ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
Public Member Functions | Static Public Member Functions | Data Fields | Protected Member Functions | Protected Attributes | Static Private Attributes
ilHTTPS Class Reference

HTTPS. More...

+ Collaboration diagram for ilHTTPS:

Public Member Functions

 __construct ()
 use ilHTTPS::getInstance() More...
 
 checkPort ()
 check if current port usage is right: if https should be used than redirection is done, to http otherwise. More...
 
 __readProtectedScripts ()
 
 isDetected ()
 check if https is detected More...
 
 __readProtectedClasses ()
 
 _checkHTTP ()
 static method to check if http connections are possible for this server More...
 
 enableSecureCookies ()
 enable secure cookies More...
 

Static Public Member Functions

static getInstance ()
 Get https instance. More...
 
static _checkHTTPS ()
 static method to check if https connections are possible for this server public More...
 

Data Fields

const PROTOCOL_HTTP = 1
 
const PROTOCOL_HTTPS = 2
 

Protected Member Functions

 shouldSwitchProtocol ($to_protocol)
 

Protected Attributes

 $enabled = false
 
 $protected_classes = array()
 
 $protected_scripts = array()
 
 $automaticHTTPSDetectionEnabled = false
 
 $headerName = false
 
 $headerValue = false
 

Static Private Attributes

static $instance = null
 

Detailed Description

HTTPS.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Version
$Id$

Definition at line 13 of file class.ilHTTPS.php.

Constructor & Destructor Documentation

◆ __construct()

ilHTTPS::__construct ( )

use ilHTTPS::getInstance()

Returns

Definition at line 33 of file class.ilHTTPS.php.

References $ilIliasIniFile, $ilSetting, __readProtectedClasses(), and __readProtectedScripts().

34  {
35  global $ilSetting, $ilIliasIniFile;
36 
37  if ($this->enabled = (bool) $ilSetting->get('https')) {
38  $this->__readProtectedScripts();
39  $this->__readProtectedClasses();
40  }
41 
42  if ($this->automaticHTTPSDetectionEnabled = (bool) $ilIliasIniFile->readVariable('https', "auto_https_detect_enabled")) {
43  $this->headerName = $ilIliasIniFile->readVariable('https', "auto_https_detect_header_name");
44  $this->headerValue = $ilIliasIniFile->readVariable('https', "auto_https_detect_header_value");
45  }
46  }
ilHTTPS\__readProtectedScripts
__readProtectedScripts()
Definition: class.ilHTTPS.php:110
ilHTTPS\__readProtectedClasses
__readProtectedClasses()
Definition: class.ilHTTPS.php:154
$ilSetting
global $ilSetting
Definition: privfeed.php:17
$ilIliasIniFile
$ilIliasIniFile
Definition: imagemanager.php:34
+ Here is the call graph for this function:

Member Function Documentation

◆ __readProtectedClasses()

ilHTTPS::__readProtectedClasses ( )

Definition at line 154 of file class.ilHTTPS.php.

Referenced by __construct().

155  {
156  $this->protected_classes[] = 'ilstartupgui';
157  $this->protected_classes[] = 'ilaccountregistrationgui';
158  $this->protected_classes[] = 'ilpersonalsettingsgui';
159  }
+ Here is the caller graph for this function:

◆ __readProtectedScripts()

ilHTTPS::__readProtectedScripts ( )

Definition at line 110 of file class.ilHTTPS.php.

Referenced by __construct().

111  {
112  $this->protected_scripts[] = 'login.php';
113  $this->protected_scripts[] = 'index.php';
114  $this->protected_scripts[] = 'register.php';
115  // BEGIN WebDAV Use SSL for WebDAV.
116  $this->protected_scripts[] = 'webdav.php';
117  // END WebDAV Use SSL for WebDAV.
118  $this->protected_scripts[] = 'shib_login.php';
119 
120  return true;
121  }
+ Here is the caller graph for this function:

◆ _checkHTTP()

ilHTTPS::_checkHTTP ( )

static method to check if http connections are possible for this server

public

Returns
boolean

Definition at line 183 of file class.ilHTTPS.php.

References $_SERVER, and $error.

184  {
185  $port = 80;
186 
187  if (($sp = fsockopen($_SERVER["SERVER_NAME"], $port, $errno, $error)) === false) {
188  return false;
189  }
190  fclose($sp);
191  return true;
192  }
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
$error
$error
Definition: Error.php:17

◆ _checkHTTPS()

static ilHTTPS::_checkHTTPS ( )
static

static method to check if https connections are possible for this server public

Returns
boolean

Definition at line 166 of file class.ilHTTPS.php.

References $_SERVER, and $error.

Referenced by ilSecuritySettings\validate().

167  {
168  // only check standard port in the moment
169  $port = 443;
170 
171  if (($sp = fsockopen($_SERVER["SERVER_NAME"], $port, $errno, $error)) === false) {
172  return false;
173  }
174  fclose($sp);
175  return true;
176  }
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
$error
$error
Definition: Error.php:17
+ Here is the caller graph for this function:

◆ checkPort()

ilHTTPS::checkPort ( )

check if current port usage is right: if https should be used than redirection is done, to http otherwise.

Returns
unknown

Definition at line 94 of file class.ilHTTPS.php.

References $_SERVER, exit, header, and shouldSwitchProtocol().

