Force Secure Pages With Zend Framework

When i was working on one project i needed to secure some pages eg. cart, checkout, login, .. This will implement SSL on pages you want and i will assume that you have working Zend Framework application and that you know how to implement this action helper.
You must know also that securing pages with SSL is not actually “secure” which will help you fix your mistakes done in writing code, but it will help against traffic sniffing.


We can start by making our action helper so we go to our library/My/Controller/Action/Helper/ and create Https.php :

class My_Controller_Action_Helper_Https extends Zend_Controller_Action_Helper_Abstract
{
    public function __construct($bool) {
 if($bool) {
     $this->setHttps();
 } else {
     $this->setHttp();
        }
    }
    public function setHttps ()
    {
 if($_SERVER['SERVER_PORT'] != '443') {
     header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
 }
    }
    public function setHttp ()
    {
 if($_SERVER['SERVER_PORT'] == '443') {
     header('Location: http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
 }
    }
}

Now you can go to any controller which you want to secure and if you want to secure whole controller you can add __init() function and put inside new My_Controller_Action_Helper_Https(true); or you can add this inside any action you want to secure (this will secure only this action).