diff options
| author | alec <alec@208e9e7b-5314-0410-a742-e7e81cd9613c> | 2009-10-13 08:40:21 +0000 |
|---|---|---|
| committer | alec <alec@208e9e7b-5314-0410-a742-e7e81cd9613c> | 2009-10-13 08:40:21 +0000 |
| commit | b52434c188e56ee12f7c1823876ce8ae064854e3 (patch) | |
| tree | b66215b393cfc5d016885df95056f5ee7a8f84a2 /roundcubemail/plugins/force_https | |
| parent | 9cfd8fcb628fc54fdc1ae80b53961b80fc01d7c1 (diff) | |
- Option 'force_https' replaced by 'force_https' plugin
- added option 'force_https_port' in 'force_https' plugin (#1486091)
git-svn-id: https://svn.roundcube.net/trunk@3038 208e9e7b-5314-0410-a742-e7e81cd9613c
Diffstat (limited to 'roundcubemail/plugins/force_https')
| -rw-r--r-- | roundcubemail/plugins/force_https/force_https.php | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/roundcubemail/plugins/force_https/force_https.php b/roundcubemail/plugins/force_https/force_https.php new file mode 100644 index 000000000..67552570e --- /dev/null +++ b/roundcubemail/plugins/force_https/force_https.php @@ -0,0 +1,38 @@ +<?php + +/** + * Enforce secure HTTPs connection for login + * + * Configuration: + * // Port for https connection + * $rcmail_config['force_https_port'] = 443; + * + * @version 1.0 + * @author Aleksander 'A.L.E.C' Machniak <alec@alec.pl> + */ +class force_https extends rcube_plugin +{ + function init() + { + $this->add_hook('startup', array($this, 'redirect')); + } + + function redirect($args) + { + $config = rcmail::get_instance()->config; + + $port = (int) $config->get('force_https_port', 443); + + // check if https is required (for login) and redirect if necessary + if (empty($_SESSION['user_id']) && !$config->get('use_https') + && (!isset($_SERVER['HTTPS']) || $_SERVER['SERVER_PORT'] != $port)) + { + header('Location: https://' . $_SERVER['HTTP_HOST'] . ($port != 443 ? ":$port" : '') . $_SERVER['REQUEST_URI']); + exit; + } + + return $args; + } +} + +?> |