Https and Yii

olemara · January 15, 2012, 5:19pm

Hi everyone,

I have the following scenario I want to solve correctly.

I am using a widget for login and have put it in the header of every page. The widget consists of a LoginForm model which does the authentication etc.

Using a form in this widget I see that the form’s action is directed to “/”. I want to secure the login with Https, but wonder how to do it in this situation.

I have seen a solution where one uses a filter on the controller actions that needs to be secured. But I can’t see that this could apply here.

Really hope someone can give me some pointers on this,

cheers!

Ole

redguy · January 15, 2012, 10:44pm

look at this function: CController:createAbsoluteUrl and its parameter $schema:

"schema to use (e.g. http, https). If empty, the schema used for the current request will be used."

you can pass such generated url as form action:




$form = $this->beginWidget('CActiveForm', array(

  'action'=>$this->createAbsoluteUrl( 'action', array(), 'https' ),

  ...

);

olemara · January 18, 2012, 8:13pm

redguy:

look at this function: CController:createAbsoluteUrl and its parameter $schema:

"schema to use (e.g. http, https). If empty, the schema used for the current request will be used."

you can pass such generated url as form action:
$form = $this->beginWidget('CActiveForm', array(

  'action'=>$this->createAbsoluteUrl( 'action', array(), 'https' ),

  ...

);

Thanks for your reply!

Actually I do not create it like that just


$this->widget('application.components.LogInOutWidget');

And set it in the CHtml::beginForm(URL). The weird thing is that Firefox is now complaining that the URL is not valid, even though I just changed the protocoll part of the URL.

Any suggestions?

OM