ILIAS  release_5-0 Revision 5.0.0-1144-gc4397b1f870
All Data Structures Namespaces Files Functions Variables Modules Pages
Public Member Functions | Static Public Member Functions | Data Fields | Protected Member Functions | Static Private Attributes
ilHTTPS Class Reference

HTTPS. More...

+ Collaboration diagram for ilHTTPS:

Public Member Functions

 __construct ()
 use ilHTTPS::getInstance() More...
 
 checkPort ()
 check if current port usage is right: if https should be used than redirection is done, to http otherwise. More...
 
 __readProtectedScripts ()
 
 isDetected ()
 check if https is detected More...
 
 __readProtectedClasses ()
 
 _checkHTTPS ()
 static method to check if https connections are possible for this server public More...
 
 _checkHTTP ()
 static method to check if http connections are possible for this server More...
 
 enableSecureCookies ()
 enable secure cookies More...
 

Static Public Member Functions

static getInstance ()
 Get https instance. More...
 

Data Fields

const PROTOCOL_HTTP = 1
 
const PROTOCOL_HTTPS = 2
 
 $enabled = false
 
 $protected_scripts = array()
 
 $automaticHTTPSDetectionEnabled = false
 
 $headerName = false
 
 $headerValue = false
 

Protected Member Functions

 shouldSwitchProtocol ($to_protocol)
 

Static Private Attributes

static $instance = null
 

Detailed Description

HTTPS.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Version
$Id$

Definition at line 13 of file class.ilHTTPS.php.

Constructor & Destructor Documentation

◆ __construct()

ilHTTPS::__construct ( )

use ilHTTPS::getInstance()

Returns

Definition at line 31 of file class.ilHTTPS.php.

References $ilIliasIniFile, $ilSetting, __readProtectedClasses(), and __readProtectedScripts().

32  {
33  global $ilSetting, $ilIliasIniFile;
34 
35  if($this->enabled = (bool)$ilSetting->get('https'))
36  {
37  $this->__readProtectedScripts();
38  $this->__readProtectedClasses();
39  }
40 
41  if ($this->automaticHTTPSDetectionEnabled = (bool)$ilIliasIniFile->readVariable('https', "auto_https_detect_enabled"))
42  {
43  $this->headerName = $ilIliasIniFile->readVariable('https', "auto_https_detect_header_name");
44  $this->headerValue = $ilIliasIniFile->readVariable('https', "auto_https_detect_header_value");
45  }
46  }
$ilIliasIniFile
global $ilIliasIniFile
Definition: imagemanager.php:32
ilHTTPS\__readProtectedScripts
__readProtectedScripts()
Definition: class.ilHTTPS.php:115
ilHTTPS\__readProtectedClasses
__readProtectedClasses()
Definition: class.ilHTTPS.php:161
$ilSetting
global $ilSetting
Definition: privfeed.php:40
+ Here is the call graph for this function:

Member Function Documentation

◆ __readProtectedClasses()

ilHTTPS::__readProtectedClasses ( )

Definition at line 161 of file class.ilHTTPS.php.

Referenced by __construct().

162  {
163  $this->protected_classes[] = 'ilstartupgui';
164  $this->protected_classes[] = 'ilaccountregistrationgui';
165  $this->protected_classes[] = 'ilpurchasebmfgui';
166  $this->protected_classes[] = 'ilpurchasepaypal';
167  $this->protected_classes[] = 'ilshopshoppingcartgui';
168  $this->protected_classes[] = 'ilpurchasebillgui';
169  $this->protected_classes[] = 'ilpersonalsettingsgui';
170  }
+ Here is the caller graph for this function:

◆ __readProtectedScripts()

ilHTTPS::__readProtectedScripts ( )

Definition at line 115 of file class.ilHTTPS.php.

Referenced by __construct().

