ansaurus

Question

Can I check for HTTPS in Magento PHTML files?

Answer 1

+3 A:

Array keys are case sensitive. You need to use

$_SERVER["HTTPS"]

Also, according to the docs, the HTTPS setting is

Set to a non-empty value if the script was queried through the HTTPS protocol.

Note: Note that when using ISAPI with IIS, the value will be off if the request was not made through the HTTPS protocol.

so a water-tight way would be checking against whether it is set at all, but not "off", e.g.

if ((!empty($_SERVER["HTTPS"])) and (strtolower($_SERVER["HTTPS"]) != "off")):

Pekka 2010-08-11 12:06:00

It should be cautioned that $_SERVER['HTTPS'] may not even exist at all, check your phpinfo() to see it it's listed because it is not always available to use. It is not on my server.

webfac 2010-08-11 12:25:49

It will always exist when requested via HTTPS. So you may want an `isset()` to see if it's there now. Like most `$_SERVER` variables, they are only populated when the server has enough information to populate them (Send a request without a referer header, and the `HTTP_REFERER` variable will not be set)...

ircmaxell 2010-08-11 12:29:40

Answer 2

+1 A:

try

strtolower($_SERVER['HTTPS']) == 'on'

Haim Evgi 2010-08-11 12:07:31

Answer 3

A:

Try this <?php if ($_SERVER['SERVER_PORT'] == 443) : ?>

Stephen 2010-08-11 12:10:36

While port 443 is the default HTTPS port, it's not necessarily the only possible one, is it?

Pekka 2010-08-11 12:12:26

Alright, he could always use `<?php if ($_SERVER['SERVER_PORT'] != 80) : ?>`

Stephen 2010-08-11 12:13:12

Port numbers have nothing to do with what protocol the request was made with. That's precisely why the `$_SERVER['HTTPS']` variable exists...

ircmaxell 2010-08-11 12:16:26

I concede that Pekka and ircmaxell are correct: Sid Vel's port number may not be 443. However, I'd bet real money that it is, and that it will never change.

Stephen 2010-08-11 12:33:27

Stephen: There are lots of things that work most of the time. But there's a difference between a way that works (or appears to work) and the right way...

ircmaxell 2010-08-11 13:49:30

Agreed. I'm just being bullheaded. ;)

Stephen 2010-08-13 01:40:48

Answer 4

+1 A:

This may seem like a bit of a "hack" but you could check the server protocol and check for the existence of the characters "HTTPS" in the protocol? :

<?php 
$protocol = $_SERVER['SERVER_PROTOCOL'];
$protocol = substr($protocol,0,5); //will return something like HTTP/ or HTTPS
if(preg_match("^HTTPS^",$protocol)){
echo "ITS HTTPS";
}
?>

webfac 2010-08-11 12:19:32

Answer 5

+5 A:

Magento actually provides a method for this for you, as I wrote in a blog post (pardon the self-referential link).

Use this to check whether you are in secure mode:

// check to see if your store is in secure mode
$isSecure = Mage::app()->getStore()->isCurrentlySecure();

Hope that helps!

Thanks, Joe

Joseph Mastey 2010-08-11 14:20:35

+1 native solution always wins.

Pekka 2010-08-13 08:20:23

ansaurus

tags:

views:

answers:

Can I check for HTTPS in Magento PHTML files?

related questions