cliveportman/code

SSL and CodeIgniter

Create a helper named ssl_helper.php with the following:

<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');

if (!function_exists('force_ssl'))
{
    function force_ssl()
    {
        $CI =& get_instance();
        $CI->config->config['base_url'] =
                 str_replace('http://', 'https://',
                 $CI->config->config['base_url']);
        if ($_SERVER['SERVER_PORT'] != 443)
        {
            redirect($CI->uri->uri_string());
        }
    }
}

function remove_ssl()
{
    $CI =& get_instance();
    $CI->config->config['base_url'] =
                  str_replace('https://', 'http://',
                  $CI->config->config['base_url']);
    if ($_SERVER['SERVER_PORT'] != 80)
    {
        redirect($CI->uri->uri_string());
    }
}
/* End of file ssl_helper.php */
/* Location: ./application/helpers/ssl_helper.php *////

Autoload it, along with the url helper:

$autoload['helper'] = array('url', 'ssl');

Then, within function __construct() of every controller requiring SSL, add the following:

force_ssl();

In the config, ensure $config['index_page'] is set to be blank., then use the url helper for the site's url wherever you need it. This will automatically add https to the url where necessary. External scripts should be called with just // instead of http://.