SSL in Zend Framework – Mohamed Sharaf محمد شرف

I had to implement SSL on login, cart and checkout pages.

if you want to have SSL enabled for the login page of your application:

First, enter the following code in your ssl.ini file. We will parse it later through the Bootstrap.php file.

[php]

ssl.modules.default.require_ssl = true //-> entire module requires SSL
ssl.modules.default.Index.require_ssl = true //-> entire controller requires SSL
ssl.modules.default.Index.login.require_ssl = true //-> single action requires SSL

[/php]

Next create a file Ssl.php in library/Application/Controller/Plugin folder. In the file, write the following code:

[php]
<?php
class Application_Controller_Plugin_Ssl extends Zend_Controller_Plugin_Abstract
{

public function preDispatch ( Zend_Controller_Request_Abstract $request )
{

$shouldSecureUrl = false;

//get the config settings for SSL
$options = new Zend_Config_Ini(APPLICATION_PATH.’/configs/ssl.ini’);
$options = $options->ssl;

//if config is empty, exit
if (!is_object($options))
return;

//simpler to use
$options = $options->toArray();

//only use it production environment
if ( APPLICATION_ENV == ‘production’ )
{

if (

( isset($options[‘modules’][$request->module][‘require_ssl’]) && $options[‘modules’][$request->module][‘require_ssl’] )&nbsp; ||
( isset($options[‘modules’][$request->module][$request->controller][‘require_ssl’]) && $options[‘modules’][$request->module][$request->controller][‘require_ssl’] )&nbsp; ||
( isset($options[‘modules’][$request->module][$request->controller][$request->action][‘require_ssl’]) && $options[‘modules’][$request->module][$request->controller][$request->action][‘require_ssl’] )

)
{

$shouldSecureUrl = true;

}

if ( $shouldSecureUrl )
{

$this->_secureUrl($request);

}
}
}

protected function _secureUrl ( Zend_Controller_Request_Abstract $request )
{

$server = $request->getServer();
$hostname = $server[‘HTTP_HOST’];

if ( ! $request->isSecure() )
{
$url = Zend_Controller_Request_Http::SCHEME_HTTPS . "://" . $hostname .
$request->getPathInfo();

$redirector = Zend_Controller_Action_HelperBroker::getStaticHelper(‘redirector’);
$redirector->setGoToUrl($url);
$redirector->redirectAndExit();
}
}
}
?>
[/php]

[php]
$frontController = Zend_Controller_Front::getInstance();
$frontController->registerPlugin( new Application_Controller_Plugin_Ssl());
[/php]