SSL For Members Only

Any hacks and modifications will be in here...

SSL For Members Only

Postby Tyler.S » Tue Feb 07, 2012 8:38 am

I was wondering how exactly to increase both traffic and security to the site I am working on, and it came to me...SSL...So I created the following snippet of code to enable SSL for Logged in members ONLY. This not only solved the security issue for me, but also solved another problem...Google Ad-sense!

For those that have experience with Google Ad-sense, you will already know how great the program is...but also how disappointing it is that they do not offer an SSL version of it. So here is another way to entice members to join your site while making money at the same time. Let me explain:

My idea is to display ads on the site to non-members and to offer an ad-free and SSL secure environment to my members, so with this code it will not only allow you to provide the SSL secure environment, it will also allow you to display Ads on your site (non-ssl) without having to worry about the security warnings your browser will throw at you.

Installing the mod is VERY simple...

Step 1:

Open style/Indigo/header.php

Step 2:

Find: (It's the first few lines of code in the file)
Code: Select all
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1"/>
<meta name="description" content="<?php echo $fcontent[6];?>"/>
<meta name="keywords" content="keywords"/>
<meta name="author" content="author"/>
<link rel="stylesheet" type="text/css" href="./css/global.css" media="screen"/>
<link rel="stylesheet" type="text/css" href="./styles/<?php echo $style; ?>/style.css" media="screen"/>


Step 3:

Add before:
Code: Select all
<?php if ($_SESSION['islogged'] <> true) {

               }else{
                  
if ($_SERVER['SERVER_PORT']!=443)
{
$url = "https://". $_SERVER['SERVER_NAME'] . ":443".$_SERVER['REQUEST_URI'];
header("Location: $url");
}
               }
?>


Step 4:

Save and upload!

Your all done! Now when you login, your members will automatically be redirected to an "https" version of every page. And since it is loaded before any other code, you shouldn't run into any errors. This code does assume that your server is running SSL on port 443. If not, you can adjust the port accordingly.

Now for the Ad part...lol...Will create a new mod topic as soon as I am done!

That's all for now...
Tyler.S
Premium
 
Posts: 10
Joined: Mon Feb 06, 2012 7:42 am
Location: Ontario, Canada

Re: SSL For Members Only

Postby Tyler.S » Tue Feb 07, 2012 10:24 am

I have modified the code to force http (non-ssl) if a member is not signed in. I have added this so that it will avoid the SSL insecure warnings upon logout, as the connection will remain in https (SSL) until it is either forced off (like this updated mod), or the user leaves the site. This update will correct this.

Again, the main reason for this, was to solve the non-SSL Google Ad-Sense code. But perhaps you will find some need for it as well.

(I was unable to edit my original post so that is why it is in a reply)

To update the mod, just use the below code for STEP 3

Code: Select all
<?php if ($_SESSION['islogged'] <> true) {
if ($_SERVER['SERVER_PORT']!=80)
{
$url = "http://". $_SERVER['SERVER_NAME'] . ":80".$_SERVER['REQUEST_URI'];
header("Location: $url");
}
               }else{
                  
if ($_SERVER['SERVER_PORT']!=443)
{
$url = "https://". $_SERVER['SERVER_NAME'] . ":443".$_SERVER['REQUEST_URI'];
header("Location: $url");
}
               }
?>
Tyler.S
Premium
 
Posts: 10
Joined: Mon Feb 06, 2012 7:42 am
Location: Ontario, Canada


Return to Hacks and Modifications

Who is online

Users browsing this forum: No registered users and 3 guests

cron