* Setup/API: new option to enforce ssl (without specifying a domain in Webserver-URL)

2024-11-25 01:13:25 +01:00 · 2011-05-31 13:33:26 +00:00 · 2011-05-31 13:33:26 +00:00 · 574911d077
commit 574911d077
parent af820949b4
5 changed files with 23 additions and 3 deletions
--- a/phpgwapi/inc/class.egw.inc.php
+++ b/phpgwapi/inc/class.egw.inc.php
@ -293,9 +293,9 @@ class egw extends egw_minimal
 	 */
 	function verify_session()
 	{
-		if(isset($GLOBALS['egw_info']['server']['enforce_ssl']) && !$_SERVER['HTTPS'])
+		if($GLOBALS['egw_info']['server']['enforce_ssl'] === 'redirect' && !$_SERVER['HTTPS'])
 		{
-			Header('Location: https://' . $GLOBALS['egw_info']['server']['hostname'] . $GLOBALS['egw_info']['server']['webserver_url'] . $_SERVER['REQUEST_URI']);
+			Header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
 			exit;
 		}
 		// check if we have a session, if not try to automatic create one
--- a/phpgwapi/inc/class.egw_session.inc.php
+++ b/phpgwapi/inc/class.egw_session.inc.php
@ -1094,7 +1094,7 @@ class egw_session
 		{
 			if(substr($url ,0,4) != 'http')
 			{
-				$url = 'https://'.$GLOBALS['egw_info']['server']['hostname'].$url;
+				$url = 'https://'.$_SERVER['HTTP_HOST'].$url;
 			}
 			else
 			{
--- a/setup/lang/egw_de.lang
+++ b/setup/lang/egw_de.lang
@ -50,6 +50,7 @@ after retrieving the file, put it into place as the header.inc.php.  then, click
 all applications	setup	de	Alle Anwendungen
 all core tables and the admin and preferences applications	setup	de	Sie alle Kern-Tabellen und die Anwendungen Admin und Einstellungen
 all exit codes of the command line interface	setup	de	alle Rückgabewerte des Komandozeilen Interface
+all hooks registered	setup	de	Hooks wurden registriert
 all languages (incl. not listed ones)	setup	de	alle Sprachen (einschl. nicht aufgeführte)
 all users	setup	de	Alle Benutzer
 allow authentication via cookie	setup	de	Erlaube Benutzerauthentifizierung über ein Cookie
@ -114,6 +115,8 @@ because of a failed upgrade, or the database is newer than the installed version
 because the enable flag for this app is set to 0, or is undefined	setup	de	weil der verfügbar-Eintrag für diese Applikation auf 0 gesetzt oder undefiniert ist
 bottom	setup	de	unten
 but we <u>highly recommend backing up</u> your tables in case the script causes damage to your data.<br /><strong>these automated scripts can easily destroy your data.</strong>	setup	de	Aber wir <u>raten Ihnen dringend, eine Sicherungskopie</u> anzulegen für den Fall, dass dieses Skript Ihre bestehenden Daten beschädigt!<br /><strong>Diese automatisierten Skripts können leicht Ihre Daten beschädigen!.</strong>
+by redirecting to https	setup	de	Durch weiterleiten auf https
+by rewriting links to https (allows eg. sitemgr to run on http)	setup	de	Durch umschreiben der Links auf https (erlaubt zB. SiteMgr unter http zu verwenden)
 ca certificate	setup	de	CA Zertifikat
 can not connect to %1 database %2 on host %3 using user %4!	setup	de	Kann nicht zur %1 Datenbank %2 auf Rechner %3 als Benutzer %4 verbinden!
 can not connect to ldap server on host %1 using dn %2!	setup	de	Kann nicht zu LDAP Server auf Rechner %1 als DN %2 verbinden!
