duanbi7247 2015-11-13 10:15
浏览 67

如何在某些页面上强制使用HTTPS? (PHP)

I have a single PHP file which handles credit card processing. It starts as a form to input the credit card number, then becomes a "confirm" screen (showing the credit card number) then once more to process and display the results. All three loads will be done with PHP submits (I realize the confirm might be better as Javascript, but I didn't write it). It is the only file in the directory which handles credit cards, and therefore it is the only one which needs httpS connection.

I have tried forcing this with the $_SERVER array, looking up the protocol used to connect from the prefix of the SCRIPT_URI (or other entry), but none had the prefix.

Is there a simple way to do this...i want ssl on 5 pages homepage, login, register, contact page and if user visit other page then he should be on non ssl version

Sorry for the questions, but my searches thus far here haven't uncovered a working solution, and I'm afraid I don't know what the best practice is.

  • 写回答

3条回答 默认 最新

  • doumiao0498 2015-11-13 10:26
    关注

    You should investigate $_SERVER['HTTPS']. This will have a non empty value if https is used and an empty value otherwise.

    If you detect a non https connection you can redirect the user, e.g. using php header() method.

    Another way to achieve this would be to use .htaccess configuration (if you're running on apache web server):

    RewriteCond %{HTTPS} !=on
RewriteRule ^creditcard\.php$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R]

    Using https for the whole website is a really good option, too.

    评论

报告相同问题?

悬赏问题

  • ¥15 微信会员卡接入微信支付商户号收款
  • ¥15 如何获取烟草零售终端数据
  • ¥15 数学建模招标中位数问题
  • ¥15 phython路径名过长报错 不知道什么问题
  • ¥15 深度学习中模型转换该怎么实现
  • ¥15 HLs设计手写数字识别程序编译通不过
  • ¥15 Stata外部命令安装问题求帮助!
  • ¥15 从键盘随机输入A-H中的一串字符串,用七段数码管方法进行绘制。提交代码及运行截图。
  • ¥15 TYPCE母转母,插入认方向
  • ¥15 如何用python向钉钉机器人发送可以放大的图片?