From 574911d0776c6fba0eaf4ae9407925c0b7d6e5cd Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Tue, 31 May 2011 13:33:26 +0000 Subject: [PATCH] * Setup/API: new option to enforce ssl (without specifying a domain in Webserver-URL) --- phpgwapi/inc/class.egw.inc.php | 4 ++-- phpgwapi/inc/class.egw_session.inc.php | 2 +- setup/lang/egw_de.lang | 5 +++++ setup/lang/egw_en.lang | 4 ++++ setup/templates/default/config.tpl | 11 +++++++++++ 5 files changed, 23 insertions(+), 3 deletions(-) diff --git a/phpgwapi/inc/class.egw.inc.php b/phpgwapi/inc/class.egw.inc.php index 8977c53917..27e1a8457e 100644 --- a/phpgwapi/inc/class.egw.inc.php +++ b/phpgwapi/inc/class.egw.inc.php @@ -293,9 +293,9 @@ class egw extends egw_minimal */ function verify_session() { - if(isset($GLOBALS['egw_info']['server']['enforce_ssl']) && !$_SERVER['HTTPS']) + if($GLOBALS['egw_info']['server']['enforce_ssl'] === 'redirect' && !$_SERVER['HTTPS']) { - Header('Location: https://' . $GLOBALS['egw_info']['server']['hostname'] . $GLOBALS['egw_info']['server']['webserver_url'] . $_SERVER['REQUEST_URI']); + Header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']); exit; } // check if we have a session, if not try to automatic create one diff --git a/phpgwapi/inc/class.egw_session.inc.php b/phpgwapi/inc/class.egw_session.inc.php index 32e4dbad42..d731abd991 100644 --- a/phpgwapi/inc/class.egw_session.inc.php +++ b/phpgwapi/inc/class.egw_session.inc.php @@ -1094,7 +1094,7 @@ class egw_session { if(substr($url ,0,4) != 'http') { - $url = 'https://'.$GLOBALS['egw_info']['server']['hostname'].$url; + $url = 'https://'.$_SERVER['HTTP_HOST'].$url; } else { diff --git a/setup/lang/egw_de.lang b/setup/lang/egw_de.lang index 9470640920..37caf2a39d 100644 --- a/setup/lang/egw_de.lang +++ b/setup/lang/egw_de.lang @@ -50,6 +50,7 @@ after retrieving the file, put it into place as the header.inc.php. then, click all applications setup de Alle Anwendungen all core tables and the admin and preferences applications setup de Sie alle Kern-Tabellen und die Anwendungen Admin und Einstellungen all exit codes of the command line interface setup de alle Rückgabewerte des Komandozeilen Interface +all hooks registered setup de Hooks wurden registriert all languages (incl. not listed ones) setup de alle Sprachen (einschl. nicht aufgeführte) all users setup de Alle Benutzer allow authentication via cookie setup de Erlaube Benutzerauthentifizierung über ein Cookie @@ -114,6 +115,8 @@ because of a failed upgrade, or the database is newer than the installed version because the enable flag for this app is set to 0, or is undefined setup de weil der verfügbar-Eintrag für diese Applikation auf 0 gesetzt oder undefiniert ist bottom setup de unten but we highly recommend backing up your tables in case the script causes damage to your data.
these automated scripts can easily destroy your data. setup de Aber wir raten Ihnen dringend, eine Sicherungskopie anzulegen für den Fall, dass dieses Skript Ihre bestehenden Daten beschädigt!
