Includes standard SSL header check for setting scheme…
$base_url = (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off') || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) === 'https')) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME']) . '/';
If you don’t need the header checks…
$base_url = 'https://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME']) . '/';
If you want the full script URL instead…
$script_url = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME'];
Or the complete URL…
$url = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
Cheers! 🍻
Superglobals used above for brevity. Always filter your input 😉
$url = 'https://' . filter_input(INPUT_SERVER, 'HTTP_HOST', FILTER_SANITIZE_URL) . filter_input(INPUT_SERVER, 'REQUEST_URI', FILTER_SANITIZE_URL);
Non-standard headers that may also be available for SSL checks…
$_SERVER['HTTP_X_FORWARDED_PROTOCOL']) === 'https'
$_SERVER['HTTP_X_FORWARDED_SSL']) === 'on'
$_SERVER['HTTP_X_URL_SCHEME']) === 'https'
$_SERVER['HTTP_FRONT_END_HTTPS']) === 'on'