当前位置:theitroad>php 强制 https://www. 使用 mod_rewrite 在 htaccess 中使用 Codeigniter

php 强制 https://www. 使用 mod_rewrite 在 htaccess 中使用 Codeigniter

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/8503663/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-08-26 04:52:34  来源:igfitidea点击:

Force https://www. for Codeigniter in htaccess with mod_rewrite

php.htaccesscodeignitermod-rewrite

提问by Ben

I'm using Codeigniter and following these instructionsto force ssl but all requests are being redirected to

我正在使用 Codeigniter 并按照这些说明强制使用 ssl,但所有请求都被重定向到

http://staging.example.com/index.php/https:/staging.example.com

My .htaccessis:

我的.htaccess是:

### Canonicalize codeigniter URLs

# Enforce SSL https://www. 
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

###
# Removes access to the system folder by users.
# Additionally this will allow you to create a System.php controller,
# previously this would not have been possible.
# 'system' can be replaced if you have renamed your system folder.
RewriteCond %{REQUEST_URI} ^system.*
RewriteRule ^(.*)$ /index.php/ [L]

# Checks to see if the user is attempting to access a valid file,
# such as an image or css document, if this isn't true it sends the
# request to index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/ [L]

回答by Rooneyl

You could do it in code instead of using htaccess.

您可以在代码中完成,而不是使用 htaccess。

You can create a helper function that will redirect the page to be over SSL, which you call from your controller.

您可以创建一个辅助函数,将页面重定向到 SSL,您可以从控制器调用该函数。

In your helper;

在你的帮手里;

function force_ssl() {
    if (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") {
        $url = "https://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
        redirect($url);
        exit;
    }
}

Then in your controller;

然后在您的控制器中;

class Whatever extends CI_Controller {

    function __construct() {
        parent::__construct();
        $this->load->helper(array('your_ssl_helper'));
    }

    public function index() {
        force_ssl();
        ...
    }
}

回答by feeela

I think, instead of

我认为,而不是

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

you should have something like

你应该有类似的东西

RewriteRule ^.*$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

do have the rewrite rule match. Your link is currently produced by the third rule.

确实有重写规则匹配。您的链接目前由第三条规则生成。

回答by It worked yesterday.

Use this

用这个

RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourdomain.com/ [R=301,L]

instead of

代替

RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

回答by Phil Perry

Presumably you have RewriteEngine Onsomewhere above this code...

大概你有RewriteEngine On这个代码上面的某个地方......

RewriteCond %{REQUEST_URI} ^system.*

probably isn't going to be triggered. REQUEST_URI should start with / (unlike RewriteRule), so you probably want

可能不会被触发。REQUEST_URI 应该以 / 开头(不像 RewriteRule),所以你可能想要

RewriteCond %{REQUEST_URI} ^/system

I'm not sure that

我不确定

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

will reliably match, with ^. I would try the following:

将可靠地与 ^ 匹配。我会尝试以下方法:

RewriteRule ^(.*)$ https://%{HTTP_HOST} [L,R=301]

Incidentally, HTTP_HOST is normally whatever the visitor typed in, so www. is not guaranteed, if that's what you want. You will need a separate step to force www..

顺便说一下,HTTP_HOST 通常是访问者输入的任何内容,所以 www. 不能保证,如果这是你想要的。您将需要一个单独的步骤来强制 www..

回答by mils

I wrote the following class for this purpose. I prefer having stuff like this in code over a configuration file, so that the behaviour cannot be modified by a bad config (i.e. a page is truly "forced" to SSL).

为此,我编写了以下类。我更喜欢在代码中使用这样的东西而不是配置文件,这样行为就不会被错误的配置修改(即页面真正“强制”使用 SSL)。

The function must be called at an early stage in your site's loading process.

必须在站点加载过程的早期阶段调用该函数。

class SecurityHelper extends MX_Controller
{
    // CONTROLLERS FORCED TO SSL
    private $arrHttps = array(
        'products/shipping',
        'products/billing'
    );

    // CONTROLLERS ACCESSIBLE FROM BOTH
    private $arrAgnostic = array (
        'products/getcart'
    );

    function redirectSsl()
    {
        // SSL MODULES
        if(in_array(uri_string(), $this->arrHttps))
        {
            // ONLY REDIRECT IF NECESSARY
            if ($_SERVER['HTTPS'] != "on")
            {
                // REDIRECTING TO SSL
                $newUrl = str_replace('http://', 'https://', base_url($_SERVER['REQUEST_URI']));
                redirect($newUrl);
            }
        }
        // NON-SSL MODULES
        else
        {
            // IF AGNOSTIC, DON'T REDIRECT
            if(in_array(uri_string(), $this->arrAgnostic))
                return;

            // ONLY REDIRECT IF NECESSARY
            if ($_SERVER['HTTPS'] == "on")
            {
                $newUrl = str_replace('https://', 'http://', base_url($_SERVER['REQUEST_URI']));
                redirect($newUrl);
            }
        }
    }
}

Hope it helps.

希望能帮助到你。

相关推荐

Html 表单/php:选择选项值=数组

Html 表单/php:选择选项值=数组

php 如何在 Wordpress Admin 中获取帖子 ID

php 如何在 Wordpress Admin 中获取帖子 ID

'php.exe' 不是内部或外部命令,也不是可运行的程序或批处理文件

'php.exe' 不是内部或外部命令,也不是可运行的程序或批处理文件

在 PHP 中重新定义常量

在 PHP 中重新定义常量

相关推荐
最近更新
标签