[support] ssl + login best practice
Metzler, David
metzlerd at evergreen.edu
Fri Jul 31 15:47:00 UTC 2009
Expansion on this idea.
I don't think you'll get setting.php to have $user->uid context will
you? Doesn't it load too early?
If I'm right, write a module with hook_init (as Earnie says) have it
set cookie then do the base_url based on whether $cookie is site.
I would at least try contacting secure pages maintainer to see if you
can get a patch submitted there as this seems like a feature that would
be useful to that module.
Dave
-----Original Message-----
From: support-bounces at drupal.org [mailto:support-bounces at drupal.org] On
Behalf Of Earnie Boyd
Sent: Friday, July 31, 2009 5:57 AM
To: support at drupal.org
Subject: Re: [support] ssl + login best practice
Quoting Geoff O'Callaghan <geoffocallaghan at gmail.com>:
> Hi All,
>
> Running D6. What's the best practice for setting up a site where
> content is delivered by http *until* the user logs on and from then on
> I want all content to be via https.
>
Ideas only here; none of them tested. A hook_init in a custom module.
Some code in settings.php to modify the $base_url if the $user->uid !=
0. A mod_rewrite pattern and rule.
--
Earnie
-- http://r-feed.com/ -- http://for-my-kids.com/
-- http://www.4offer.biz/ -- http://give-me-an-offer.com/
--
[ Drupal support list | http://lists.drupal.org/ ]
More information about the support
mailing list