hi everybody

I m little speak english.

im use this way

example:

this is my header view file
location: ./aplication/view/inc/header.php

how do you think ?

Hi there…. I just want to share a quick update to nevercraft’s solution.

In force_ssl_helper.php, I’ve added a function to remove SSL if it isn’t needed, as follows:

but where does the page knows to use or not SSL? Simply enough.

Just add the following code to the very top of your page:

than you just have to create an item in the config file called ‘ssl_pages’ that is a single dimension array with the controller names that you which to force SSL to.

EXAMPLE:

If I have a header file which is called on every view page and a controller named My_secure_checkout, than I’ll have to do this:

1. Create a helper file named force_ssl_helper.php in my application/helpers folder and paste the code I’ve mentioned earlier on this post.

2. On header.php file or whatever you name it, paste the following code to the very top:

3. On config.php, add the following line to the very end:

and…. Voilá! Now I have My_secure_checkout controller using SSL, leaving others untouched.

I know this is not the best solution, but it works fine for me. I hope it can help somebody.

HAPPY CODING….

force_ssl_helper.php may not be useful when you send an HTTP request with POST method to execute an action(function), which is required SSL.

When redirect() is executed, it sends an GET HTTP request via https to execute the same action, but the data of POST is lost.

There is an example:

When the login form is submitted, browser sends a request using POST method to http://192.168.1.1/index.php/welcome/authenticate, and it is redirected to https://192.168.1.1/index.php/welcome/authenticate at once, because this action requires SSL. Unfortunately, I can not retrieve email and password any more.

I have tried all the suggestions in this thread for Htaccess to remove index.php from Code Igniter URL.
This rewrite rules removes index.php from URL but does not display under Secure URL.
for example:
http://www.mysite.com/CodeIg/MyController —Works perfect

https://www.mysite.com/CodeIg/index.php/MyController —Works perfect

    But

https://www.mysite.com/CodeIg/MyController —Does not Work at all. It gives page not found server error.

Then I tried adding the htaccess rules in Virtual host file…
Now the Screen get displayed but without any css, js and Images included in the page.

All these folder like css, images and JS are in application directory.

Does anyone know why this problem is coming?

REply to post would be appreciated a lot….

Thanks

C4iO [PyroDEV] - your solution works the best for me. My two cents is to replace header.php by MY_controller.php:

then every controller starts by

this way you check if page shoud be displayed as https in every controller

manisha - 03 February 2011 03:44 PM

I have tried all the suggestions in this thread for Htaccess to remove index.php from Code Igniter URL.
This rewrite rules removes index.php from URL but does not display under Secure URL.
for example:
http://www.mysite.com/CodeIg/MyController —Works perfect

https://www.mysite.com/CodeIg/index.php/MyController —Works perfect

    But

https://www.mysite.com/CodeIg/MyController —Does not Work at all. It gives page not found server error.

Then I tried adding the htaccess rules in Virtual host file…
Now the Screen get displayed but without any css, js and Images included in the page.

All these folder like css, images and JS are in application directory.

Does anyone know why this problem is coming?

REply to post would be appreciated a lot….

Thanks

Look at the rewrite condition and rules in this thread http://codeigniter.com/forums/viewthread/86113/ they solved my problem.

parrots - 24 June 2008 09:15 AM

I did it by having my .htaccess file force SSL for specific URLs (payment and login).  It saved me from having to muck around with changing the base_url or anything like that:

RewriteEngine on

RewriteCond %{SERVER_PORT} 80 
RewriteCond $1 ^(register/payment|login)
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R=301,L]

RewriteCond %{SERVER_PORT} 443
RewriteCond $1 !^(register/payment|images|css|javascript|login)
RewriteRule ^(.*)$ http://www.yourdomain.com/$1 [R=301,L]

RewriteCond $1 !^(index\.php|images|robots\.txt)
RewriteRule ^(.*)$ index.php/$1 [L] 

As a bonus this ensures that even if someone tries to go to my payment or login page without SSL it will redirect them to the HTTPS version.  It’s worked for me pretty well so far.

I’m doing exactly this but I’m getting stuck in a GET loop. The redirect to https happens but CI won’t show me any result….... been at this for hours, don’t know why…

/T

Here’s how I did it in 5 steps:

1. MY_url_helper

2. Top of my secure view:

3. Link to this secure page (from another view)

4. Secure all files used on the secure page:

5. Secure the form, in your secure page

base_url_asset - will pull regular base_url() - unless - you declare force_ssl() at the top of your view, then it will switch them.  That’s it!  I’m sure there’s a better way, so please let me know, or edit as needed.