ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
class.ilHTTPS.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
13 class ilHTTPS
14 {
15  const PROTOCOL_HTTP = 1;
16  const PROTOCOL_HTTPS = 2;
17 
18  private static $instance = null;
19 
20  protected $enabled = false;
21 
22  protected $protected_classes = array();
23  protected $protected_scripts = array();
24 
25  protected $automaticHTTPSDetectionEnabled = false;
26  protected $headerName = false;
27  protected $headerValue = false;
28 
33  public function __construct()
34  {
35  global $ilSetting, $ilIliasIniFile;
36 
37  if ($this->enabled = (bool) $ilSetting->get('https')) {
38  $this->__readProtectedScripts();
39  $this->__readProtectedClasses();
40  }
41 
42  if ($this->automaticHTTPSDetectionEnabled = (bool) $ilIliasIniFile->readVariable('https', "auto_https_detect_enabled")) {
43  $this->headerName = $ilIliasIniFile->readVariable('https', "auto_https_detect_header_name");
44  $this->headerValue = $ilIliasIniFile->readVariable('https', "auto_https_detect_header_value");
45  }
46  }
47 
52  public static function getInstance()
53  {
54  if (self::$instance) {
55  return self::$instance;
56  }
57  return self::$instance = new ilHTTPS();
58  }
59 
64  protected function shouldSwitchProtocol($to_protocol)
65  {
66  switch ($to_protocol) {
67  case self::PROTOCOL_HTTP:
68  $should_switch_to_http = (
69  !in_array(basename($_SERVER['SCRIPT_NAME']), $this->protected_scripts) &&
70  !in_array(strtolower($_GET['cmdClass']), $this->protected_classes)
71  ) && $_SERVER['HTTPS'] == 'on';
72 
73  return $should_switch_to_http;
74  break;
75 
76  case self::PROTOCOL_HTTPS:
77  $should_switch_to_https = (
78  in_array(basename($_SERVER['SCRIPT_NAME']), $this->protected_scripts) ||
79  in_array(strtolower($_GET['cmdClass']), $this->protected_classes)
80  ) && $_SERVER['HTTPS'] != 'on';
81 
82  return $should_switch_to_https;
83  break;
84  }
85 
86  return false;
87  }
88 
94  public function checkPort()
95  {
96  // if https is enabled for scripts or classes, check for redirection
97  if ($this->enabled) {
98  if ($this->shouldSwitchProtocol(self::PROTOCOL_HTTPS)) {
99  header("location: https://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]);
100  exit;
101  }
102  if ($this->shouldSwitchProtocol(self::PROTOCOL_HTTP)) {
103  header("location: http://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]);
104  exit;
105  }
106  }
107  return true;
108  }
109 
110  public function __readProtectedScripts()
111  {
112  $this->protected_scripts[] = 'login.php';
113  $this->protected_scripts[] = 'index.php';
114  $this->protected_scripts[] = 'register.php';
115  // BEGIN WebDAV Use SSL for WebDAV.
116  $this->protected_scripts[] = 'webdav.php';
117  // END WebDAV Use SSL for WebDAV.
