public function site_url($uri = '', $force_secure = FALSE)
{
// Prepare the URI as normal
$_uri = parent::site_url($uri);
// --------------------------------------------------------------------------
// If forcing secure just return now
if ($force_secure) {
return preg_replace('#^' . BASE_URL . '#', SECURE_BASE_URL, $_uri);
}
// --------------------------------------------------------------------------
// If SSL routing is enabled then parse the URL
if (APP_SSL_ROUTING) {
$_prefix = 'https://';
$this->load('routes_ssl');
// --------------------------------------------------------------------------
// Fetch SSL routes
if (!$this->routes_ssl) {
$this->routes_ssl = $this->item('routes_ssl');
if (!$this->routes_ssl) {
$this->routes_ssl = array();
}
}
// --------------------------------------------------------------------------
// Analyse target URL, if it matches a route then change it to be an https URL
$_is_secure_route = FALSE;
foreach ($this->routes_ssl as $route) {
// Swap out the pseudo regex's
$route = str_replace(':any', '.*', $route);
$route = str_replace(':num', '[0-9]*', $route);
// See if any of the routes match, if they do halt the loop.
// We need to do an optional prefix for the hosts
if (BASE_URL !== SECURE_BASE_URL) {
$_pattern = '#^(' . preg_quote(BASE_URL, '#') . '|' . preg_quote(SECURE_BASE_URL, '#') . ')?' . $route . '#';
} else {
$_pattern = '#^(' . preg_quote(BASE_URL, '#') . ')?' . $route . '#';
}
if (preg_match($_pattern, $_uri)) {
$_is_secure_route = TRUE;
break;
}
}
// --------------------------------------------------------------------------
// If there was a match replace http:// with https://; also replace any
// calls for anything to the assets folder or the favicon (so secure content
// is shown).
// HTTPS is considered on if the domain matches that given in SECURE_BASE_URL
// or if the page is being served through HTTPS
if (isset($_SERVER)) {
$_page_is_secure = page_is_secure();
if ($_is_secure_route || $_page_is_secure && preg_match('#^' . BASE_URL . 'assets.*#', $_uri) || $_page_is_secure && preg_match('#^' . NAILS_ASSETS_URL . '.*#', $_uri) || $_page_is_secure && preg_match('#^' . BASE_URL . 'favicon\\.ico#', $_uri)) {
// SSL is off and there was a match, turn SSL on
$_uri = preg_replace('#^' . BASE_URL . '#', SECURE_BASE_URL, $_uri);
}
}
}
// --------------------------------------------------------------------------
// Spit back our result
return $_uri;
}