Peter Falkenberg Brown Posted August 31, 2013 Share Posted August 31, 2013 Dear All, I'm familiar with the ProcessWire handy dandy function of checking "HTTPS only" in a template to force pages with that template to use SSL. My testing showed, however, that pages *under* the SSL page, that use other templates, don't inherit that behavior. I have a lot of templates, for a very large web app, so I don't want to have to check off that box in all of them. I could, of course, but I'm wondering if an .htaccess method would be easier. I've created a "/members/" page and want all sub-pages to redirect to SSL. I've used the code below, in an .htaccess file, but I've not used it when the page url is not a physical directory, but is instead a dynamic url. RewriteCond %{HTTPS} offRewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} I also don't know how the above two lines will interact with all the other PW directives in the .htaccess file. Tips would be appreciated. Thanks, Peter Link to comment Share on other sites More sharing options...
apeisa Posted August 31, 2013 Share Posted August 31, 2013 How about this approach (not 100% sure if it works, but worth trying): <?php if ($page->rootParent->url == "/members/") { $page->template->https = 1; } Add that into prependTemplateFile (if you use that) or into autoload module. Link to comment Share on other sites More sharing options...
Peter Falkenberg Brown Posted August 31, 2013 Author Share Posted August 31, 2013 Dear Antti, That's an interesting idea. I've not used the autoload module yet. With the default install of PW, could you tell me exactly where you would insert that code, and in which file? The other option is to find a way to do that in .htaccess. Your method above might be less complicated. Thanks! Peter Link to comment Share on other sites More sharing options...
kongondo Posted August 31, 2013 Share Posted August 31, 2013 (edited) Dear Antti, That's an interesting idea. I've not used the autoload module yet. With the default install of PW, could you tell me exactly where you would insert that code, and in which file? Peter, What Antti means is that you can create a Module that Autoloads (i.e. loaded automatically with PW). There is no "the" module called Autoload ...If you already know this, my apologies http://processwire.com/api/modules/ http://wiki.processwire.com/index.php/Module_Creation Edited August 31, 2013 by kongondo Link to comment Share on other sites More sharing options...
Peter Falkenberg Brown Posted August 31, 2013 Author Share Posted August 31, 2013 Dear Kongondo, Ah yes, maybe I remember reading that. It was lurking in a dusty corner of my brain. Hmmm.... I'll have to study that more now. Thanks! If there's an .htaccess rule that would do the same thing, I wouldn't mind some .htaccess wizard letting me know. Mod_rewrite is something of a black art. Peter Link to comment Share on other sites More sharing options...
apeisa Posted August 31, 2013 Share Posted August 31, 2013 Easiest way: uncomment this line: https://github.com/ryancramerdesign/ProcessWire/blob/master/site-default/config.php#L58 and add _init.php file to your templates folder. Add the code snippet there. Link to comment Share on other sites More sharing options...
Peter Falkenberg Brown Posted August 31, 2013 Author Share Posted August 31, 2013 Dear Antti, I did the above, and added your code to _init.php: if ( $page->rootParent->url == "/members/" ) { $page->template->https = 1; } It didn't work, so I looked at the $template var page on this site, http://processwire.com/api/variables/templates/ and saw this: $template->protocol = 1; but that didn't work either. I also tried this, to no avail: $page->$template->protocol = 1; Perhaps my syntax is wrong? Peter Link to comment Share on other sites More sharing options...
apeisa Posted August 31, 2013 Share Posted August 31, 2013 This? $page->template->protocol = 1 Link to comment Share on other sites More sharing options...
Peter Falkenberg Brown Posted August 31, 2013 Author Share Posted August 31, 2013 Dear Antti, I tried that, just now. Yes, that was an extra $ sign. Oops. But... it didn't work, either. If it does work, with the right syntax, I think it's a brilliant idea, by the way. Peter Link to comment Share on other sites More sharing options...
apeisa Posted August 31, 2013 Share Posted August 31, 2013 Well, if that template protocol/https setting doesn't work when changed runtime, you can always do the redirect too. Something like this: <?php if ( ! $config->https) { $httpsUrl = str_replace("http", "https", $page->httpUrl); $session->redirect($httpsUrl); } Link to comment Share on other sites More sharing options...
Peter Falkenberg Brown Posted August 31, 2013 Author Share Posted August 31, 2013 Dear Antti, I tried your suggestion, and it worked. So, I settled on this code: if ( $page->rootParent->url == "/members/" && ! $config->https ) { $httpsUrl = str_replace("http", "https", $page->httpUrl); $session->redirect($httpsUrl); }elseif ( $page->rootParent->url != "/members/" && $config->https ) { $httpUrl = str_replace("https", "http", $page->httpUrl); $session->redirect($httpUrl); }else { # do nothing } It seems to do exactly what .htaccess mod_rewrite would do, if I'm not mistaken. And because, after the first redirect, the SSL status is active, there aren't redirects on every page load, since the links are relative. It would be academically interesting to see how this would be done in .htaccess, but for now... problem solved! Thank you once again! Brilliant, brilliant. Peter 1 Link to comment Share on other sites More sharing options...
apeisa Posted August 31, 2013 Share Posted August 31, 2013 Now that I think of it, it's clear why the first approach didn't worked: pw is already in outputting content when we changed the template protocol - it is too late for PW to do the redirect. With right hook and autoload module that approach might work. .htaccess is probably very simple in this case and little bit faster than this approach. Link to comment Share on other sites More sharing options...
Peter Falkenberg Brown Posted August 31, 2013 Author Share Posted August 31, 2013 Dear Antti, Yes, that makes sense. Well... if an .htaccess wizard reads this post, I'd love to see an .htaccess solution. More speed is good, especially when using SSL. Peter Link to comment Share on other sites More sharing options...
Soma Posted September 1, 2013 Share Posted September 1, 2013 I'm not sure why you're asking because obviously you already got the solution answered yourself. RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] just before the # RewriteCond %{HTTP_HOST} !^www\. [NC] # RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301] Or doesn't it work? Just remember to keep the htaccess updated in case PW changes it. Link to comment Share on other sites More sharing options...
Peter Falkenberg Brown Posted September 1, 2013 Author Share Posted September 1, 2013 Dear Soma, That works well, but it converts all pages to https. I just want the /members/ branch converted. If /members/ was a physical subdir, the code above would work in an .htaccess file in that subdir. I find mod_rewrite sort of brain-twisting, which is why I asked. I also wasn't sure how it would interact with PW's rules. Perhaps this segment has to be modified? RewriteRule ^(.*)$ to RewriteRule ^/members/(.*)$ ? Yours, Peter Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now