| Index: branches/ssl-login-work/includes/SpecialUserlogin.php |
| — | — | @@ -8,11 +8,7 @@ |
| 9 | 9 | * constructor |
| 10 | 10 | */ |
| 11 | 11 | function wfSpecialUserlogin() { |
| 12 | | - global $wgCommandLineMode; |
| 13 | 12 | global $wgRequest; |
| 14 | | - if( session_id() == '' ) { |
| 15 | | - wfSetupSession(); |
| 16 | | - } |
| 17 | 13 | |
| 18 | 14 | $form = new LoginForm( $wgRequest ); |
| 19 | 15 | $form->execute(); |
| — | — | @@ -87,6 +83,26 @@ |
| 88 | 84 | } |
| 89 | 85 | |
| 90 | 86 | function execute() { |
| | 87 | + global $wgSecureLogin; |
| | 88 | + if( $wgSecureLogin && empty( $_SERVER['HTTPS'] ) ) { |
| | 89 | + // Force a redirect to the secure site |
| | 90 | + $self = SpecialPage::getTitleFor( 'Userlogin' ); |
| | 91 | + |
| | 92 | + $vars = array(); |
| | 93 | + if( $this->mReturnTo != '' ) { |
| | 94 | + $vars['returnto'] = $this->mReturnTo; |
| | 95 | + } |
| | 96 | + $dest = $self->getSecureURL( wfArrayToCGI( $vars ) ); |
| | 97 | + |
| | 98 | + global $wgOut; |
| | 99 | + $wgOut->redirect( $dest ); |
| | 100 | + return; |
| | 101 | + } |
| | 102 | + |
| | 103 | + if( session_id() == '' ) { |
| | 104 | + wfSetupSession(); |
| | 105 | + } |
| | 106 | + |
| 91 | 107 | if ( !is_null( $this->mCookieCheck ) ) { |
| 92 | 108 | $this->onCookieRedirectCheck( $this->mCookieCheck ); |
| 93 | 109 | return; |
| Index: branches/ssl-login-work/includes/Title.php |
| — | — | @@ -761,6 +761,57 @@ |
| 762 | 762 | wfRunHooks( 'GetFullURL', array( &$this, &$url, $query ) ); |
| 763 | 763 | return $url; |
| 764 | 764 | } |
| | 765 | + |
| | 766 | + /** |
| | 767 | + * Get a fully-qualified URL referring to this page at the secure |
| | 768 | + * domain for this site, if configured in $wgSecureServer. |
| | 769 | + * |
| | 770 | + * If no separate secure site is setup, will return the default URL, |
| | 771 | + * which may or may not be SSL depending on your configuration. |
| | 772 | + * |
| | 773 | + * @todo support for SSL variants of interwiki links. |
| | 774 | + * |
| | 775 | + * @param string $query an optional query string, not used |
| | 776 | + * for interwiki links |
| | 777 | + * @param string $variant language variant of url (for sr, zh..) |
| | 778 | + * @return string the URL |
| | 779 | + */ |
| | 780 | + public function getSecureURL( $query = '', $variant = false ) { |
| | 781 | + global $wgSecureServer; |
| | 782 | + if( '' == $this->mInterwiki && $wgSecureServer ) { |
| | 783 | + return $wgSecureServer . |
| | 784 | + $this->getLocalUrl( $query, $variant ) . |
| | 785 | + $this->getFragmentForURL(); |
| | 786 | + } else { |
| | 787 | + return $this->getFullURL( $query, $variant ); |
| | 788 | + } |
| | 789 | + } |
| | 790 | + |
| | 791 | + /** |
| | 792 | + * Get a fully-qualified URL referring to this page at the canonical |
| | 793 | + * domain for this site, if configured in $wgCanonicalServer. This |
| | 794 | + * will usually be contrasted with an SSL domain in $wgSecureServer. |
| | 795 | + * |
| | 796 | + * If no separate secure site is setup, will return the default URL, |
| | 797 | + * which may or may not be SSL depending on your configuration. |
| | 798 | + * |
| | 799 | + * @todo support for SSL variants of interwiki links. |
| | 800 | + * |
| | 801 | + * @param string $query an optional query string, not used |
| | 802 | + * for interwiki links |
| | 803 | + * @param string $variant language variant of url (for sr, zh..) |
| | 804 | + * @return string the URL |
| | 805 | + */ |
| | 806 | + public function getCanonicalURL( $query = '', $variant = false ) { |
| | 807 | + global $wgCanonicalServer; |
| | 808 | + if( '' == $this->mInterwiki && $wgCanonicalServer ) { |
| | 809 | + return $wgCanonicalServer . |
| | 810 | + $this->getLocalUrl( $query, $variant ) . |
| | 811 | + $this->getFragmentForURL(); |
| | 812 | + } else { |
| | 813 | + return $this->getFullURL( $query, $variant ); |
| | 814 | + } |
| | 815 | + } |
| 765 | 816 | |
| 766 | 817 | /** |
| 767 | 818 | * Get a URL with no fragment or server name. If this page is generated |
| Index: branches/ssl-login-work/includes/DefaultSettings.php |
| — | — | @@ -77,8 +77,41 @@ |
| 78 | 78 | $wgServer .= ":" . $_SERVER['SERVER_PORT']; |
| 79 | 79 | } |
| 80 | 80 | |
| | 81 | +/** |
| | 82 | + * If set, specifies the "canonical" base URL of the site, as $wgServer: |
| | 83 | + * |
| | 84 | + * $wgCanonicalserver = 'http://example.com'; |
| | 85 | + * |
| | 86 | + * Contrasts with $wgSecureServer when constructing a mixed HTTP and HTTPS |
| | 87 | + * site. |
| | 88 | + * |
| | 89 | + * If not set, $wgServer will be returned by Title::getCanonicalURL(). |
| | 90 | + */ |
| | 91 | +$wgCanonicalServer = false; |
| 81 | 92 | |
| 82 | 93 | /** |
| | 94 | + * If set, specifies the "secure" base URL of the site, as $wgServer: |
| | 95 | + * |
| | 96 | + * $wgCanonicalserver = 'https://secure.example.com'; |
| | 97 | + * |
| | 98 | + * Contrasts with $wgSecureServer when constructing a mixed HTTP and HTTPS |
| | 99 | + * site. |
| | 100 | + * |
| | 101 | + * If not set, $wgServer will be returned by Title::getCanonicalURL(). |
| | 102 | + */ |
| | 103 | +$wgSecureServer = false; |
| | 104 | + |
| | 105 | +/** |
| | 106 | + * If true, all login forms will be forced to redirect to the secure site |
| | 107 | + * as specified by $wgSecureServer. |
| | 108 | + * |
| | 109 | + * When false, logins may be done on both the secure and insecure domains. |
| | 110 | + */ |
| | 111 | +$wgSecureLogin = false; |
| | 112 | + |
| | 113 | + |
| | 114 | + |
| | 115 | +/** |
| 83 | 116 | * The path we should point to. |
| 84 | 117 | * It might be a virtual path in case with use apache mod_rewrite for example |
| 85 | 118 | * |