Over a million developers have joined DZone.

Convert non-ssl to ssl links automatically and dynamically using Zend

DZone's Guide to

Convert non-ssl to ssl links automatically and dynamically using Zend

· Web Dev Zone ·
Free Resource

Access over 20 APIs and mobile SDKs, up to 250k transactions free with no credit card required

Hello dear readers,

Zend Framework is awesome and you probably know that already that's why you're using it. :)

Have you ever needed to replace the non-ssl links automatically with their SSL equivalent ?

Here is one way to achieve it using a front controller plugin.
The code of the plugin is below however it will need some tweaks on your part.

Replace YOURPREFIX with something like: EXT which will correspond to external classes you add to your Zend Framework installation.
The SecureLinks.php file should be saved in library\YOURPREFIX\Controller\Plugin\SecureLinks.php

Please also make sure you update $redir_script variable to point to your redirect script (code also included below).

In order for this to work is has to be registered with the front controller as follows.

$frontController = Zend_Controller_Front::getInstance();
// .... other cool stuff
$frontController->registerPlugin(new YOURPREFIX_Controller_Plugin_SecureLinks());



 * Corrects the non-ssl links to ssl ones for your sites.
 * @uses Zend_Controller_Plugin_Abstract
class YOURPREFIX_Controller_Plugin_SecureLinks extends Zend_Controller_Plugin_Abstract {
     * Updates the output buffer
     * @return void
    public function dispatchLoopShutdown() {
        $ssl = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on';
        $redir_script = 'https://secure.yoursite.com/redirect.php?url=';
        // do nothing if not SSL
        if (empty($ssl)) {
            return ;

        $response_obj = $this->getResponse();
        $buffer = $response_obj->getBody();

        // We'll proxy the links
        $regex = '#(<(?:a|othertag)[^<>]*(?:src|href)=[\'"])((?:http://(?:[\w-]+\.)?(YOUR-SITE|YOUR-SECOND-SITE)\.\w+)[^\'"]*)#si'; // no extension/TLD

        // if we have images
        if (1) {
            $view = Zend_Registry::get("view");

            // replaces ajax.googleapis, google.com, googlecode.com/
            $buffer = preg_replace('#http://(([\w-]+\.)?google(?:code|apis)?\.\w+[^\'"]*)#si', 'https://\\1', $buffer);

            $buffer = preg_replace($regex, '\\1' . $redir_script . '\\2', $buffer);




// usage: save it as redirect.php
// make links pointing to it as redirect.php?url=http://yahoo.com
$url = empty($_GET['url']) ? '' : $_GET['url'];

if (!empty($url)) {
    header('Location: ' . $url);



Source: http://www.devcha.com/2011/12/zend-framework-how-to-convert-non-ssl.html


#1 for location developers in quality, price and choice, switch to HERE.


Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}