/**
* enforceSSLMode() $force_ssl is on or off, it checks if the current
* request is to HTTPS (or not). If $force_ssl is on, and the
* request is not to HTTPS, it redirects the request to the HTTPS
* version of the URL, if the request is to HTTPS, it rewrites all
* the URL variables so they also point to HTTPS.
*/
function enforceSSLMode()
{
    $bSSLActive = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != "off" || isset($_SERVER['HTTP_FORWARDED_PROTO']) && $_SERVER['HTTP_FORWARDED_PROTO'] == "https" || isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == "https";
    if (Yii::app()->getConfig('ssl_emergency_override') !== true) {
        $force_ssl = strtolower(getGlobalSetting('force_ssl'));
    } else {
        $force_ssl = 'off';
    }
    if ($force_ssl == 'on' && !$bSSLActive) {
        SSLRedirect('s');
    }
    if ($force_ssl == 'off' && $bSSLActive) {
        SSLRedirect('');
    }
}
Example #2
0
/**
* enforceSSLMode() $force_ssl is on or off, it checks if the current
* request is to HTTPS (or not). If $force_ssl is on, and the
* request is not to HTTPS, it redirects the request to the HTTPS
* version of the URL, if the request is to HTTPS, it rewrites all
* the URL variables so they also point to HTTPS.
*/
function enforceSSLMode()
{
    $https = isset($_SERVER['HTTPS']) ? $_SERVER['HTTPS'] : '';
    if (Yii::app()->getConfig('ssl_emergency_override') !== true) {
        $force_ssl = strtolower(getGlobalSetting('force_ssl'));
    } else {
        $force_ssl = 'off';
    }
    if ($force_ssl == 'on' && $https == '') {
        SSLRedirect('s');
    }
    if ($force_ssl == 'off' && $https != '') {
        SSLRedirect('');
    }
}