116  {
117  $this->protected_scripts[] = 'login.php';
118  $this->protected_scripts[] = 'index.php';
119  $this->protected_scripts[] = 'payment.php';
120  $this->protected_scripts[] = 'register.php';
121  // BEGIN WebDAV Use SSL for WebDAV.
122  $this->protected_scripts[] = 'webdav.php';
123  // END WebDAV Use SSL for WebDAV.
124  $this->protected_scripts[] = 'shib_login.php';
125 
126  return true;
127  }
+ Here is the caller graph for this function:

◆ _checkHTTP()

ilHTTPS::_checkHTTP ( )

static method to check if http connections are possible for this server

public

Returns
boolean

Definition at line 195 of file class.ilHTTPS.php.

196  {
197  $port = 80;
198 
199  if(($sp = fsockopen($_SERVER["SERVER_NAME"],$port,$errno,$error)) === false)
200  {
201  return false;
202  }
203  fclose($sp);
204  return true;
205  }

◆ _checkHTTPS()

ilHTTPS::_checkHTTPS ( )

static method to check if https connections are possible for this server public

Returns
boolean

Definition at line 177 of file class.ilHTTPS.php.

Referenced by ilSecuritySettings\validate().

178  {
179  // only check standard port in the moment
180  $port = 443;
181 
182  if(($sp = fsockopen($_SERVER["SERVER_NAME"],$port,$errno,$error)) === false)
183  {
184  return false;
185  }
186  fclose($sp);
187  return true;
188  }
+ Here is the caller graph for this function:

◆ checkPort()

ilHTTPS::checkPort ( )

check if current port usage is right: if https should be used than redirection is done, to http otherwise.

Returns
unknown

Definition at line 96 of file class.ilHTTPS.php.

References exit, and shouldSwitchProtocol().

97  {
98  // if https is enabled for scripts or classes, check for redirection
99  if ($this->enabled)
100  {
101  if($this->shouldSwitchProtocol(self::PROTOCOL_HTTPS))
102  {
103  header("location: https://".$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"]);
104  exit;
105  }
106  if($this->shouldSwitchProtocol(self::PROTOCOL_HTTP))
107  {
108  header("location: http://".$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"]);
109  exit;
110  }
111  }
112  return true;
113  }
exit
exit
Definition: login.php:54
ilHTTPS\shouldSwitchProtocol
shouldSwitchProtocol($to_protocol)
Definition: class.ilHTTPS.php:65
+ Here is the call graph for this function:

◆ enableSecureCookies()

ilHTTPS::enableSecureCookies ( )

enable secure cookies

public

Parameters

Definition at line 214 of file class.ilHTTPS.php.

References $ilLog, IL_COOKIE_PATH, and isDetected().

215  {
216  global $ilLog,$ilClientIniFile;
217 
218  $secure_disabled = $ilClientIniFile->readVariable('session','disable_secure_cookies');
219  if(!$secure_disabled and !$this->enabled and $this->isDetected() and !session_id())
220  {
221  #$ilLog->write(__CLASS__.': Enabled secure cookies');
222 
223  // session_set_cookie_params() supports 5th parameter
224  // only for php version 5.2.0 and above
225  if( version_compare(PHP_VERSION, '5.2.0', '>=') )
226  {
227  // PHP version >= 5.2.0
228  session_set_cookie_params(
229  IL_COOKIE_EXPIRE, IL_COOKIE_PATH, IL_COOKIE_DOMAIN, true, IL_COOKIE_HTTPONLY
230  );
231  }
232  else
233  {
234  // PHP version < 5.2.0
235  session_set_cookie_params(
236  IL_COOKIE_EXPIRE, IL_COOKIE_PATH, IL_COOKIE_DOMAIN, true
237  );
238  }
239  }
240  return true;
241  }
IL_COOKIE_PATH
const IL_COOKIE_PATH
Definition: index.php:6
$ilLog
$ilLog
Definition: inc.setup_header.php:132
ilHTTPS\isDetected
isDetected()
check if https is detected
Definition: class.ilHTTPS.php:134
+ Here is the call graph for this function:

◆ getInstance()

static ilHTTPS::getInstance ( )
static

Get https instance.

