ILIAS  release_7 Revision v7.30-3-g800a261c036
class.ilHTTPS.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3
14{
15 const PROTOCOL_HTTP = 1;
16 const PROTOCOL_HTTPS = 2;
17
18 private static $instance = null;
19
20 protected $enabled = false;
21
22 protected $protected_classes = array();
23 protected $protected_scripts = array();
24
26 protected $headerName = false;
27 protected $headerValue = false;
28
33 public function __construct()
34 {
36
37 if ($this->enabled = (bool) $ilSetting->get('https')) {
40 }
41
42 if ($this->automaticHTTPSDetectionEnabled = (bool) $ilIliasIniFile->readVariable('https', "auto_https_detect_enabled")) {
43 $this->headerName = $ilIliasIniFile->readVariable('https', "auto_https_detect_header_name");
44 $this->headerValue = $ilIliasIniFile->readVariable('https', "auto_https_detect_header_value");
45 }
46 }
47
52 public static function getInstance()
53 {
54 if (self::$instance) {
55 return self::$instance;
56 }
57 return self::$instance = new ilHTTPS();
58 }
59
64 protected function shouldSwitchProtocol($to_protocol)
65 {
66 switch ($to_protocol) {
68 $should_switch_to_http = (
69 !in_array(basename($_SERVER['SCRIPT_NAME']), $this->protected_scripts) &&
70 !in_array(strtolower($_GET['cmdClass']), $this->protected_classes)
71 ) && $_SERVER['HTTPS'] == 'on';
72
73 return $should_switch_to_http;
74 break;
75
77 $should_switch_to_https = (
78 in_array(basename($_SERVER['SCRIPT_NAME']), $this->protected_scripts) ||
79 in_array(strtolower($_GET['cmdClass']), $this->protected_classes)
80 ) && $_SERVER['HTTPS'] != 'on';
81
82 return $should_switch_to_https;
83 break;
84 }
85
86 return false;
87 }
88
94 public function checkPort()
95 {
96 // if https is enabled for scripts or classes, check for redirection
97 if ($this->enabled) {
98 if ($this->shouldSwitchProtocol(self::PROTOCOL_HTTPS)) {
99 header("location: https://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]);
100 exit;
101 }
102 if ($this->shouldSwitchProtocol(self::PROTOCOL_HTTP)) {
103 header("location: http://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]);
104 exit;
105 }
106 }
107 return true;
108 }
109
110 public function __readProtectedScripts()
111 {
112 $this->protected_scripts[] = 'login.php';
113 $this->protected_scripts[] = 'index.php';
114 $this->protected_scripts[] = 'register.php';
115 $this->protected_scripts[] = 'webdav.php';
116 $this->protected_scripts[] = 'shib_login.php';
117
118 return true;
119 }
120
126 public function isDetected()
127 {
128 if (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on") {
129 return true;
130 }
131
132 if ($this->automaticHTTPSDetectionEnabled) {
133 $headerName = "HTTP_" . str_replace("-", "_", strtoupper($this->headerName));
134 /* echo $headerName;
135 echo $_SERVER[$headerName];*/
136 if (strcasecmp($_SERVER[$headerName], $this->headerValue) == 0) {
137 $_SERVER["HTTPS"] = "on";
138 return true;
139 }
140 /*
141 if(isset($_SERVER[$this->headerName]) && (strcasecmp($_SERVER[$this->headerName],$this->headerValue) == 0))
142 {
143 $_SERVER['HTTPS'] = 'on';
144 return true;
145 }
146 */
147 }
148
149 return false;
150 }
151
152 public function __readProtectedClasses()
153 {
154 $this->protected_classes[] = 'ilstartupgui';
155 $this->protected_classes[] = 'ilaccountregistrationgui';
156 $this->protected_classes[] = 'ilpersonalsettingsgui';
157 }
158
164 public static function _checkHTTPS()
165 {
166 // only check standard port in the moment
167 $port = 443;
168
169 if (($sp = fsockopen($_SERVER["SERVER_NAME"], $port, $errno, $error)) === false) {
170 return false;
171 }
172 fclose($sp);
173 return true;
174 }
181 public function _checkHTTP()
182 {
183 $port = 80;
184
185 if (($sp = fsockopen($_SERVER["SERVER_NAME"], $port, $errno, $error)) === false) {
186 return false;
187 }
188 fclose($sp);
189 return true;
190 }
191
199 public function enableSecureCookies()
200 {
201 global $ilClientIniFile;
202
203 $secure_disabled = $ilClientIniFile->readVariable('session', 'disable_secure_cookies');
204 if (!$secure_disabled && !$this->enabled && $this->isDetected() && !session_id()) {
205 if (!defined('IL_COOKIE_SECURE')) {
206 define('IL_COOKIE_SECURE', true);
207 }
208
209 session_set_cookie_params([
210 'lifetime' => IL_COOKIE_EXPIRE,
211 'path' => IL_COOKIE_PATH,
212 'domain' => IL_COOKIE_DOMAIN,
213 'secure' => true,
214 'httponly' => IL_COOKIE_HTTPONLY,
215 ]);
216 }
217
218 return true;
219 }
220}
$_GET["client_id"]
An exception for terminatinating execution or to throw for unit testing.
HTTPS.
static _checkHTTPS()
static method to check if https connections are possible for this server @access public
static $instance
checkPort()
check if current port usage is right: if https should be used than redirection is done,...
_checkHTTP()
static method to check if http connections are possible for this server
static getInstance()
Get https instance.
isDetected()
check if https is detected
__readProtectedClasses()
enableSecureCookies()
enable secure cookies
shouldSwitchProtocol($to_protocol)
$automaticHTTPSDetectionEnabled
__readProtectedScripts()
const PROTOCOL_HTTPS
__construct()
@deprected use ilHTTPS::getInstance()
const PROTOCOL_HTTP
$ilIliasIniFile
Definition: imgupload.php:16
exit
Definition: login.php:29
const IL_COOKIE_PATH(isset($_GET["client_id"]))
Definition: metadata.php:47
global $ilSetting
Definition: privfeed.php:17
$_SERVER['HTTP_HOST']
Definition: raiseError.php:10