Jump to:

23552 Posts in 19349 Topics by 2891 members

General Questions

SilverStripe Forums » General Questions » How to implement a secure form on an SS site?

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1
Go to End
Author Topic: 362 Views
  • vwd
    Avatar
    Community Member
    158 Posts

    How to implement a secure form on an SS site? Link to this post

    Hi,

    How would you go about implementing a 'secure' form (SSL) on a SilverStripe site? The form deals with sensitive data and requires SSL for this form.

    Is forceSSL() the only way, and are there any examples on how to use forceSSL()?

    Thank you.

    VWD.

  • swaiba
    Avatar
    Forum Moderator
    1796 Posts

    Re: How to implement a secure form on an SS site? Link to this post

    I use a couple of functions that based on "logic" are called from within the Page_Controller init method ...

       public static function ForceSSL(){
          if((Director::protocol() != "https://")) { // echo 'REDIRECTING'; die();
    $destURL = str_replace('http:', 'https:', Director::absoluteURL($_SERVER['REQUEST_URI']));
    header("Location: $destURL", true, 301);
    die("<h1>Your browser is not accepting header redirects</h1><p>Please <a href=\"$destURL\">click here</a>");
    }
       }

       public static function ForceNoneSSL(){
          if(Director::protocol() != "http://") {
       $destURL = str_replace('https:', 'http:', Director::absoluteURL($_SERVER['REQUEST_URI']));
    header("Location: $destURL", true, 301);
    die("<h1>Your browser is not accepting header redirects</h1><p>Please <a href=\"$destURL\">click here</a>");
    }
       }

  • swaiba
    Avatar
    Forum Moderator
    1796 Posts

    Re: How to implement a secure form on an SS site? Link to this post

    Also to contridict Devlin you can use a single installation (of silverstipe) and swtich between the two retaining you session (based on using plesk and checking a couple of boxes). I was initially down hearted to hear that the session would be destroied on switching between the too and I'd need two installations.

    362 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.