SSL (HTTPS) URLs and CodeIgniter (Extending the core)

In one of my previous post I have shown how we can use both secure and non-secure URLs. Now I am going to show how we can do this, extending native libraries.

$config['secure_base_url'] = 'https://example.com';

if( ! function_exists('secure_site_url') )
{
    function secure_site_url($uri = '')
    {
        $CI =& get_instance();
        return $CI->config->secure_site_url($uri);
    }
}
 
if( ! function_exists('secure_base_url') )
{
    function secure_base_url()
    {
        $CI =& get_instance();
        return $CI->config->slash_item('secure_base_url');
    }
}
 
if ( ! function_exists('secure_anchor'))
{
    function secure_anchor($uri = '', $title = '', $attributes = '')
    {
        $title = (string) $title;
 
        if ( ! is_array($uri))
        {
            $secure_site_url = ( ! preg_match('!^\w+://! i', $uri)) ? secure_site_url($uri) : $uri;
        }
        else
        {
            $secure_site_url = secure_site_url($uri);
        }
 
        if ($title == '')
        {
            $title = $secure_site_url;
        }
 
        if ($attributes != '')
        {
            $attributes = _parse_attributes($attributes);
        }
 
        return ''.$title.'';
    }
}
 
if ( ! function_exists('secure_redirect'))
{
    function secure_redirect($uri = '', $method = 'location', $http_response_code = 302)
    {
        switch($method)
        {
            case 'refresh'    : header("Refresh:0;url=".secure_site_url($uri));
                                break;
            default           : header("Location: ".secure_site_url($uri), TRUE, $http_response_code);
                                break;
        }
        exit;
    }
}

class MY_Config extends CI_Config
{
    function MY_Config()
    {
        parent::CI_Config();
    }
 
    function secure_site_url($uri = '')
    {
        if (is_array($uri))
        {
            $uri = implode('/', $uri);
        }
 
        if ($uri == '')
        {
            return $this->slash_item('secure_base_url').$this->item('index_page');
        }
        else
        {
            $suffix = ($this->item('url_suffix') == FALSE) ? '' : $this->item('url_suffix');
            return $this->slash_item('secure_base_url').$this->slash_item('index_page').preg_replace("|^/*(.+?)/*$|", "\\1", $uri).$suffix;
        }
    }
}

Now we have secured versions of those function. You may now use them as their insecured version. Enjoy coding .

301 (Permanent) redirection using .htaccess file

A few days back one of my project’s domain changed. The nature of this project was such that it provides URLs to it’s subscribers to use in their site for different purposes. As it has a huge user base, it was quite impossible to change the URLs already provided to the subscribers. That’s why I searched for a solution which will redirect the subscribers to new domain. I knew HTACCESS files can provide this type of service. So, I searched web for a solution to this problem – 301 redirection with HTACCESS file. Then I found the following solution. Before I provide the solution, I just want to say I am not an expert of HTACCESS .

I have created .htaccess file with the following line to redirect any request to http://www.oldurl.com/ to https://www.newurl.com/.

redirect 301 / https://www.newurl.com/

The line stated above tells Apache server to redirect all request to http://www.oldurl.com/ will be redirected to https://www.newurl.com/using 301 permanent redirection. It worked fine.

After implementing the solution I faced another problem. The line of code was redirecting to only HTTPS irrespective of the request made to HTTP or HTTPS. This caused a problem for the pages which were non-secured, I mean shown via HTTP. These pages contain elements like CSS, JavaScript files, images etc. which are linked as HTTP. So, browsers started generating security warnings. Again I took help of Google and searched for a solution. After studying different problems I wrote the following lines of code in the .htaccess file and it worked.

RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule ^(.*)$ https://www.newurl.com/$1 [L,R=301]
RewriteCond %{HTTPS} !^443
RewriteRule ^(.*)$ http://www.newurl.com/$1 [L,R=301]

The above code does a conditional redirection. If the request is made to HTTP then it redirects to HTTP and the same is for HTTPS.

FYI, my project is built with CodeIgniter and the redirection worked fine with it.

Integration of Payment Gateways

Yesterday, June 21 2009, I had to give a presentation on payment gateway integration at our office. That’s why I prepared a slide show. I mainly tried to show how PayPal’s Direct Payment API calls are made. I have choosen this because this technique is also used by other payment gateways. As I have shown the example based on PayPal, I called this session – “Integration of Payment Gateways, The PayPal Way“. It gives a basic idea how we can make API calls for payment processing. I have quoted some texts and images from PayPal’s integration documents.

You can download the presentation from here. For PDF version, click here.

What to do to put an HTML element on top of a Flash object

Many times this happens that in a page we have used a DHTML menu and a flash header and when we mouse over the menu, the menu could not be visible because of the flash object comes over the menu. Another situation could be – we used a block script and the page contains a flash object and when the script is called the flash object could not be hide.

I faced these situations many times and searched web for a solution. Long ago I found a solution which worked for me to solve these problems and I am still using it.

The solution

If you are using an object tag, then add the following param in it.

<param name="wmode" value="transparent" />

If you are using an embed tag, then use the following attribute in it.

wmode="transparent"

I don’t know what these codes do as I am not a flash expert, but they work. If anyone knows anything more about these codes then please share with us.