Returns

Definition at line 52 of file class.ilHTTPS.php.

Referenced by ilUtil\deliverData(), ilUtil\deliverFile(), and ilInitialisation\setCookieParams().

53  {
54  if(self::$instance)
55  {
56  return self::$instance;
57  }
58  return self::$instance = new ilHTTPS();
59  }
ilHTTPS
HTTPS.
Definition: class.ilHTTPS.php:13
+ Here is the caller graph for this function:

◆ isDetected()

ilHTTPS::isDetected ( )

check if https is detected

Returns
boolean true, if https is detected by protocol or by automatic detection, if enabled, false otherwise

Definition at line 134 of file class.ilHTTPS.php.

Referenced by enableSecureCookies().

135  {
136  if (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on")
137  return true;
138 
139  if ($this->automaticHTTPSDetectionEnabled)
140  {
141  $headerName = "HTTP_".str_replace("-","_",$this->headerName);
142  /* echo $headerName;
143  echo $_SERVER[$headerName];*/
144  if (strcasecmp($_SERVER[$headerName],$this->headerValue)==0)
145  {
146  $_SERVER["HTTPS"] = "on";
147  return true;
148  }
149  /*
150  if(isset($_SERVER[$this->headerName]) && (strcasecmp($_SERVER[$this->headerName],$this->headerValue) == 0))
151  {
152  $_SERVER['HTTPS'] = 'on';
153  return true;
154  }
155  */
156  }
157 
158  return false;
159  }
+ Here is the caller graph for this function:

◆ shouldSwitchProtocol()

ilHTTPS::shouldSwitchProtocol (   $to_protocol)
protected
Parameters
bool$to_protocol
Returns
bool

Definition at line 65 of file class.ilHTTPS.php.

References $_GET.

Referenced by checkPort().

66  {
67  switch($to_protocol)
68  {
69  case self::PROTOCOL_HTTP:
70  $should_switch_to_http = (
71  !in_array(basename($_SERVER['SCRIPT_NAME']), $this->protected_scripts) &&
72  !in_array(strtolower($_GET['cmdClass']), $this->protected_classes)
73  ) && $_SERVER['HTTPS'] == 'on';
74 
75  return $should_switch_to_http;
76  break;
77 
78  case self::PROTOCOL_HTTPS:
79  $should_switch_to_https = (
80  in_array(basename($_SERVER['SCRIPT_NAME']), $this->protected_scripts) ||
81  in_array(strtolower($_GET['cmdClass']), $this->protected_classes)
82  ) && $_SERVER['HTTPS'] != 'on';
83 
84  return $should_switch_to_https;
85  break;
86  }
87 
88  return false;
89  }
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
+ Here is the caller graph for this function:

Field Documentation

◆ $automaticHTTPSDetectionEnabled

ilHTTPS::$automaticHTTPSDetectionEnabled = false

Definition at line 23 of file class.ilHTTPS.php.

◆ $enabled

ilHTTPS::$enabled = false

Definition at line 20 of file class.ilHTTPS.php.

◆ $headerName

ilHTTPS::$headerName = false

Definition at line 24 of file class.ilHTTPS.php.

◆ $headerValue

ilHTTPS::$headerValue = false

Definition at line 25 of file class.ilHTTPS.php.

◆ $instance

ilHTTPS::$instance = null
staticprivate

Definition at line 18 of file class.ilHTTPS.php.

◆ $protected_scripts

ilHTTPS::$protected_scripts = array()

Definition at line 21 of file class.ilHTTPS.php.

◆ PROTOCOL_HTTP

const ilHTTPS::PROTOCOL_HTTP = 1

Definition at line 15 of file class.ilHTTPS.php.

◆ PROTOCOL_HTTPS

const ilHTTPS::PROTOCOL_HTTPS = 2

Definition at line 16 of file class.ilHTTPS.php.

The documentation for this class was generated from the following file: