每个页面上的PHP函数导致重定向循环

I am working with non-profit on an application that was built by someone else earlier this year. The site needs to be secure, so I worked with their host to get a SSL cert installed. I understand that updating the .htaccess server file would be easier to perform the redirect, but our engagement ends in about 3 weeks. It has been difficult getting the requirements fed through the non-profit customer contact to host company. As an alternative, I would like to have a php based redirect in place just in case.

This is the beginning section on the apps header page included on all pages. We have 3 test servers with different domains and a production domain. I have added a condition so the redirect will not occur when running locally. When I call the function with my condition causes a redirect loop on the test servers (they have SSL certs). Can someone help with what I can not quite figure out? Thanks.

Or does any know if the apache .htaccess file can be updated as a customer user with Dreamhost?

<?php 

function redirectToHTTPS() {
    if($_SERVER['HTTPS']!="on") {
        $redirect= "https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
        header("Location:$redirect");
    }
}


$serverList = array('localhost', '127.0.0.1');
if(!in_array($_SERVER['HTTP_HOST'], $serverList)) {
    redirectToHTTPS();
}

ob_start();
    include ($_SERVER['DOCUMENT_ROOT'].'/rmhcOmahaTeam/config/paths.php');
    include ($_SERVER['DOCUMENT_ROOT'].'/rmhcOmahaTeam/config/db_connect.php');
?>
doujinyi1267
doujinyi1267 我确信dreamhost将允许.htaccess在其主机上的目录中使用。如果没有,您可以轻松联系他们的支持,让他们知道您需要它。大多数托管公司都启用了.htaccess文件,包括godaddy和其他托管公司,这些公司位于共享,虚拟,专用和虚拟专用帐户上。它的一个共同特点。
接近 5 年之前 回复

1个回答

Your problem lies here:

$serverList = array('localhost', '127.0.0.1');
if(!in_array($_SERVER['HTTP_HOST'], $serverList)) {
    redirectToHTTPS();
}

What this code says is "if the HTTP_HOST variable is localhost or 127.0.0.1, then redirect to the SSL site". Then, in the redirectToHTTPS() function, you're redirecting to the exact same HTTP_HOST you were checking against. So, basically, what you are saying is:

if (true) {
    redirectToHTTPS();
}

You need to be checking the protocol, not the HTTP_HOST:

define('HTTPS', isset($_SERVER['HTTPS']) && filter_var($_SERVER['HTTPS'], FILTER_VALIDATE_BOOLEAN));
if ( ! HTTPS) {
    redirectToHTTPS();
}
dqch34769
dqch34769 我不太明白你的观点。 我试图识别localhost而不是重定向。 根据我的理解,if条件是if条件将主机与我的数组进行比较,并且由于它是针对NOT in-array的,因此任何不是localhost域的东西都应该运行重定向函数。 然后该函数应确定是否使用了https,如果是,则不会重定向。
接近 5 年之前 回复
Csdn user default icon
上传中...
上传图片
插入图片
抄袭、复制答案,以达到刷声望分或其他目的的行为,在CSDN问答是严格禁止的,一经发现立刻封号。是时候展现真正的技术了!