Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Convert non-ssl to ssl links automatically and dynamically using Zend

DZone's Guide to

Convert non-ssl to ssl links automatically and dynamically using Zend

· Web Dev Zone ·
Free Resource

Deploy code to production now. Release to users when ready. Learn how to separate code deployment from user-facing feature releases with LaunchDarkly.

Hello dear readers,

Zend Framework is awesome and you probably know that already that's why you're using it. :)

Have you ever needed to replace the non-ssl links automatically with their SSL equivalent ?

Here is one way to achieve it using a front controller plugin.
The code of the plugin is below however it will need some tweaks on your part.

Replace YOURPREFIX with something like: EXT which will correspond to external classes you add to your Zend Framework installation.
The SecureLinks.php file should be saved in library\YOURPREFIX\Controller\Plugin\SecureLinks.php

Please also make sure you update $redir_script variable to point to your redirect script (code also included below).

In order for this to work is has to be registered with the front controller as follows.

$frontController = Zend_Controller_Front::getInstance();
// .... other cool stuff
$frontController->registerPlugin(new YOURPREFIX_Controller_Plugin_SecureLinks());

SecureLinks.php

<?php

/**
 * Corrects the non-ssl links to ssl ones for your sites.
 *
 * @uses Zend_Controller_Plugin_Abstract
 */
class YOURPREFIX_Controller_Plugin_SecureLinks extends Zend_Controller_Plugin_Abstract {
    /**
     * Updates the output buffer
     * @return void
     */
    public function dispatchLoopShutdown() {
        $ssl = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on';
        $redir_script = 'https://secure.yoursite.com/redirect.php?url=';
        
        // do nothing if not SSL
        if (empty($ssl)) {
            return ;
        }

        $response_obj = $this->getResponse();
        $buffer = $response_obj->getBody();

        // We'll proxy the links
        $regex = '#(<(?:a|othertag)[^<>]*(?:src|href)=[\'"])((?:http://(?:[\w-]+\.)?(YOUR-SITE|YOUR-SECOND-SITE)\.\w+)[^\'"]*)#si'; // no extension/TLD

        // if we have images
        if (1) {
            $view = Zend_Registry::get("view");

            // replaces ajax.googleapis, google.com, googlecode.com/
            $buffer = preg_replace('#http://(([\w-]+\.)?google(?:code|apis)?\.\w+[^\'"]*)#si', 'https://\\1', $buffer);

            $buffer = preg_replace($regex, '\\1' . $redir_script . '\\2', $buffer);

            $response_obj->setBody($buffer);
        }
    }
}
?>

redirect.php

<?php

// usage: save it as redirect.php
// make links pointing to it as redirect.php?url=http://yahoo.com
$url = empty($_GET['url']) ? '' : $_GET['url'];

if (!empty($url)) {
    header('Location: ' . $url);
    exit;
}

?> 

 

Source: http://www.devcha.com/2011/12/zend-framework-how-to-convert-non-ssl.html

 

Deploy code to production now. Release to users when ready. Learn how to separate code deployment from user-facing feature releases with LaunchDarkly.

Topics:

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}