ilHTTPS Class Reference

HTTPS. More...

Collaboration diagram for ilHTTPS:

Public Member Functions
	__construct ()
	use ilHTTPS::getInstance() More...
	checkPort ()
	check if current port usage is right: if https should be used than redirection is done, to http otherwise. More...
	__readProtectedScripts ()
	isDetected ()
	check if https is detected More...
	__readProtectedClasses ()
	_checkHTTP ()
	static method to check if http connections are possible for this server More...
	enableSecureCookies ()
	enable secure cookies More...

Static Public Member Functions
static	getInstance ()
	Get https instance. More...
static	_checkHTTPS ()
	static method to check if https connections are possible for this server public More...

Data Fields
const	PROTOCOL_HTTP = 1
const	PROTOCOL_HTTPS = 2

Protected Member Functions
	shouldSwitchProtocol ($to_protocol)

Protected Attributes
	$enabled = false
	$protected_classes = array()
	$protected_scripts = array()
	$automaticHTTPSDetectionEnabled = false
	$headerName = false
	$headerValue = false

Static Private Attributes
static	$instance = null

Detailed Description

HTTPS.

Author

Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om

Version

$Id$

Definition at line 13 of file class.ilHTTPS.php.

Constructor & Destructor Documentation

__construct()

ilHTTPS::__construct

(

)

use ilHTTPS::getInstance()

Returns

Definition at line 33 of file class.ilHTTPS.php.

References $ilIliasIniFile, $ilSetting, __readProtectedClasses(), and __readProtectedScripts().

    {
        global $ilSetting, $ilIliasIniFile;

        if ($this->enabled = (bool) $ilSetting->get('https')) {
            $this->__readProtectedScripts();
            $this->__readProtectedClasses();
        }

        if ($this->automaticHTTPSDetectionEnabled = (bool) $ilIliasIniFile->readVariable('https', "auto_https_detect_enabled")) {
            $this->headerName = $ilIliasIniFile->readVariable('https', "auto_https_detect_header_name");
            $this->headerValue = $ilIliasIniFile->readVariable('https', "auto_https_detect_header_value");
        }
    }

Here is the call graph for this function:

Member Function Documentation

__readProtectedClasses()

ilHTTPS::__readProtectedClasses

(

)

Definition at line 152 of file class.ilHTTPS.php.

Referenced by __construct().

    {
        $this->protected_classes[] = 'ilstartupgui';
        $this->protected_classes[] = 'ilaccountregistrationgui';
        $this->protected_classes[] = 'ilpersonalsettingsgui';
    }

Here is the caller graph for this function:

__readProtectedScripts()

ilHTTPS::__readProtectedScripts

(

)

Definition at line 110 of file class.ilHTTPS.php.

Referenced by __construct().

    {
        $this->protected_scripts[] = 'login.php';
        $this->protected_scripts[] = 'index.php';
        $this->protected_scripts[] = 'register.php';
        $this->protected_scripts[] = 'webdav.php';
        $this->protected_scripts[] = 'shib_login.php';
        
        return true;
    }

Here is the caller graph for this function:

_checkHTTP()

ilHTTPS::_checkHTTP

(

)

static method to check if http connections are possible for this server

public

Returns

boolean

Definition at line 181 of file class.ilHTTPS.php.

References $_SERVER.

    {
        $port = 80;

        if (($sp = fsockopen($_SERVER["SERVER_NAME"], $port, $errno, $error)) === false) {
            return false;
        }
        fclose($sp);
        return true;
    }

_checkHTTPS()

static ilHTTPS::_checkHTTPS ( )

static

static method to check if https connections are possible for this server public

Returns

boolean

Definition at line 164 of file class.ilHTTPS.php.

References $_SERVER.

Referenced by ilSecuritySettings\validate().

    {
        // only check standard port in the moment
        $port = 443;

        if (($sp = fsockopen($_SERVER["SERVER_NAME"], $port, $errno, $error)) === false) {
            return false;
        }
        fclose($sp);
        return true;
    }

Here is the caller graph for this function:

checkPort()

ilHTTPS::checkPort

(

)

check if current port usage is right: if https should be used than redirection is done, to http otherwise.

Returns

unknown

Definition at line 94 of file class.ilHTTPS.php.

References $_SERVER, exit, and shouldSwitchProtocol().

    {
        // if https is enabled for scripts or classes, check for redirection
        if ($this->enabled) {
            if ($this->shouldSwitchProtocol(self::PROTOCOL_HTTPS)) {
                header("location: https://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]);
                exit;
            }
            if ($this->shouldSwitchProtocol(self::PROTOCOL_HTTP)) {
                header("location: http://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]);
                exit;
            }
        }
        return true;
    }

Here is the call graph for this function:

enableSecureCookies()

ilHTTPS::enableSecureCookies

(

)

enable secure cookies

public

Parameters

Definition at line 199 of file class.ilHTTPS.php.

