You are here

Home » API reference » Secure Login 7 » securelogin.module

function securelogin_secure_form in Secure Login 7

Secures a form by altering its action to use the secure base URL.

1 call to securelogin_secure_form()
securelogin_form_alter in ./securelogin.module
Implements hook_form_alter().

File

./securelogin.module, line 92
Enables user login and other forms to be submitted securely via HTTPS.

Code

function securelogin_secure_form(&$form) {
  global $base_path, $base_secure_url, $is_https;

  // Flag form as secure for theming purposes.
  $form['#https'] = TRUE;
  if (!$is_https) {

    // Redirect to secure page, if enabled.
    if (variable_get('securelogin_secure_forms', TRUE)) {
      securelogin_secure_redirect();
    }

    // Set the form action to use secure base URL in place of base path.
    if (strpos($form['#action'], $base_path) === 0) {
      $base_url = variable_get('securelogin_base_url', $base_secure_url);
      $form['#action'] = substr_replace($form['#action'], $base_url, 0, strlen($base_path) - 1);
    }
    else {
      $form['#action'] = str_replace('http://', 'https://', $form['#action']);
    }
  }
}