• Registered: 2010-03-07
  • Posts: 6

Topic: Anyone confirm SSL cert works?

I have been playing with the Pronto 0.6 version and considering it for use in a web app, but I know the app will need to switch in and out of SSL encryption (https:// vs. http://) for processing some member-only data.

I assume if I were willing to stay in https mode all the time, then I could simply define the base URL as:

define('SITE_URL_BASE', 'https://www.my_site_name.com');

But that really isn't reasonable, since a great many visitors to the site won't need to access the SSL pages at all.

I admit to being an absolute rookie with the Pronto framework, so I may be overlooking something obvious. But, better to ask a "dumb question" sometimes....

So, has anyone tackled this situation with Pronto yet, or does anyone have any sage advice about doing so?


(OBTW, I'm deploying on a fairly standard LAMP platform with this app, so if the solution is more of an .htaccess issue, that's OK too....)

Last edited by spectrum-nashville (2010-03-07 21:07:12)

  • From: Victoria, BC
  • Registered: 2008-03-28
  • Posts: 64

Re: Anyone confirm SSL cert works?

You're probably best off using the require_https() function in the $web object.  So if you have a sensitive action in a page controller that you want to protect with SSL, you can do something like this:

class pUser extends Page {
  function GET_login() {
    $this->web->require_https();
    // do stuff
  }
}

jvinet's Website

  • Registered: 2010-03-07
  • Posts: 6

Re: Anyone confirm SSL cert works?

JV:

Thanks for that information and code snippet.

I had located the require_https() function after posting the original message, but I still haven't put Pronto out there where I can try it. I probably will do so in the next two weeks.

Your response probably saved me plenty of time, though, since I'll know right where I'm going with it now!

- Keith