I’ve seen many tutorials online that says you need to check $_SERVER[‘HTTPS‘] if the server is connection is secured with HTTPS. My problem is that on some of the servers I use, $_SERVER[‘HTTPS’] is an undefined variable that results in an error. Is there another variable I can check that should always be defined?
$isSecure = false;
if (isset($_SERVER[‘HTTPS’]) && $_SERVER[‘HTTPS’] == ‘on’) {
$isSecure = true;
}
elseif (!empty($_SERVER[‘HTTP_X_FORWARDED_PROTO’]) && $_SERVER[‘HTTP_X_FORWARDED_PROTO’] == ‘https’ || !empty($_SERVER[‘HTTP_X_FORWARDED_SSL’]) && $_SERVER[‘HTTP_X_FORWARDED_SSL’] == ‘on’) {
$isSecure = true;
}
$REQUEST_PROTOCOL = $isSecure ? ‘https://’ : ‘http://’;
$root=$REQUEST_PROTOCOL.$_SERVER[‘HTTP_HOST’];
Leave a Reply