95  {
96  // if https is enabled for scripts or classes, check for redirection
97  if ($this->enabled) {
98  if ($this->shouldSwitchProtocol(self::PROTOCOL_HTTPS)) {
99  header("location: https://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]);
100  exit;
101  }
102  if ($this->shouldSwitchProtocol(self::PROTOCOL_HTTP)) {
103  header("location: http://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]);
104  exit;
105  }
106  }
107  return true;
108  }
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
header
Add a drawing to the header
Definition: 04printing.php:69
ilHTTPS\shouldSwitchProtocol
shouldSwitchProtocol($to_protocol)
Definition: class.ilHTTPS.php:64
+ Here is the call graph for this function:

◆ enableSecureCookies()

ilHTTPS::enableSecureCookies ( )

enable secure cookies

public

Parameters

Definition at line 201 of file class.ilHTTPS.php.

References defined, IL_COOKIE_PATH, and isDetected().

202  {
203  global $ilClientIniFile;
204 
205  $secure_disabled = $ilClientIniFile->readVariable('session', 'disable_secure_cookies');
206  if (!$secure_disabled && !$this->enabled && $this->isDetected() && !session_id()) {
207  if (!defined('IL_COOKIE_SECURE')) {
208  define('IL_COOKIE_SECURE', true);
209  }
210 
211  session_set_cookie_params(
212  IL_COOKIE_EXPIRE,
213  IL_COOKIE_PATH,
214  IL_COOKIE_DOMAIN,
215  true,
216  IL_COOKIE_HTTPONLY
217  );
218  }
219 
220  return true;
221  }
IL_COOKIE_PATH
const IL_COOKIE_PATH(isset($_GET["client_id"]))
Definition: metadata.php:36
ilHTTPS\isDetected
isDetected()
check if https is detected
Definition: class.ilHTTPS.php:128
defined
defined( 'APPLICATION_ENV')||define( 'APPLICATION_ENV'
Definition: bootstrap.php:27
+ Here is the call graph for this function:

◆ getInstance()

static ilHTTPS::getInstance ( )
static

Get https instance.

Returns

Definition at line 52 of file class.ilHTTPS.php.

Referenced by ilUtil\deliverData(), and ilInitialisation\setSessionCookieParams().

53  {
54  if (self::$instance) {
55  return self::$instance;
56  }
57  return self::$instance = new ilHTTPS();
58  }
ilHTTPS
HTTPS.
Definition: class.ilHTTPS.php:13
+ Here is the caller graph for this function:

◆ isDetected()

ilHTTPS::isDetected ( )

check if https is detected

Returns
boolean true, if https is detected by protocol or by automatic detection, if enabled, false otherwise

Definition at line 128 of file class.ilHTTPS.php.

References $_SERVER, and $headerName.

Referenced by enableSecureCookies().

129  {
130  if (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on") {
131  return true;
132  }
133 
134  if ($this->automaticHTTPSDetectionEnabled) {
135  $headerName = "HTTP_" . str_replace("-", "_", strtoupper($this->headerName));
136  /* echo $headerName;
137  echo $_SERVER[$headerName];*/
138  if (strcasecmp($_SERVER[$headerName], $this->headerValue)==0) {
139  $_SERVER["HTTPS"] = "on";
140  return true;
141  }
142  /*
143  if(isset($_SERVER[$this->headerName]) && (strcasecmp($_SERVER[$this->headerName],$this->headerValue) == 0))
144  {
145  $_SERVER['HTTPS'] = 'on';
146  return true;
147  }
148  */
149  }
150 
151  return false;
152  }
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
+ Here is the caller graph for this function:

◆ shouldSwitchProtocol()

ilHTTPS::shouldSwitchProtocol (   $to_protocol)
protected
Parameters
bool$to_protocol
Returns
bool

Definition at line 64 of file class.ilHTTPS.php.

References $_GET, and $_SERVER.

Referenced by checkPort().

65  {
66  switch ($to_protocol) {
67  case self::PROTOCOL_HTTP:
68  $should_switch_to_http = (
69  !in_array(basename($_SERVER['SCRIPT_NAME']), $this->protected_scripts) &&
70  !in_array(strtolower($_GET['cmdClass']), $this->protected_classes)
71  ) && $_SERVER['HTTPS'] == 'on';
72 
73  return $should_switch_to_http;
74  break;
75 
76  case self::PROTOCOL_HTTPS:
77  $should_switch_to_https = (
78  in_array(basename($_SERVER['SCRIPT_NAME']), $this->protected_scripts) ||
79  in_array(strtolower($_GET['cmdClass']), $this->protected_classes)
80  ) && $_SERVER['HTTPS'] != 'on';
81 
82  return $should_switch_to_https;
83  break;
84  }
85 
86  return false;
87  }
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
+ Here is the caller graph for this function:

Field Documentation

◆ $automaticHTTPSDetectionEnabled

ilHTTPS::$automaticHTTPSDetectionEnabled = false
protected

Definition at line 25 of file class.ilHTTPS.php.

◆ $enabled

ilHTTPS::$enabled = false
protected

Definition at line 20 of file class.ilHTTPS.php.

◆ $headerName

ilHTTPS::$headerName = false
protected

Definition at line 26 of file class.ilHTTPS.php.

Referenced by isDetected().

◆ $headerValue

ilHTTPS::$headerValue = false
protected

Definition at line 27 of file class.ilHTTPS.php.

◆ $instance

ilHTTPS::$instance = null
staticprivate

Definition at line 18 of file class.ilHTTPS.php.

◆ $protected_classes

ilHTTPS::$protected_classes = array()
protected

Definition at line 22 of file class.ilHTTPS.php.

◆ $protected_scripts

ilHTTPS::$protected_scripts = array()
protected

Definition at line 23 of file class.ilHTTPS.php.

◆ PROTOCOL_HTTP

const ilHTTPS::PROTOCOL_HTTP = 1

Definition at line 15 of file class.ilHTTPS.php.

◆ PROTOCOL_HTTPS

const ilHTTPS::PROTOCOL_HTTPS = 2

Definition at line 16 of file class.ilHTTPS.php.

The documentation for this class was generated from the following file: