Htaccess redirect to HTTPS on select pages

[nasaboy007]

I'm a complete neophyte at using the .htaccess file, but I know that you can do redirections and stuff with it. Now, I want to switch between http and https depending on what file is requested. If they go to the index of the site (http://www.mysitememberships.com OR http://www.mysitememberships.com/index.php), I want it to stay as http. However, if they go to any of, say 4, specific pages, I want it to switch over to https (pages would be /myadd.php, /myedit.php, /myview.php, /userlogin.php, /controlpanel.php). However, after they visit that page and it switches over to https, I would like it to switch back to http if they request a page that is not part of that list (such as going back to the index).

How would I go about doing this?

 

[Palyriot]

I'd say just do it in php and not your htaccess file. Just do a conditional that includes the 's' in https:// when those certain pages are linked to.

 

[nasaboy007]

yeah i did it with php, thanks.

my solution, put on every page:

$httpsfile[] = "1"; //placeholder, idk why it doesn't read first array val
$httpsfile[] = "page1.php";
$httpsfile[] = "page2.php";
$httpsfile[] = "page3.php";
$httpsfile[] = "page4.php";
$httpsfile[] = "page5.php";
$httpsfile[] = "page6.php";
$httpsfile[] = "page7.php";

if($_SERVER['HTTPS'] != "on" && array_search(basename($_SERVER['PHP_SELF']), $httpsfile) != "") {
	reload("https://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']);
}
else if(array_search(basename($_SERVER['PHP_SELF']), $httpsfile) == "" && $_SERVER['HTTPS'] == "on") {
	reload("http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']);
}

since it redirects non-https-needed pages back to http, it saves server processing.

 

[qbert220]

$httpsfile[] = "1"; //placeholder, idk why it doesn't read first array val

It does read the first entry in the array. array_search returns the key of the matching array entry. The key of the first entry will be zero. != and == are boolean operators. Zero is false when cast to a boolean, all other numbers are true.

array_search will return FALSE if it does not find a match, so you should use === and !== to test without casting like this:

if($_SERVER['HTTPS'] != "on" && array_search(basename($_SERVER['PHP_SELF']), $httpsfile) !== FALSE) {
    reload("https://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']);
}
else if(array_search(basename($_SERVER['PHP_SELF']), $httpsfile) === FALSE && $_SERVER['HTTPS'] == "on") {
    reload("http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']);
}

I'd favour using in_array since you don't care what the key is:

if($_SERVER['HTTPS'] != "on" && in_array(basename($_SERVER['PHP_SELF']), $httpsfile)) {
    reload("https://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']);
}
else if(in_array(basename($_SERVER['PHP_SELF']), $httpsfile) && $_SERVER['HTTPS'] == "on") {
    reload("http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']);
}

For better performance you might want to do the "in_array" once, then check the $_SERVER['HTTPS'] setting.

 

[Rudy]

Since the thread I started here (http://www.namepros.com/website-development/504335-https-configurations-and-benefits.html) is evolving into a programming thread, and it is very closely related to this thread, I think I'll post here now with a question.

I have the exact code above that qbert has posted:

if($_SERVER['HTTPS'] != "on" && in_array(basename($_SERVER['PHP_SELF']), $httpsfile)) {
    reload("https://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']);
}
else if(in_array(basename($_SERVER['PHP_SELF']), $httpsfile) && $_SERVER['HTTPS'] == "on") {
    reload("http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']);
}

I have this in a required file that I require on every single page of my website. The problem is, when I go to test this, I'm told that the reload() function doesn't exist (and thus, a fatal PHP error is thrown). Nasaboy, do you have the code for the function too? I guess I might have a go and see if I can write the function to work, or find a native function that does the same thing... I see where you are going with this, but I'm just not exactly sure how to get there.

Edit:
I guess I could try a PHP redirect, could I not? This would work just as well, right?

 

[nasaboy007]

oh lol sorry, my bad. i just made a reload function, basically header location. here:

function reload($destination) {
	$reload = 'Location: ' . $destination;
	header($reload);
}

edit: just saw your edit, yes it is just a php redirect. i just put it into a function because i used it so many times throughout my site i didn't feel like typing everything out (laziness ftw).

 

[Rudy]

Ahh, that makes perfect sense. I see it now. Thanks for this!