@ -256,6 +259,7 @@ email (standard maildomain should be set)	setup	de	email (Standard Maildomaine m
 emailadmin profile updated:	setup	de	EMailAdmin Profil aktualisiert:
 enable for extra debug-messages	setup	de	ankreuzen für zusätzliche Diagnosemeldungen
 enable mcrypt	setup	de	MCrypt einschalten
+enforce ssl (allows to specify just a path above)	setup	de	Erzwinge SSL (erlaubt darüber nur einen Pfad anzugeben)
 enter some random text for app session encryption	setup	de	Zufallstext zur Verschlüsselung der Anwendungssitzung
 enter some random text for app_session <br />encryption (requires mcrypt)	setup	de	Zufallstext zur Verschlüsselung der Anwendungssitzung<br />(benötigt mcrypt)
 enter the full path for temporary files.<br />examples: /tmp, c:\temp	setup	de	Vollständiger Pfad für temporäre Dateien.<br />Beispiel: /tmp, C:\TEMP
@ -288,6 +292,7 @@ file uploads are switched off: you can not use any of the filemanagers, nor can
 filename	setup	de	Dateiname
 filesystem	setup	de	Dateisystem
 filesystem (default)	setup	de	Dateisystem (Vorgabe)
+find and register all application hooks	setup	de	Suchen und registrieren der "Hooks" aller Anwendungen
 force selectbox	setup	de	Auswahl erzwingen
 give admin access to all installed apps	setup	de	Admin Zugang zu allen installierten Anwendungen geben
 gives further options	setup	de	gibt zusätzliche Optionen
--- a/setup/lang/egw_en.lang
+++ b/setup/lang/egw_en.lang
@ -115,6 +115,8 @@ because of a failed upgrade, or the database is newer than the installed version
 because the enable flag for this app is set to 0, or is undefined	setup	en	because the enable flag for this app is set to 0, or is undefined
 bottom	setup	en	bottom
 but we <u>highly recommend backing up</u> your tables in case the script causes damage to your data.<br /><strong>these automated scripts can easily destroy your data.</strong>	setup	en	but we <u>highly recommend backing up</u> your tables in case the script causes damage to your data.<br /><strong>These automated scripts can easily destroy your data.</strong>
+by redirecting to https	setup	en	By redirecting to https
+by rewriting links to https (allows eg. sitemgr to run on http)	setup	en	By rewriting links to https (allows eg. SiteMgr to run on http)
 ca certificate	setup	en	CA certificate
 can not connect to %1 database %2 on host %3 using user %4!	setup	en	Can not connect to %1 database %2 on host %3 using user %4!
 can not connect to ldap server on host %1 using dn %2!	setup	en	Can not connect to LDAP server on host %1 using DN %2!
@ -257,6 +259,7 @@ email (standard maildomain should be set)	setup	en	email (Standard Maildomain sh
 emailadmin profile updated:	setup	en	EMailAdmin profile updated:
 enable for extra debug-messages	setup	en	enable for extra debug-messages
 enable mcrypt	setup	en	Enable MCrypt
+enforce ssl (allows to specify just a path above)	setup	en	Enforce SSL (allows to specify just a path above)
 enter some random text for app session encryption	setup	en	Enter some random text for app session encryption
 enter some random text for app_session <br />encryption (requires mcrypt)	setup	en	Enter some random text for app_session <br />encryption (requires mcrypt)
 enter the full path for temporary files.<br />examples: /tmp, c:\temp	setup	en	Enter the full path for temporary files.<br />Examples: /tmp, C:\TEMP
@ -289,6 +292,7 @@ file uploads are switched off: you can not use any of the filemanagers, nor can
 filename	setup	en	filename
 filesystem	setup	en	Filesystem
 filesystem (default)	setup	en	Filesystem (default)
+find and register all application hooks	setup	en	Find and Register all Application Hooks
 force selectbox	setup	en	Force Selectbox
 give admin access to all installed apps	setup	en	Give admin access to all installed apps
 gives further options	setup	en	gives further options
--- a/setup/templates/default/config.tpl
+++ b/setup/templates/default/config.tpl
@ -65,6 +65,17 @@
   </tr>

   <tr class="row_off">
+    <td>{lang_Enforce_SSL_(allows_to_specify_just_a_path_above)}:</td>
+    <td>
+     <select name="newsettings[enforce_ssl]">
+      <option value="">None</option>
+      <option value="links"{selected_enforce_ssl_links}>{lang_By_rewriting_links_to_https_(allows_eg._SiteMgr_to_run_on_http)}</option>
+      <option value="redirect"{selected_enforce_ssl_redirect}>{lang_By_redirecting_to_https}</option>
+     </select>
+    </td>
+   </tr>
+
+   <tr class="row_on">
    <td>{lang_Image_type_selection_order}:</td>
    <td>
     <select name="newsettings[image_type]">