118  $this->protected_scripts[] = 'shib_login.php';
119 
120  return true;
121  }
122 
128  public function isDetected()
129  {
130  if (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on") {
131  return true;
132  }
133 
134  if ($this->automaticHTTPSDetectionEnabled) {
135  $headerName = "HTTP_" . str_replace("-", "_", strtoupper($this->headerName));
136  /* echo $headerName;
137  echo $_SERVER[$headerName];*/
138  if (strcasecmp($_SERVER[$headerName], $this->headerValue)==0) {
139  $_SERVER["HTTPS"] = "on";
140  return true;
141  }
142  /*
143  if(isset($_SERVER[$this->headerName]) && (strcasecmp($_SERVER[$this->headerName],$this->headerValue) == 0))
144  {
145  $_SERVER['HTTPS'] = 'on';
146  return true;
147  }
148  */
149  }
150 
151  return false;
152  }
153 
154  public function __readProtectedClasses()
155  {
156  $this->protected_classes[] = 'ilstartupgui';
157  $this->protected_classes[] = 'ilaccountregistrationgui';
158  $this->protected_classes[] = 'ilpersonalsettingsgui';
159  }
160 
166  public static function _checkHTTPS()
167  {
168  // only check standard port in the moment
169  $port = 443;
170 
171  if (($sp = fsockopen($_SERVER["SERVER_NAME"], $port, $errno, $error)) === false) {
172  return false;
173  }
174  fclose($sp);
175  return true;
176  }
183  public function _checkHTTP()
184  {
185  $port = 80;
186 
187  if (($sp = fsockopen($_SERVER["SERVER_NAME"], $port, $errno, $error)) === false) {
188  return false;
189  }
190  fclose($sp);
191  return true;
192  }
193 
201  public function enableSecureCookies()
202  {
203  global $ilClientIniFile;
204 
205  $secure_disabled = $ilClientIniFile->readVariable('session', 'disable_secure_cookies');
206  if (!$secure_disabled && !$this->enabled && $this->isDetected() && !session_id()) {
207  if (!defined('IL_COOKIE_SECURE')) {
208  define('IL_COOKIE_SECURE', true);
209  }
210 
211  session_set_cookie_params(
212  IL_COOKIE_EXPIRE,
213  IL_COOKIE_PATH,
214  IL_COOKIE_DOMAIN,
215  true,
216  IL_COOKIE_HTTPONLY
217  );
218  }
219 
220  return true;
221  }
222 }
ilHTTPS\_checkHTTP
_checkHTTP()
static method to check if http connections are possible for this server
Definition: class.ilHTTPS.php:183
ilHTTPS\$automaticHTTPSDetectionEnabled
$automaticHTTPSDetectionEnabled
Definition: class.ilHTTPS.php:25
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
ilHTTPS\__construct
__construct()
use ilHTTPS::getInstance()
Definition: class.ilHTTPS.php:33
ilHTTPS\_checkHTTPS
static _checkHTTPS()
static method to check if https connections are possible for this server public
Definition: class.ilHTTPS.php:166
ilHTTPS\PROTOCOL_HTTP
const PROTOCOL_HTTP
Definition: class.ilHTTPS.php:15
$error
$error
Definition: Error.php:17
ilHTTPS
HTTPS.
Definition: class.ilHTTPS.php:13
IL_COOKIE_PATH
const IL_COOKIE_PATH(isset($_GET["client_id"]))
Definition: metadata.php:36
header
Add a drawing to the header
Definition: 04printing.php:69
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilHTTPS\getInstance
static getInstance()
Get https instance.
Definition: class.ilHTTPS.php:52
ilHTTPS\PROTOCOL_HTTPS
const PROTOCOL_HTTPS
Definition: class.ilHTTPS.php:16
ilHTTPS\__readProtectedScripts
__readProtectedScripts()
Definition: class.ilHTTPS.php:110
ilHTTPS\isDetected
isDetected()
check if https is detected
Definition: class.ilHTTPS.php:128
ilHTTPS\__readProtectedClasses
__readProtectedClasses()
Definition: class.ilHTTPS.php:154
$ilSetting
global $ilSetting
Definition: privfeed.php:17
ilHTTPS\enableSecureCookies
enableSecureCookies()
enable secure cookies
Definition: class.ilHTTPS.php:201
ilHTTPS\$instance
static $instance
Definition: class.ilHTTPS.php:18
$ilIliasIniFile
$ilIliasIniFile
Definition: imagemanager.php:34
defined
defined( 'APPLICATION_ENV')||define( 'APPLICATION_ENV'
Definition: bootstrap.php:27
ilHTTPS\shouldSwitchProtocol
shouldSwitchProtocol($to_protocol)
Definition: class.ilHTTPS.php:64
ilHTTPS\checkPort
checkPort()
check if current port usage is right: if https should be used than redirection is done...
Definition: class.ilHTTPS.php:94