ILIAS Release_3_9_x_branch .rev 46835: classes/class.ilHTTPS.php Source File

Go to the documentation of this file.
00001 <?php
00002 /*
00003         +-----------------------------------------------------------------------------+
00004         | ILIAS open source                                                           |
00005         +-----------------------------------------------------------------------------+
00006         | Copyright (c) 1998-2001 ILIAS open source, University of Cologne            |
00007         |                                                                             |
00008         | This program is free software; you can redistribute it and/or               |
00009         | modify it under the terms of the GNU General Public License                 |
00010         | as published by the Free Software Foundation; either version 2              |
00011         | of the License, or (at your option) any later version.                      |
00012         |                                                                             |
00013         | This program is distributed in the hope that it will be useful,             |
00014         | but WITHOUT ANY WARRANTY; without even the implied warranty of              |
00015         | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               |
00016         | GNU General Public License for more details.                                |
00017         |                                                                             |
00018         | You should have received a copy of the GNU General Public License           |
00019         | along with this program; if not, write to the Free Software                 |
00020         | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA. |
00021         +-----------------------------------------------------------------------------+
00022 */
00023 
00033 class ilHTTPS
00034 {
00035         var $enabled = false;
00036         var $protected_scripts = array();
00037 
00038         var $automaticHTTPSDetectionEnabled = false;
00039         var $headerName = false;
00040         var $headerValue = false;
00041 
00042         function ilHTTPS()
00043         {
00044                 global $ilSetting;
00045 
00046                 if($this->enabled = (bool) $ilSetting->get('https'))
00047                 {
00048                         $this->__readProtectedScripts();
00049                         $this->__readProtectedClasses();
00050                 }
00051                 if ($this->automaticHTTPSDetectionEnabled = (bool) $ilSetting->get("ps_auto_https_enabled"))
00052                 {
00053                     $this->headerName = $ilSetting->get("ps_auto_https_headername");
00054                     $this->headerValue = $ilSetting->get("ps_auto_https_headervalue");
00055                 }
00056         }
00057 
00063         function checkPort()
00064         {
00065                 // if https is enabled for scripts or classes, check for redirection
00066             if ($this->enabled)
00067                 {
00068                 if((in_array(basename($_SERVER["SCRIPT_NAME"]),$this->protected_scripts) or
00069                         in_array($_GET['cmdClass'],$this->protected_classes)) and
00070                    $_SERVER["HTTPS"] != "on")
00071                 {
00072                         header("location: https://".$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"]);
00073                         exit;
00074                 }
00075                 if((!in_array(basename($_SERVER["SCRIPT_NAME"]),$this->protected_scripts) and
00076                         !in_array($_GET['cmdClass'],$this->protected_classes)) and
00077                    $_SERVER["HTTPS"] == "on")
00078                 {
00079                         header("location: http://".$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"]);
00080                         exit;
00081                 }
00082                 }
00083                 return true;
00084         }
00085 
00086         function __readProtectedScripts()
00087         {
00088                 $this->protected_scripts[] = 'login.php';
00089                 $this->protected_scripts[] = 'index.php';
00090                 $this->protected_scripts[] = 'payment.php';
00091                 $this->protected_scripts[] = 'register.php';
00092 
00093                 return true;
00094         }
00095 
00101         public function isDetected () 
00102         {
00103                 if ($_SERVER["HTTPS"] == "on")
00104                    return true;
00105 
00106             if ($this->automaticHTTPSDetectionEnabled)
00107                 {
00108                     $headerName = "HTTP_".str_replace("-","_",$this->headerName);
00109                    /* echo $headerName;
00110                     echo $_SERVER[$headerName];*/
00111                     if (strcasecmp($_SERVER[$headerName],$this->headerValue)==0) 
00112                     {
00113                         $_SERVER["HTTPS"] = "on";
00114                         return true;
00115                     }
00116                 }
00117 
00118         return false;
00119         }
00120 
00121         function __readProtectedClasses()
00122         {
00123                 $this->protected_classes[] = 'ilstartupgui';
00124                 $this->protected_classes[] = 'ilregistrationgui';
00125         }
00126 
00132         function _checkHTTPS()
00133         {
00134                 // only check standard port in the moment
00135                 $port = 443;
00136 
00137                 if(($sp = @fsockopen($_SERVER["SERVER_NAME"],$port,$errno,$error)) === false)
00138                 {
00139                         return false;
00140                 }
00141                 fclose($sp);
00142                 return true;
00143         }
00150         function _checkHTTP()
00151         {
00152                 $port = 80;
00153 
00154                 if(($sp = @fsockopen($_SERVER["SERVER_NAME"],$port,$errno,$error)) === false)
00155                 {
00156                         return false;
00157                 }
00158                 fclose($sp);
00159                 return true;
00160         }
00161         
00169         public function enableSecureCookies()
00170         {
00171                 global $ilLog,$ilClientIniFile;
00172                 
00173                 $secure_disabled = $ilClientIniFile->readVariable('session','disable_secure_cookies');
00174                 
00175                 if(!$secure_disabled and !$this->enabled and $this->isDetected() and !session_id())
00176                 {
00177                         #$ilLog->write(__CLASS__.': Enabled secure cookies');
00178                         session_set_cookie_params(0,'/','',true);
00179                 }
00180                 return true;
00181         }
00182 }
00183 ?>