Hi,
How would I apply SSL HTTPS to my PHP Login system. My login system is basic here is how it goes:
Fetches session and user then checks if its correct. I'll need some kind of SSL/HTTPS checking.
Any examples?
+2
A:
Your question makes little sense. SSL is a secure transport layer, but its operation is totally transparent to PHP.
Everything that worked before you had SSL should work the same way it does with SSL. All the authentication and encryption/decryption is done automatically for you.
See:
- How SSL works (from Verisign)
- Step by Step: Configuring SSL Under Apache
- ServerFault (if you run into problems configuring the server)
NullUserException
2010-10-01 19:19:50
I am basically going to assign myself a SSL cert, I want it to work with my login system.
Raymond
2010-10-01 19:37:10
@Raymond If you set up SSL correctly, it should work without any changes to your PHP code - at least the login logic. You might want to make the script force the user to use SSL on login however, but just try to make SSL work in the first place.
NullUserException
2010-10-01 19:38:46
I saw some things to do with HTTPS in someones coding before on there login system. Just was not sure what it is. Do I need that?
Raymond
2010-10-01 19:53:41
@Raymond You'll need to be more specific. What "things"?
NullUserException
2010-10-01 19:55:42
HTTPS: something like this "function redirectToHTTPS(){ if($_SERVER['HTTPS']!="on") { $redirect= "https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; header("Location:$redirect"); }"
Raymond
2010-10-01 19:58:06
@Raymond Yeah, that forces the page to use HTTPS instead of HTTP. But I would focus on getting HTTPS to work in the first place for now (that can be a bit tricky)
NullUserException
2010-10-01 20:07:38
How do I get it to work via Windows 2008/2003?
Raymond
2010-10-01 20:08:24
@Ray What server are you using? (eg: Apache, IIS, etc)
NullUserException
2010-10-01 20:12:09
Apache mate (XAMPP)
Raymond
2010-10-01 20:15:12
@Ray See the second link on my answer
NullUserException
2010-10-01 20:16:45