ILIAS  Release_3_10_x_branch Revision 61812
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilHTTPS.php
Go to the documentation of this file.
1 <?php
2 /*
3  +-----------------------------------------------------------------------------+
4  | ILIAS open source |
5  +-----------------------------------------------------------------------------+
6  | Copyright (c) 1998-2001 ILIAS open source, University of Cologne |
7  | |
8  | This program is free software; you can redistribute it and/or |
9  | modify it under the terms of the GNU General Public License |
10  | as published by the Free Software Foundation; either version 2 |
11  | of the License, or (at your option) any later version. |
12  | |
13  | This program is distributed in the hope that it will be useful, |
14  | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16  | GNU General Public License for more details. |
17  | |
18  | You should have received a copy of the GNU General Public License |
19  | along with this program; if not, write to the Free Software |
20  | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21  +-----------------------------------------------------------------------------+
22 */
23 
33 class ilHTTPS
34 {
35  var $enabled = false;
36  var $protected_scripts = array();
37 
38  var $automaticHTTPSDetectionEnabled = false;
39  var $headerName = false;
40  var $headerValue = false;
41 
42  function ilHTTPS()
43  {
44  global $ilSetting;
45 
46  if($this->enabled = (bool) $ilSetting->get('https'))
47  {
48  $this->__readProtectedScripts();
49  $this->__readProtectedClasses();
50  }
51  if ($this->automaticHTTPSDetectionEnabled = (bool) $ilSetting->get("ps_auto_https_enabled"))
52  {
53  $this->headerName = $ilSetting->get("ps_auto_https_headername");
54  $this->headerValue = $ilSetting->get("ps_auto_https_headervalue");
55  }
56  }
57 
63  function checkPort()
64  {
65  // if https is enabled for scripts or classes, check for redirection
66  if ($this->enabled)
67  {
68  if((in_array(basename($_SERVER["SCRIPT_NAME"]),$this->protected_scripts) or
69  in_array($_GET['cmdClass'],$this->protected_classes)) and
70  $_SERVER["HTTPS"] != "on")
71  {
72  header("location: https://".$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"]);
73  exit;
74  }
75  if((!in_array(basename($_SERVER["SCRIPT_NAME"]),$this->protected_scripts) and
76  !in_array($_GET['cmdClass'],$this->protected_classes)) and
77  $_SERVER["HTTPS"] == "on")
78  {
79  header("location: http://".$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"]);
80  exit;
81  }
82  }
83  return true;
84  }
85 
86  function __readProtectedScripts()
87  {
88  $this->protected_scripts[] = 'login.php';
89  $this->protected_scripts[] = 'index.php';
90  $this->protected_scripts[] = 'payment.php';
91  $this->protected_scripts[] = 'register.php';
92  // BEGIN WebDAV Use SSL for WebDAV.
93  $this->protected_scripts[] = 'webdav.php';
94  // END WebDAV Use SSL for WebDAV.
95 
96  return true;
97  }
98 
104  public function isDetected ()
105  {
106  if ($_SERVER["HTTPS"] == "on")
107  return true;
108 
109  if ($this->automaticHTTPSDetectionEnabled)
110  {
111  $headerName = "HTTP_".str_replace("-","_",$this->headerName);
112  /* echo $headerName;
113  echo $_SERVER[$headerName];*/
114  if (strcasecmp($_SERVER[$headerName],$this->headerValue)==0)
115  {
116  $_SERVER["HTTPS"] = "on";
117  return true;
118  }
119  /*
120  if(isset($_SERVER[$this->headerName]) && (strcasecmp($_SERVER[$this->headerName],$this->headerValue) == 0))
121  {
122  $_SERVER['HTTPS'] = 'on';
123  return true;
124  }
125  */
126  }
127 
128  return false;
129  }
130 
131  function __readProtectedClasses()
132  {
133  $this->protected_classes[] = 'ilstartupgui';
134  $this->protected_classes[] = 'ilregistrationgui';
135  }
136 
142  function _checkHTTPS()
143  {
144  // only check standard port in the moment
145  $port = 443;
146 
147  if(($sp = @fsockopen($_SERVER["SERVER_NAME"],$port,$errno,$error)) === false)
148  {
149  return false;
150  }
151  fclose($sp);
152  return true;
153  }
160  function _checkHTTP()
161  {
162  $port = 80;
163 
164  if(($sp = @fsockopen($_SERVER["SERVER_NAME"],$port,$errno,$error)) === false)
165  {
166  return false;
167  }
168  fclose($sp);
169  return true;
170  }
171 
179  public function enableSecureCookies()
180  {
181  global $ilLog,$ilClientIniFile;
182 
183  $secure_disabled = $ilClientIniFile->readVariable('session','disable_secure_cookies');
184  if(!$secure_disabled and !$this->enabled and $this->isDetected() and !session_id())
185  {
186  $ilLog->write(__CLASS__.': Enabled secure cookies');
187  session_set_cookie_params(0,'/','',true);
188  }
189  return true;
190  }
191 }
192 ?>