I've read some topics from Draxxon and I would like to add secure log in for my sites user but have no idea where to access any of the information given by Draxxon.
Here's a copy of what was written and I would like help on the second option to add SSL on certain page such as log in, account page,mail exc...
Please some one advice:
Where and how to access this option.
This actually is fairly easy to accomplish. (As I posted in another thread.)
You simply add the following code to the top of the scripts/functions.php file for the skin you are using.
for example, if you are using the default uni skin, you would add the code to the /templates/tmpl_uni/scripts/functions.php
if ($_SERVER['HTTPS'] && ($_SERVER['HTTPS'] != 'off'))
{
// Replace Global Site values
foreach($GLOBALS['site'] as $szTempKey => $szTempVal)
{
$GLOBALS['site'][$szTempKey] = str_replace('http://', 'https://', $szTempVal);
}
$GLOBALS['page']['extra_js'] = str_replace('http://', 'https://', $GLOBALS['page']['extra_js']);
$GLOBALS['page']['extra_css'] = str_replace('http://', 'https://', $GLOBALS['page']['extra_css']);
$GLOBALS['sHomeUrl'] = str_replace('http://', 'https://', $GLOBALS['sHomeUrl']);
$GLOBALS['sGlobalPath'] =str_replace('http://', 'https://', $GLOBALS['sGlobalPath']);
$GLOBALS['sGlobalUrl'] =str_replace('http://', 'https://', $GLOBALS['sGlobalUrl']);
$GLOBALS['sDataPath'] = str_replace('http://', 'https://', $GLOBALS['sDataPath']);
// Replace Template Config values
foreach($GLOBALS['oTemplConfig'] as $szTempKey => $szTempVal)
{
if (is_string($szTempVal))
$GLOBALS['oTemplConfig']->$szTempKey = str_replace('http://', 'https://', $szTempVal);
}
// Replace Template Site values
foreach($GLOBALS['oTemplConfig']->aSite as $szTempKey => $szTempVal)
{
if (is_string($szTempVal))
$GLOBALS['oTemplConfig']->aSite[$szTempKey] = str_replace('http://', 'https://', $szTempVal);
}
}
This will replace all of the http:// with https:// in the relevant links in the skin. It is important to place this code right after the copyright comments, and before any function declarations. the great thing about this, is that if you are using a custom skin (like I am) the changes take effect without modifying any of Dolphin's core code, and the code will not be affected by upgrades.
Additionally, you can add the following code to the .htaccess file (if you are running apache with mod_rewrite enabled) to access only turn on SSL for specific pages. (the pedit.php and join.php pages in this example, but other can be added.)
This code will move to SSL for just pedit.php and join.php and will move out when another page is visited. (This is a slightly modified version of a trick off of the Apache Website.)
RewriteRule "^(pedit.php)$" - [env=whwSecure:https]
RewriteRule "^(join.php.*)$" - [env=whwSecure:https]
#Redirect to normal site.
RewriteCond %{HTTPS} on
RewriteCond %{env:whwSecure} !https
RewriteCond %{REQUEST_URI} !^.*simg.php
RewriteCond %{REQUEST_URI} ^.+.php [OR]
RewriteCond %{REQUEST_URI} ^.+/$
RewriteRule "^(.*)$" "http://%{HTTP_HOST}/community/$1" [R=301,L]
#Redirect to Secure site
RewriteCond %{HTTPS} off
RewriteCond %{env:whwSecure} https
RewriteRule "^(.*)$" "https://%{HTTP_HOST}/community/$1" [R=301,L]
