HTTPS and WWW Redirects

[LucasA33]

Good morning,

It's really great to see an update for this script. Although I'm having an issue with my site not being able to run after installation. I believe my version of PHP is too high on my server (7.2.24), so I wait for future compatibility updates.

In the meantime, I'm trying to see if there is a way to utilize the secure HTTP protocol. Any attempts to do this through conf file configuration and rewrite engine have failed. I have configured the vhost properly for HTTPS, and successfully tested it. Alas, once the script is installed, it no longer handles HTTPS requests properly.

Has anyone got it working?

 

[Kyttias]

I'm using https with my install. In the htaccess file, make sure this line says https instead of http if you're using https:

RewriteRule ^ https://%1%{REQUEST_URI} [L,R=301]

Which unnecessary redirect are you referring to? After login? In view/loginview.php I simply replaced the page it lands on with an immediate redirect. (Note: If you're going to attempt to leave the existing code in, just make sure the header redirect is the first thing in the function and the rest is commented out. Any page rendering will break a header redirect.)

public function index(){
    header('Location: ' . $_SERVER['HTTP_REFERER']);
}
	
public function logout(){
    header('Location: ' . $_SERVER['HTTP_REFERER']);
}

These ones bounce back to the last page you were on, alternatively, if you'd rather they end up at the index, use

 header( "Location: /" );

I'm actually in the process of doing the same with inventory and shop and various other places where a redirect feels more expected than a confirmation screen, but I haven't had time to dig into the exact functions.

 

[LucasA33]

The .htaccess is actually a good solution for Apache users. I should have used the proper term "server block", but I'm using Nginx right now. I'm a bit rubbish though, so maybe I can get a workaround though the server block, as you did with the .htaccess file.

I retract my redirect statement, as I was just being dumb.

 

[Kyttias]

Oh, I'm not sure how to get Mysidia working with Nginx at all, then. It uses .htaccess files to format how the urls are structured. You'll have to find some way of converting the .htaccess files that come with Mysidia into whatever Nginx uses, I guess?

(Unrelated, bc it may not help you, but with an .htaccess file you can also dynamically lower the php version used for a folder and all of its children... So even if you have a higher version installed, you can still force it to run an older version. I have more than just Mysidia on my domain and I need php7 for my other projects, but php 5.6 for Mysidia, ofc...)

<FilesMatch "\.(php4|php5|php3|php2|php|phtml)$">
SetHandler application/x-lsphp56
</FilesMatch>