References IL_COOKIE_PATH, and isDetected().

    {
        global $ilClientIniFile;

        $secure_disabled = $ilClientIniFile->readVariable('session', 'disable_secure_cookies');
        if (!$secure_disabled && !$this->enabled && $this->isDetected() && !session_id()) {
            if (!defined('IL_COOKIE_SECURE')) {
                define('IL_COOKIE_SECURE', true);
            }

            session_set_cookie_params([
                'lifetime' => IL_COOKIE_EXPIRE,
                'path' => IL_COOKIE_PATH,
                'domain' => IL_COOKIE_DOMAIN,
                'secure' => true,
                'httponly' => IL_COOKIE_HTTPONLY,
            ]);
        }

        return true;
    }

Here is the call graph for this function:

getInstance()

static ilHTTPS::getInstance ( )

static

Get https instance.

Returns

Definition at line 52 of file class.ilHTTPS.php.

Referenced by ilUtil\deliverData(), and ilInitialisation\setSessionCookieParams().

    {
        if (self::$instance) {
            return self::$instance;
        }
        return self::$instance = new ilHTTPS();
    }

Here is the caller graph for this function:

isDetected()

ilHTTPS::isDetected

(

)

check if https is detected

Returns

boolean true, if https is detected by protocol or by automatic detection, if enabled, false otherwise

Definition at line 126 of file class.ilHTTPS.php.

References $_SERVER, and $headerName.

Referenced by enableSecureCookies().

    {
        if (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on") {
            return true;
        }

        if ($this->automaticHTTPSDetectionEnabled) {
            $headerName = "HTTP_" . str_replace("-", "_", strtoupper($this->headerName));
            /* echo $headerName;
             echo $_SERVER[$headerName];*/
            if (strcasecmp($_SERVER[$headerName], $this->headerValue) == 0) {
                $_SERVER["HTTPS"] = "on";
                return true;
            }
            /*
            if(isset($_SERVER[$this->headerName]) && (strcasecmp($_SERVER[$this->headerName],$this->headerValue) == 0))
            {
                $_SERVER['HTTPS'] = 'on';
                return true;
            }
            */
        }

        return false;
    }

Here is the caller graph for this function:

shouldSwitchProtocol()

ilHTTPS::shouldSwitchProtocol (   $to_protocol )

protected

Parameters

bool

$to_protocol

Returns

bool

Definition at line 64 of file class.ilHTTPS.php.

References $_GET, and $_SERVER.

Referenced by checkPort().

    {
        switch ($to_protocol) {
            case self::PROTOCOL_HTTP:
                $should_switch_to_http = (
                    !in_array(basename($_SERVER['SCRIPT_NAME']), $this->protected_scripts) &&
                    !in_array(strtolower($_GET['cmdClass']), $this->protected_classes)
                ) && $_SERVER['HTTPS'] == 'on';

                return $should_switch_to_http;
                break;

            case self::PROTOCOL_HTTPS:
                $should_switch_to_https = (
                    in_array(basename($_SERVER['SCRIPT_NAME']), $this->protected_scripts) ||
                    in_array(strtolower($_GET['cmdClass']), $this->protected_classes)
                ) && $_SERVER['HTTPS'] != 'on';

                return $should_switch_to_https;
                break;
        }

        return false;
    }

Here is the caller graph for this function:

Field Documentation

$automaticHTTPSDetectionEnabled

ilHTTPS::$automaticHTTPSDetectionEnabled = false

protected

Definition at line 25 of file class.ilHTTPS.php.

$enabled

ilHTTPS::$enabled = false

protected

Definition at line 20 of file class.ilHTTPS.php.

$headerName

ilHTTPS::$headerName = false

protected

Definition at line 26 of file class.ilHTTPS.php.

Referenced by isDetected().

$headerValue

ilHTTPS::$headerValue = false

protected

Definition at line 27 of file class.ilHTTPS.php.

$instance

ilHTTPS::$instance = null

staticprivate

Definition at line 18 of file class.ilHTTPS.php.

$protected_classes

ilHTTPS::$protected_classes = array()

protected

Definition at line 22 of file class.ilHTTPS.php.

$protected_scripts

ilHTTPS::$protected_scripts = array()

protected

Definition at line 23 of file class.ilHTTPS.php.

PROTOCOL_HTTP

const ilHTTPS::PROTOCOL_HTTP = 1

Definition at line 15 of file class.ilHTTPS.php.

PROTOCOL_HTTPS

const ilHTTPS::PROTOCOL_HTTPS = 2

Definition at line 16 of file class.ilHTTPS.php.

---

The documentation for this class was generated from the following file:

• Services/Http/classes/class.ilHTTPS.php