diff options
| author | Andrew Dolgov <[email protected]> | 2005-12-09 21:34:29 +0100 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2005-12-09 21:34:29 +0100 |
| commit | 75836f33860f26ca55ec8e8661cff4b0edc2fe5e (patch) | |
| tree | 55856842d3fef1121e4765a78cab7f47f24b56b8 | |
| parent | a24f525cce32a6515532ac9392a5b02838ff82be (diff) | |
option to redirect to https url for login, option ENABLE_LOGIN_SSL (fixes some non-absolute redirects)
| -rw-r--r-- | config.php-dist | 3 | ||||
| -rw-r--r-- | functions.php | 26 | ||||
| -rw-r--r-- | login.php | 7 | ||||
| -rw-r--r-- | logout.php | 12 |
4 files changed, 43 insertions, 5 deletions
diff --git a/config.php-dist b/config.php-dist index 309af2da9..446038110 100644 --- a/config.php-dist +++ b/config.php-dist @@ -54,4 +54,7 @@ define('GLOBAL_ENABLE_LABELS', false); // Labels are a security risk, so this option can globally disable them for all users. + define('ENABLE_LOGIN_SSL', false); + // Redirect to SSL url for login + ?> diff --git a/functions.php b/functions.php index ba80bab94..8b990740e 100644 --- a/functions.php +++ b/functions.php @@ -723,12 +723,34 @@ session_destroy(); } + function get_script_urlpath() { + $request_uri = $_SERVER["REQUEST_URI"]; + return preg_replace('/\/[^\/]+$/', "", $request_uri); + } + + function get_login_redirect() { + $server = $_SERVER["SERVER_NAME"]; + + if (ENABLE_LOGIN_SSL) { + $protocol = "https"; + } else { + $protocol = "http"; + } + + $url_path = get_script_urlpath(); + + $redirect_uri = "$protocol://$server$url_path/login.php"; + + return $redirect_uri; + } + function login_sequence($link) { if (!SINGLE_USER_MODE) { - + if (!USE_HTTP_AUTH) { if (!$_SESSION["uid"]) { - header("Location: login.php?rt=tt-rss.php"); + $redirect_uri = get_login_redirect(); + header("Location: $redirect_uri?rt=tt-rss.php"); exit; } } else { @@ -6,8 +6,11 @@ require_once "config.php"; require_once "functions.php"; + $url_path = get_script_urlpath(); + $redirect_base = "http://" . $_SERVER["SERVER_NAME"] . $url_path; + if (SINGLE_USER_MODE) { - header("Location: tt-rss.php"); + header("Location: $redirect_base/tt-rss.php"); exit; } @@ -25,7 +28,7 @@ } else { $redirect_to = "tt-rss.php"; } - header("Location: $redirect_to"); + header("Location: $redirect_base/$redirect_to"); } } diff --git a/logout.php b/logout.php index 9af2bab61..b258067a6 100644 --- a/logout.php +++ b/logout.php @@ -7,7 +7,17 @@ logout_user(); if (!USE_HTTP_AUTH) { - header("Location: login.php"); + $url_path = get_script_urlpath(); + + if (ENABLE_LOGIN_SSL) { + $protocol = "https"; + } else { + $protocol = "http"; + } + + $redirect_base = "$protocol://" . $_SERVER["SERVER_NAME"] . $url_path; + + header("Location: $redirect_base/login.php"); } else { ?> <html> |