PHP :: Bug #31271 :: $_SERVER no longer contains SSL_PROTOCOL

Bug #31271	$_SERVER no longer contains SSL_PROTOCOL_VERSION
Submitted:	2004-12-23 18:22 UTC	Modified:	2004-12-23 19:02 UTC
From:	gary dot every at ingramentertainment dot com	Assigned:
Status:	Not a bug	Package:	OpenSSL related
PHP Version:	4.3.10	OS:	Gentoo Linux
Private report:	No	CVE-ID:	None

View Developer Edit

[2004-12-23 18:22 UTC] gary dot every at ingramentertainment dot com

Description:
------------
I've been using $_SERVER['SSL_PROTOCOL_VERSION'] since php3 and after updating from 4.3.6 to 4.3.10 that particular variable is no longer available.

We've been using it to check to see if the user is currently on our https: site, and if not, redirect them to it.

I've overcome the issue, but it took some head-scratching. Below is the source, both what I had, and what I needed to do to fix it:

Reproduce code:
---------------
if(!isset($_SERVER['SSL_PROTOCOL_VERSION'])) {
 Header("Location: https://www.url.com");
}

// Code that replaced it

if($_SERVER['SERVER_PORT'] != 443) {
 Header("Location: https://www.url.com");
}


Expected result:
----------------
Was expecting the SSL_PROTOCOL_VERSION to be set once they were on the https site, but it didn't, which put me in an endless loop attempting to redirect to the https site.


Actual result:
--------------
Again, put me in an endless loop because $_SERVER['SSL_PROTOCOL_VERSION'] was never set.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2004-12-23 18:26 UTC] rasmus@php.net

Are you sure you didn't change anything else?  $_SERVER variables are set by your web server, not by PHP.  So I would be surprised if just changing PHP and not anything related to  whatever web server you are using would affect this.

[2004-12-23 18:45 UTC] gary dot every at ingramentertainment dot com

It's true that the apache server was upgraded as well, so I'll check their site for any relevant information and get back to you.

Thanks so much for your quick response.

G.

[2004-12-23 18:54 UTC] gary dot every at ingramentertainment dot com

Apache did change their $_SERVER variable names, and the compatibility can be found here:

http://httpd.apache.org/docs-2.1/ssl/ssl_compat.html

They changed from SSL_PROTOCOL_VERSION to SSL_PROTOCOL

I'm closing this bug report and thanks so much!

[2004-12-23 19:02 UTC] rasmus@php.net

We mark reports that turn out to not be bugs in PHP as bogus.    This allows us to go back and look at "closed" bugs for actual PHP fixes.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Fri May 09 04:01:27 2025 UTC