[英]do i need to add any code to PHP after using SSL
我正在使用PHP在我的網站上使用一個簡單的聯系表,並且我將在我的網站上安裝SSL,我需要對PHP代碼進行任何更改,我是SSL的新手,這是我的首先安裝SSL。
<?php
$errors = array();
$missing = array();
if (isset($_POST['send'])) {
$to = 'john@example.com';
$subject = 'Feedback from contact form';
$expected = array('name', 'email', 'comments');
$required = array('name', 'email', 'comments');
$headers = "From: webmaster@example.com\r\n";
$headers .= "Content-type: text/plain; charset=utf-8";
require './includes/mail_process.php';
if ($mailSent) {
header('Location: thanks.php');
exit;
}
}
?>
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Contact Us</title>
<link href="./styles.css" rel="stylesheet" type="text/css">
</head>
<body>
<h1>Contact Us</h1>
<?php if ($_POST && $suspect) { ?>
<p class="warning">Sorry your mail could not be be sent.</p>
<?php } elseif ($errors || $missing) { ?>
<p class="warning">Please fix the item(s) indicated.</p>
<?php }?>
<form name="contact" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<p>
<label for="name">Name:
<?php if ($missing && in_array('name', $missing)) { ?>
<span class="warning">Please enter your name</span>
<?php } ?>
</label>
<input type="text" name="name" id="name"
<?php
if ($errors || $missing) {
echo 'value="' . htmlentities($name, ENT_COMPAT, 'utf-8') . '"';
}
?>
>
</p>
<p>
<label for="email">Email:
<?php if ($missing && in_array('email', $missing)) { ?>
<span class="warning">Please enter your email address</span>
<?php } elseif (isset($errors['email'])) { ?>
<span class="warning">Invalid email address</span>
<?php } ?>
</label>
<input type="text" name="email" id="email"
<?php
if ($errors || $missing) {
echo 'value="' . htmlentities($email, ENT_COMPAT, 'utf-8') . '"';
}
?>
>
</p>
<p>
<label for="comments">Comments:
<?php if ($missing && in_array('comments', $missing)) { ?>
<span class="warning">You forgot to add your comments</span>
<?php } ?>
</label>
<textarea name="comments" id="comments"><?php
if ($errors || $missing) {
echo htmlentities($comments, ENT_COMPAT, 'utf-8');
}
?></textarea>
</p>
<p>
<input type="submit" name="send" id="send" value="Send Comments">
</p>
</form>
<pre>
</body>
</html>
mail_process.php像這樣
<?php
$suspect = false;
$pattern = '/Content-Type:|Bcc:|Cc:/i';
function isSuspect($val, $pattern, &$suspect) {
if (is_array($val)) {
foreach ($val as $item) {
isSuspect($item, $pattern, $suspect);
}
} else {
if (preg_match($pattern, $val)) {
$suspect = true;
}
}
}
isSuspect($_POST, $pattern, $suspect);
if (!$suspect) {
foreach ($_POST as $key => $value) {
$temp = is_array($value) ? $value : trim($value);
if (empty($temp) && in_array($key, $required)) {
$missing[] = $key;
$$key = '';
} elseif(in_array($key, $expected)) {
$$key = $temp;
}
}
}
if (!$suspect && !empty($email)) {
$validemail = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
if ($validemail) {
$headers .= "\r\nReply-to: $validemail";
} else {
$errors['email'] = true;
}
}
if (!$suspect && !$missing && !$errors) {
$message = '';
foreach ($expected as $item) {
if (isset($$item) && !empty($$item)) {
$val = $$item;
} else {
$val = 'Not selected';
}
if (is_array($val)) {
$val = implode(', ', $val);
}
$item = str_replace(array('_', '-'), ' ', $item);
$message .= ucfirst($item) . ": $val\r\n\r\n";
}
$message = wordwrap($message, 70);
$mailSent = mail($to, $subject, $message, $headers, $authenticate);
if (!$mailSent) {
$errors['mailfail'] = true;
}
}
由於您沒有任何絕對URL引用,因此不會有問題。 我建議您將其放在標頭(或所有PHP文件的頂部)中,以強制它們使用https,這樣,如果您確實需要網站中的絕對URL,則可以像所有人一樣將它們都設置為HTTPS反正被迫在那里。
if($_SERVER['HTTPS'] != 'on' || !stristr($_SERVER['HTTP_HOST'], 'www.')) {
$redirect= "https://www.".str_replace('www.','',$_SERVER['HTTP_HOST']).$_SERVER['REQUEST_URI'];
header("Location:$redirect");
}
您必須將絕對URL更改為“ https:// ....”。 如果您不使用絕對URL,則您的表單和處理腳本都在https上時,則沒有任何更改。
我是否需要修改這個mod重寫代碼,如果我添加SSL證書到我的服務器?
[英]Do I need to modify this mod-rewrite code if I add an SSL certificate to my server?
在服務器上安裝 SSL 證書時是否需要更改 PHP 表單提交和 MySQL 插入代碼?
[英]Do I need to change PHP form submit and MySQL insterter code when installing an SSL certificate on the server?
項目完成后我是否需要 Composer、Git 或任何這些?
[英]Do I Need Composer, Git or Any of These after Project Is Finished?
我需要在計算機上設置服務器以便使用Zend調試器調試PHP代碼嗎?
[英]do I need to setup a server in my computer in order to debug PHP code using Zend debugger ?
為什么當我使用PHP cURL時不需要避免SSL檢查但可以請求HTTPS資源
[英]Why I do not need to avoid SSL check but can request HTTPS resource when I use PHP cURL
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.