Diese automatisierten Skripts können leicht Ihre Daten beschädigen!. +by redirecting to https setup de Durch weiterleiten auf https +by rewriting links to https (allows eg. sitemgr to run on http) setup de Durch umschreiben der Links auf https (erlaubt zB. SiteMgr unter http zu verwenden) ca certificate setup de CA Zertifikat can not connect to %1 database %2 on host %3 using user %4! setup de Kann nicht zur %1 Datenbank %2 auf Rechner %3 als Benutzer %4 verbinden! can not connect to ldap server on host %1 using dn %2! setup de Kann nicht zu LDAP Server auf Rechner %1 als DN %2 verbinden! @@ -256,6 +259,7 @@ email (standard maildomain should be set) setup de email (Standard Maildomaine m emailadmin profile updated: setup de EMailAdmin Profil aktualisiert: enable for extra debug-messages setup de ankreuzen für zusätzliche Diagnosemeldungen enable mcrypt setup de MCrypt einschalten +enforce ssl (allows to specify just a path above) setup de Erzwinge SSL (erlaubt darüber nur einen Pfad anzugeben) enter some random text for app session encryption setup de Zufallstext zur Verschlüsselung der Anwendungssitzung enter some random text for app_session
encryption (requires mcrypt) setup de Zufallstext zur Verschlüsselung der Anwendungssitzung
(benötigt mcrypt) enter the full path for temporary files.
examples: /tmp, c:\temp setup de Vollständiger Pfad für temporäre Dateien.
Beispiel: /tmp, C:\TEMP @@ -288,6 +292,7 @@ file uploads are switched off: you can not use any of the filemanagers, nor can filename setup de Dateiname filesystem setup de Dateisystem filesystem (default) setup de Dateisystem (Vorgabe) +find and register all application hooks setup de Suchen und registrieren der "Hooks" aller Anwendungen force selectbox setup de Auswahl erzwingen give admin access to all installed apps setup de Admin Zugang zu allen installierten Anwendungen geben gives further options setup de gibt zusätzliche Optionen diff --git a/setup/lang/egw_en.lang b/setup/lang/egw_en.lang index c2761981ba..2f8bd62581 100644 --- a/setup/lang/egw_en.lang +++ b/setup/lang/egw_en.lang @@ -115,6 +115,8 @@ because of a failed upgrade, or the database is newer than the installed version because the enable flag for this app is set to 0, or is undefined setup en because the enable flag for this app is set to 0, or is undefined bottom setup en bottom but we highly recommend backing up your tables in case the script causes damage to your data.
these automated scripts can easily destroy your data. setup en but we highly recommend backing up your tables in case the script causes damage to your data.
These automated scripts can easily destroy your data. +by redirecting to https setup en By redirecting to https +by rewriting links to https (allows eg. sitemgr to run on http) setup en By rewriting links to https (allows eg. SiteMgr to run on http) ca certificate setup en CA certificate can not connect to %1 database %2 on host %3 using user %4! setup en Can not connect to %1 database %2 on host %3 using user %4! can not connect to ldap server on host %1 using dn %2! setup en Can not connect to LDAP server on host %1 using DN %2! @@ -257,6 +259,7 @@ email (standard maildomain should be set) setup en email (Standard Maildomain sh emailadmin profile updated: setup en EMailAdmin profile updated: enable for extra debug-messages setup en enable for extra debug-messages enable mcrypt setup en Enable MCrypt +enforce ssl (allows to specify just a path above) setup en Enforce SSL (allows to specify just a path above) enter some random text for app session encryption setup en Enter some random text for app session encryption enter some random text for app_session
encryption (requires mcrypt) setup en Enter some random text for app_session
encryption (requires mcrypt) enter the full path for temporary files.
examples: /tmp, c:\temp setup en Enter the full path for temporary files.
Examples: /tmp, C:\TEMP @@ -289,6 +292,7 @@ file uploads are switched off: you can not use any of the filemanagers, nor can filename setup en filename filesystem setup en Filesystem filesystem (default) setup en Filesystem (default) +find and register all application hooks setup en Find and Register all Application Hooks force selectbox setup en Force Selectbox give admin access to all installed apps setup en Give admin access to all installed apps gives further options setup en gives further options diff --git a/setup/templates/default/config.tpl b/setup/templates/default/config.tpl index a3791a5500..4d6c1d7709 100644 --- a/setup/templates/default/config.tpl +++ b/setup/templates/default/config.tpl @@ -65,6 +65,17 @@ + {lang_Enforce_SSL_(allows_to_specify_just_a_path_above)}: + + + + + + {lang_Image_type_selection_order}: