ILIAS  Release_4_4_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilHTTPS.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
13 class ilHTTPS
14 {
15  const PROTOCOL_HTTP = 1;
16  const PROTOCOL_HTTPS = 2;
17 
18  private static $instance = null;
19 
20  var $enabled = false;
21  var $protected_scripts = array();
22 
23  var $automaticHTTPSDetectionEnabled = false;
24  var $headerName = false;
25  var $headerValue = false;
26 
31  function ilHTTPS()
32  {
33  global $ilSetting;
34 
35  if($this->enabled = (bool) $ilSetting->get('https'))
36  {
37  $this->__readProtectedScripts();
38  $this->__readProtectedClasses();
39  }
40  if ($this->automaticHTTPSDetectionEnabled = (bool) $ilSetting->get("ps_auto_https_enabled"))
41  {
42  $this->headerName = $ilSetting->get("ps_auto_https_headername");
43  $this->headerValue = $ilSetting->get("ps_auto_https_headervalue");
44  }
45  }
46 
51  public static function getInstance()
52  {
53  if(self::$instance)
54  {
55  return self::$instance;
56  }
57  return self::$instance = new ilHTTPS();
58  }
59 
64  protected function shouldSwitchProtocol($to_protocol)
65  {
66  switch($to_protocol)
67  {
68  case self::PROTOCOL_HTTP:
69  $should_switch_to_http = (
70  !in_array(basename($_SERVER['SCRIPT_NAME']), $this->protected_scripts) &&
71  !in_array(strtolower($_GET['cmdClass']), $this->protected_classes)
72  ) && $_SERVER['HTTPS'] == 'on';
73 
74  return $should_switch_to_http;
75  break;
76 
77  case self::PROTOCOL_HTTPS:
78  $should_switch_to_https = (
79  in_array(basename($_SERVER['SCRIPT_NAME']), $this->protected_scripts) ||
80  in_array(strtolower($_GET['cmdClass']), $this->protected_classes)
81  ) && $_SERVER['HTTPS'] != 'on';
82 
83  return $should_switch_to_https;
84  break;
85  }
86 
87  return false;
88  }
89 
95  function checkPort()
96  {
97  // if https is enabled for scripts or classes, check for redirection
98  if ($this->enabled)
99  {
100  if($this->shouldSwitchProtocol(self::PROTOCOL_HTTPS))
101  {
102  header("location: https://".$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"]);
103  exit;
104  }
105  if($this->shouldSwitchProtocol(self::PROTOCOL_HTTP))
106  {
107  header("location: http://".$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"]);
108  exit;
109  }
110  }
111  return true;
112  }
113 
114  function __readProtectedScripts()
115  {
116  $this->protected_scripts[] = 'login.php';
117  $this->protected_scripts[] = 'index.php';
118  $this->protected_scripts[] = 'payment.php';
119  $this->protected_scripts[] = 'register.php';
120  // BEGIN WebDAV Use SSL for WebDAV.
121  $this->protected_scripts[] = 'webdav.php';
122  // END WebDAV Use SSL for WebDAV.
123  $this->protected_scripts[] = 'shib_login.php';
124 
125  return true;
126  }
127 
133  public function isDetected ()
134  {
135  if (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on")
136  return true;
137 
138  if ($this->automaticHTTPSDetectionEnabled)
139  {
140  $headerName = "HTTP_".str_replace("-","_",$this->headerName);
141  /* echo $headerName;
142  echo $_SERVER[$headerName];*/
143  if (strcasecmp($_SERVER[$headerName],$this->headerValue)==0)
144  {
145  $_SERVER["HTTPS"] = "on";
146  return true;
147  }
148  /*
149  if(isset($_SERVER[$this->headerName]) && (strcasecmp($_SERVER[$this->headerName],$this->headerValue) == 0))
150  {
151  $_SERVER['HTTPS'] = 'on';
152  return true;
153  }
154  */
155  }
156 
157  return false;
158  }
159 
160  function __readProtectedClasses()
161  {
162  $this->protected_classes[] = 'ilstartupgui';
163  $this->protected_classes[] = 'ilaccountregistrationgui';
164  $this->protected_classes[] = 'ilpurchasebmfgui';
165  $this->protected_classes[] = 'ilpurchasepaypal';
166  $this->protected_classes[] = 'ilshopshoppingcartgui';
167  $this->protected_classes[] = 'ilpurchasebillgui';
168  $this->protected_classes[] = 'ilpersonalsettingsgui';
169  }
170 
176  function _checkHTTPS()
177  {
178  // only check standard port in the moment
179  $port = 443;
180 
181  if(($sp = fsockopen($_SERVER["SERVER_NAME"],$port,$errno,$error)) === false)
182  {
183  return false;
184  }
185  fclose($sp);
186  return true;
187  }
194  function _checkHTTP()
195  {
196  $port = 80;
197 
198  if(($sp = fsockopen($_SERVER["SERVER_NAME"],$port,$errno,$error)) === false)
199  {
200  return false;
201  }
202  fclose($sp);
203  return true;
204  }
205 
213  public function enableSecureCookies()
214  {
215  global $ilLog,$ilClientIniFile;
216 
217  $secure_disabled = $ilClientIniFile->readVariable('session','disable_secure_cookies');
218  if(!$secure_disabled and !$this->enabled and $this->isDetected() and !session_id())
219  {
220  #$ilLog->write(__CLASS__.': Enabled secure cookies');
221 
222  // session_set_cookie_params() supports 5th parameter
223  // only for php version 5.2.0 and above
224  if( version_compare(PHP_VERSION, '5.2.0', '>=') )
225  {
226  // PHP version >= 5.2.0
227  session_set_cookie_params(
228  IL_COOKIE_EXPIRE, IL_COOKIE_PATH, IL_COOKIE_DOMAIN, true, IL_COOKIE_HTTPONLY
229  );
230  }
231  else
232  {
233  // PHP version < 5.2.0
234  session_set_cookie_params(
235  IL_COOKIE_EXPIRE, IL_COOKIE_PATH, IL_COOKIE_DOMAIN, true
236  );
237  }
238  }
239  return true;
240  }
241 }
242 ?>