[pmwiki-users] Enableing pmWiki for SSL

H. Fox haganfox at users.sourceforge.net
Sun Apr 29 22:44:02 CDT 2007


On 4/29/07, Patrick R. Michaud <pmichaud at pobox.com> wrote:
> On Sun, Apr 29, 2007 at 01:14:14AM -0700, H. Fox wrote:
> > On 4/28/07, IchBin <weconsul at ptd.net> wrote:
> > > I looked at the docs for using SSL in pmWiki. I found the pre version
> > > 2.2.0-beta18 SwitchToSSLMode recipe. Also saw the
> > > SwitchToSSLMode-Talk recipe.
> > >
> > I don't think this has anything to do with the recipe at
> >
> >    http://www.pmwiki.org/wiki/Cookbook/SwitchToSSLMode
> >
> > which doesn't use str_replace.  It looks like something from the
> > (very) old recipe that was in the PmWiki V1 Cookbook.
> >
> > Try the current version of the recipe.
>
> In looking at the current version of the recipe, it says:
>
>   if (@$_SERVER['HTTPS'] == 'on' || @$_SERVER['SERVER_PORT'] == '443')
>   {
>     header("Location: https://www.example.com/pmwiki/pmwiki.php");
>     exit('<html><body>
>       <a href="https://www.example.com/pmwiki/pmwiki.php">Please use SSL.</a>
>       </body></html>');
>   }
>
> The conditional seems backwards to me -- the redirect
> should be executed only if the browser is not already using
> HTTPS, but as I read the above it seems like the redirect
> occurs whenever we're already using HTTPS (and thus results
> in an endless loop).
>
> Am I missing something here?

Quite the opposite.  :-)

I switched the contitional to this:

  if (!$_SERVER["HTTPS"] == 'on' || @$_SERVER['SERVER_PORT'] != '443') {

Hagan



More information about the pmwiki-users mailing list