https request on some pages but not on all pages zend framework

Question

Hello,

I need to put https on some of the URL but not on all the URL. I am using zend URl view helper for all the links. I have a *.example.com SSL certificate for whole site. Now I open site with https://www.example.co, then all the link on home page or other pages contains https in URL. How can I make some specific request on the https url and other page should be opened normal.

I also need to pt some redirection so that if somebody open the specific pages in normal URL then they redirected on https url. I think the .htaccess redirection will work for that.

Any help ????

Thanks in advance!!!

Answer 1

the URL ViewHelper only assembles paths, absolute from the hostname. so you need to explicitly prefix your https links

<? $url = $view->url(array('some' => 'params') /*, $route, $reset*/) ?>
<a href="https://&lt;?= $_SERVER['HTTP_HOST] ?><?= $url ?>">my explicit https link</a>

you should maybe create a an own small viewhelper which does that work for your and also checks if HTTP_HOST is set etc, maybe also take it from the config instead from $_SERVER.

$view->httpsUrl(array('some' => 'params')/, $route, $reset/);

to be secure that defined reqeust must be https can easily be done by adding a front controller plugin or even an abstract controller-class you base all your otehr controller on.

a plugin could look like this

My_Controller_Plugin_HttpBlacklist extends Zend_Controller_Plugin_Abstract
{
    public function preDispatch(Zend_Controller_Request_Abstract $request)
    {
        // when /foo/bar/baz is requested
        if (($request->getModuleName() == 'foo' &&
            $request->getControllerName() == 'bar' &&
            $request->getControllerName() == 'baz')
            /* || (conditions for more requests)*/) {

            //very basic confifiotn to see if https is enabled, should be done better...
            if (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on') {

                // should be done with Zend_Http_Reponse instead
                header('Location: https://'. $_SERVER['HTTP_HOST] . $_SERVER['REQUEST_URI']);
                exit;
            }
        }
    }
}

then simply plug it in

$frontController->registerPlugin(new My_Controller_Plugin_HttpBlacklist);

Answer 2

I rather used a simple method and that does not required any change in urls generation/route. I wrote following lines in routeStartup function of a plugin and haven't made any change in URLs route.

public function routeStartup(Zend_Controller_Request_Abstract $request)
{

   $controller=$this->_controller = $this->_front->getRequest()->getControllerName();
   $action=$this->_controller = $this->_front->getRequest()->getActionName();

    if($_SERVER['SERVER_PORT']!=443)
    {
//controller and actions array to check ssl links
        $actionArr=array('index'=>array('registration'),'account'=>array('editacc','edit'),'dealer'=>array('*'));
        if(array_key_exists($controller,$actionArr)!==false)
        {
            if(in_array($action,$actionArr[$controller]) || $actionArr[$controller][0]=='*')
            {
                $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector');
                 $redirector->gotoUrl(SITE_LIVE_URL_SSL.$controller."/".$action);    
            }
        }


    }
    else
    {
//controller and action array that should not be on ssl.
          $notAactionArr=array('usersearch'=>array('mainserarch'),'account'=>array('index'),'onlineusers'=>array('*'));
        if(array_key_exists($controller,$notAactionArr)!==false)
        {
            if(in_array($action,$notAactionArr[$controller]) || $notAactionArr[$controller][0]=='*')
            {
                $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector');
                 $redirector->gotoUrl(SITE_LIVE_URL.$controller."/".$action);    
            }
        }

    }
}