.
Another good example would be submitting sensitive data such as passwords, security numbers or even credit card information.
So how do you go about converting the non-secure protocol to a secure protocol? Using PHP you can force a specific URL to 301 redirect to its equivalent https version.
See an example below:
<?php
function url() {
$urlofthepage = 'http';
if ($_SERVER["HTTPS"] == "on") {$urlofthepage .= "s";}
$urlofthepage .= "://";
if ($_SERVER["SERVER_PORT"] != "80") {
$urlofthepage .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
} else {
$urlofthepage .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
}
return $urlofthepage;
}
$urlofthepage=url();
if ($urlofthepage=="http://www.thisistheurlthatyouneedtoredirecttohttpsversion.com/
securecontactexampleform.php")
{
// Permanent redirection
header("HTTP/1.1 301 Moved Permanently");
header("Location: https:// www.thisistheurlthatyouneedtoredirecttohttpsversion.com/securecontactexampleform.php ");
exit();
}
?>
Place this code on top of any HTML code, or before it outputs any HTML. This script must be placed on top of all PHP or HTML code. If it isn't, it won't redirect at all, and in fact will return an error.
Note that the above sample script only redirects one http version URL to its equivalent https version. You can add any number of redirections; for example, if you have a lot of secure form URLs in the domain, but are using the same template.
In this case, just add another if statement right below the first
redirection. See the example below:
<?php
function url() {
$urlofthepage = 'http';
if ($_SERVER["HTTPS"] == "on") {$urlofthepage .= "s";}
$urlofthepage .= "://";
if ($_SERVER["SERVER_PORT"] != "80") {
$urlofthepage .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
} else {
$urlofthepage .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
}
return $urlofthepage;
}
$urlofthepage=url();
if ($urlofthepage=="http://www.thisistheurlthatyouneedtoredirecttohttpsversion.com/
securecontactexampleform.php")
{
// Permanent redirection
header("HTTP/1.1 301 Moved Permanently");
header("Location: https:// www.thisistheurlthatyouneedtoredirecttohttpsversion.com/
securecontactexampleform.php ");
exit();
}
//this is the second URL to be redirected to its https version
if ($urlofthepage==
"http://www.thisisthesecondurlthatyouneedtoredirecttohttpsversion.com/
securecontactexampleform.php")
{
// Permanent redirection
header("HTTP/1.1 301 Moved Permanently");
header("Location: https:// www.thisisthesecondurlthatyouneedtoredirecttohttpsversion.com/
securecontactexampleform.php ");
exit();
}
?>
/ 5 
