SSL (HTTPS) URLs and CodeIgniter
I am a fan of CodeIgniter for its ease of use. I have developed several ecommerce projects using this “beautiful” framework. While working on my first ecommerce project with CodeIgniter, I faced a problem with URLs. The site was suppose to use both “http” and “https”. But with CodeIgnitor we can define one base URL, which can be either “http” or “https”. Then I came up with an idea and now I am going to share that idea with you.
What I am going to do…
We will create secure version of some functions. For this we will make changes in CodeIgnitor’s URL helper(url_helper.php), Config library (Config.php) and Config (config.php) files. We will be creating secure version of following functions:
- site_url()
- base_url()
- anchor()
- redirect()
Lets’ start…
First we will add the following config element in the config file:
$config['secure_base_url'] = 'https://examples.com'; |
Then, open the url_helper.php file (system/helpers/url_helper.php) and add the following codes. You may use a separate helper file if you do not want to alter the url_helper.php file.
if( ! function_exists('secure_site_url') ) { function secure_site_url($uri = '') { $CI =& get_instance(); return $CI->config->secure_site_url($uri); } } if( ! function_exists('secure_base_url') ) { function secure_base_url() { $CI =& get_instance(); return $CI->config->slash_item('secure_base_url'); } } if ( ! function_exists('secure_anchor')) { function secure_anchor($uri = '', $title = '', $attributes = '') { $title = (string) $title; if ( ! is_array($uri)) { $secure_site_url = ( ! preg_match('!^\w+://! i', $uri)) ? secure_site_url($uri) : $uri; } else { $secure_site_url = secure_site_url($uri); } if ($title == '') { $title = $secure_site_url; } if ($attributes != '') { $attributes = _parse_attributes($attributes); } return '<a href="'.$secure_site_url.'" ' . $attributes . '>'.$title.'</a>'; } } if ( ! function_exists('secure_redirect')) { function secure_redirect($uri = '', $method = 'location', $http_response_code = 302) { switch($method) { case 'refresh' : header("Refresh:0;url=".secure_site_url($uri)); break; default : header("Location: ".secure_site_url($uri), TRUE, $http_response_code); break; } exit; } } |
Now, add the following code in Config.php file (system/libraries/Config.php):
function secure_site_url($uri = '') { if (is_array($uri)) { $uri = implode('/', $uri); } if ($uri == '') { return $this->slash_item('secure_base_url').$this->item('index_page'); } else { $suffix = ($this->item('url_suffix') == FALSE) ? '' : $this->item('url_suffix'); return $this->slash_item('secure_base_url').$this->slash_item('index_page').preg_replace("|^/*(.+?)/*$|", "\\1", $uri).$suffix; } } |
Now what we have…
Now what we have? We have secured versions of those function. You may now use them as their insecured version. Enjoy coding ;).