Revert r3038 and allow to specify the port as value of force_https

15 years ago · f5d61d845f
parent efe93ad116
commit f5d61d845f
3 changed files with 14 additions and 38 deletions
--- a/config/main.inc.php.dist
+++ b/config/main.inc.php.dist
@ -49,6 +49,11 @@ $rcmail_config['enable_caching'] = FALSE;
 // possible units: s, m, h, d, w
 $rcmail_config['message_cache_lifetime'] = '10d';

+// enforce connections over https
+// with this option enabled, all non-secure connections will be redirected.
+// set the port for the ssl connection as value of this option if it differs from the default 443
+$rcmail_config['force_https'] = FALSE;
+
 // automatically create a new RoundCube user when log-in the first time.
 // a new user will be created once the IMAP login succeeds.
 // set to false if only registered users can use this service
--- a/index.php
+++ b/index.php
@ -63,6 +63,15 @@ if ($RCMAIL->action=='error' && !empty($_GET['_code'])) {
  raise_error(array('code' => hexdec($_GET['_code'])), FALSE, TRUE);
 }

+// check if https is required (for login) and redirect if necessary
+if (empty($_SESSION['user_id']) && ($force_https = $RCMAIL->config->get('force_https', false))) {
+  $https_port = is_bool($force_https) ? 443 : $force_https;
+  if (!(isset($_SERVER['HTTPS']) || $_SERVER['SERVER_PORT'] == $use_https || $RCMAIL->config->get('use_https'))) {
+    header('Location: https://' . $_SERVER['HTTP_HOST'] . ($https_port != 443 ? ':' . $https_port : '') . $_SERVER['REQUEST_URI']);
+    exit;
+  }
+}
+
 // trigger startup plugin hook
 $startup = $RCMAIL->plugins->exec_hook('startup', array('task' => $RCMAIL->task, 'action' => $RCMAIL->action));
 $RCMAIL->set_task($startup['task']);
--- a/plugins/force_https/force_https.php
+++ b/plugins/force_https/force_https.php
@ -1,38 +0,0 @@
-<?php
-
-/**
- * Enforce secure HTTPs connection for login
- *
- * Configuration:
- * // Port for https connection
- * $rcmail_config['force_https_port'] = 443;
- *
- * @version 1.0
- * @author Aleksander 'A.L.E.C' Machniak <alec@alec.pl>
- */
-class force_https extends rcube_plugin
-{
-  function init()
-  {
-    $this->add_hook('startup', array($this, 'redirect'));
-  }
-
-  function redirect($args)
-  {
-    $config = rcmail::get_instance()->config;
-    
-    $port = (int) $config->get('force_https_port', 443);
-
-    // check if https is required (for login) and redirect if necessary
-    if (empty($_SESSION['user_id']) && !$config->get('use_https')
-	&& (!isset($_SERVER['HTTPS']) || $_SERVER['SERVER_PORT'] != $port))
-    {
-      header('Location: https://' . $_SERVER['HTTP_HOST'] . ($port != 443 ? ":$port" : '') . $_SERVER['REQUEST_URI']);
-      exit;
-    }
-	
-    return $args;
-  }
-}
-
-?>