ILIAS  Release_5_0_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilHTTPS.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
13 class ilHTTPS
14 {
15  const PROTOCOL_HTTP = 1;
16  const PROTOCOL_HTTPS = 2;
17 
18  private static $instance = null;
19 
20  var $enabled = false;
21  var $protected_scripts = array();
22 
23  var $automaticHTTPSDetectionEnabled = false;
24  var $headerName = false;
25  var $headerValue = false;
26 
31  function __construct()
32  {
33  global $ilSetting, $ilIliasIniFile;
34 
35  if($this->enabled = (bool)$ilSetting->get('https'))
36  {
37  $this->__readProtectedScripts();
38  $this->__readProtectedClasses();
39  }
40 
41  if ($this->automaticHTTPSDetectionEnabled = (bool)$ilIliasIniFile->readVariable('https', "auto_https_detect_enabled"))
42  {
43  $this->headerName = $ilIliasIniFile->readVariable('https', "auto_https_detect_header_name");
44  $this->headerValue = $ilIliasIniFile->readVariable('https', "auto_https_detect_header_value");
45  }
46  }
47 
52  public static function getInstance()
53  {
54  if(self::$instance)
55  {
56  return self::$instance;
57  }
58  return self::$instance = new ilHTTPS();
59  }
60 
65  protected function shouldSwitchProtocol($to_protocol)
66  {
67  switch($to_protocol)
68  {
69  case self::PROTOCOL_HTTP:
70  $should_switch_to_http = (
71  !in_array(basename($_SERVER['SCRIPT_NAME']), $this->protected_scripts) &&
72  !in_array(strtolower($_GET['cmdClass']), $this->protected_classes)
73  ) && $_SERVER['HTTPS'] == 'on';
74 
75  return $should_switch_to_http;
76  break;
77 
78  case self::PROTOCOL_HTTPS:
79  $should_switch_to_https = (
80  in_array(basename($_SERVER['SCRIPT_NAME']), $this->protected_scripts) ||
81  in_array(strtolower($_GET['cmdClass']), $this->protected_classes)
82  ) && $_SERVER['HTTPS'] != 'on';
83 
84  return $should_switch_to_https;
85  break;
86  }
87 
88  return false;
89  }
90 
96  function checkPort()
97  {
98  // if https is enabled for scripts or classes, check for redirection
99  if ($this->enabled)
100  {
101  if($this->shouldSwitchProtocol(self::PROTOCOL_HTTPS))
102  {
103  header("location: https://".$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"]);
104  exit;
105  }
106  if($this->shouldSwitchProtocol(self::PROTOCOL_HTTP))
107  {
108  header("location: http://".$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"]);
109  exit;
110  }
111  }
112  return true;
113  }
114 
115  function __readProtectedScripts()
116  {
117  $this->protected_scripts[] = 'login.php';
118  $this->protected_scripts[] = 'index.php';
119  $this->protected_scripts[] = 'payment.php';
120  $this->protected_scripts[] = 'register.php';
121  // BEGIN WebDAV Use SSL for WebDAV.
122  $this->protected_scripts[] = 'webdav.php';
123  // END WebDAV Use SSL for WebDAV.
124  $this->protected_scripts[] = 'shib_login.php';
125 
126  return true;
127  }
128 
134  public function isDetected ()
135  {
136  if (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on")
137  return true;
138 
139  if ($this->automaticHTTPSDetectionEnabled)
140  {
141  $headerName = "HTTP_".str_replace("-","_",$this->headerName);
142  /* echo $headerName;
143  echo $_SERVER[$headerName];*/
144  if (strcasecmp($_SERVER[$headerName],$this->headerValue)==0)
145  {
146  $_SERVER["HTTPS"] = "on";
147  return true;
148  }
149  /*
150  if(isset($_SERVER[$this->headerName]) && (strcasecmp($_SERVER[$this->headerName],$this->headerValue) == 0))
151  {
152  $_SERVER['HTTPS'] = 'on';
153  return true;
154  }
155  */
156  }
157 
158  return false;
159  }
160 
161  function __readProtectedClasses()
162  {
163  $this->protected_classes[] = 'ilstartupgui';
164  $this->protected_classes[] = 'ilaccountregistrationgui';
165  $this->protected_classes[] = 'ilpurchasebmfgui';
166  $this->protected_classes[] = 'ilpurchasepaypal';
167  $this->protected_classes[] = 'ilshopshoppingcartgui';
168  $this->protected_classes[] = 'ilpurchasebillgui';
169  $this->protected_classes[] = 'ilpersonalsettingsgui';
170  }
171 
177  function _checkHTTPS()
178  {
179  // only check standard port in the moment
180  $port = 443;
181 
182  if(($sp = fsockopen($_SERVER["SERVER_NAME"],$port,$errno,$error)) === false)
183  {
184  return false;
185  }
186  fclose($sp);
187  return true;
188  }
195  function _checkHTTP()
196  {
197  $port = 80;
198 
199  if(($sp = fsockopen($_SERVER["SERVER_NAME"],$port,$errno,$error)) === false)
200  {
201  return false;
202  }
203  fclose($sp);
204  return true;
205  }
206 
214  public function enableSecureCookies()
215  {
216  global $ilLog,$ilClientIniFile;
217 
218  $secure_disabled = $ilClientIniFile->readVariable('session','disable_secure_cookies');
219  if(!$secure_disabled and !$this->enabled and $this->isDetected() and !session_id())
220  {
221  #$ilLog->write(__CLASS__.': Enabled secure cookies');
222 
223  // session_set_cookie_params() supports 5th parameter
224  // only for php version 5.2.0 and above
225  if( version_compare(PHP_VERSION, '5.2.0', '>=') )
226  {
227  // PHP version >= 5.2.0
228  session_set_cookie_params(
229  IL_COOKIE_EXPIRE, IL_COOKIE_PATH, IL_COOKIE_DOMAIN, true, IL_COOKIE_HTTPONLY
230  );
231  }
232  else
233  {
234  // PHP version < 5.2.0
235  session_set_cookie_params(
236  IL_COOKIE_EXPIRE, IL_COOKIE_PATH, IL_COOKIE_DOMAIN, true
237  );
238  }
239  }
240  return true;
241  }
242 }
243 ?>