I would like to know how to force HTTPS (SSL) at Yii Controller Action.
Take a look at this article http://www.yiiframework.com/forum/index.php/topic/25407-forcing-https-in-yii/
class HttpsFilter extends CFilter {
protected function preFilter( $filterChain ) {
if ( !Yii::app()->getRequest()->isSecureConnection ) {
# Redirect to the secure version of the page.
$url = 'https://' .
Yii::app()->getRequest()->serverName .
Yii::app()->getRequest()->requestUri;
Yii::app()->request->redirect($url);
return false;
}
return true;
}
}
And even this for more details.
If you just want to apply https force onto your entire application, which is what I needed, you can put this in your protected/components/Controller.php:
public function beforeAction($action) {
if( ! Yii::app()->getRequest()->isSecureConnection ) {
$url = 'https://' .
Yii::app()->getRequest()->serverName .
Yii::app()->getRequest()->requestUri;
Yii::app()->request->redirect($url);
return false;
}
}
This is a cleaner solution than filters if you need site-wide https, because with filters you have to apply an array_merge with the parent controller in all children controllers you create. If you miss one, no https force for that controller. The minor drawback to this is that it is called after filters have been called, meaning that more processing has been done than we usually want before redirection.
If your needing it on a controller by controller or an action by action basis, filters are what your looking for.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With