1
nekro
XOOPS under SSL
  • 2006/7/14 13:35

  • nekro

  • Quite a regular

  • Posts: 213

  • Since: 2005/11/9


I had to use XOOPS under ssl every time soo.. i realiced a hack to do it..

1- In mainfile.php just before the license put:



//<<< SSL PATCH >>>

if ( $_SERVER["SERVER_PORT"] == 80 ){

define('XOOPS_HTTP_METHOD', 'http');

}else{

define('XOOPS_HTTP_METHOD', 'https');

}

//<<< SSL PATCH >>>



You also habe to modify the line 39 from the mainfile.php



define('XOOPS_URL', 'http://THESITEURL');



with:



//<<< SSL PATCH >>>

define('XOOPS_URL', XOOPS_HTTP_METHOD.'://THESITEURL');

//<<< SSL PATCH >>>



Those lines changes that if the petition was under ssl .. . every URL link will be in SSL (HTTPS)
.


2- On header.php just before the licese you have to insert:



//<<< PARCHE SSL >>>

$secure_page = array();

$secure_page[1] = "/user.php";

$secure_page[2] = "/register.php";



if ( !$_SERVER["HTTPS"] && array_search( $_SERVER["REQUEST_URI"] , $secure_page ) != false ){

header("Location: https://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"]);

}

//<<< PARCHE SSL >>>



On include/common.php change the next lines:



if (!empty($_SESSION['xoopsUserId'])) {

$xoopsUser =& $member_handler->getUser($_SESSION['xoopsUserId']);

if (!is_object($xoopsUser)) {

$xoopsUser = '';

$_SESSION = array();

} else {

if ($xoopsConfig['use_mysession'] && $xoopsConfig['session_name'] != '') {

setcookie($xoopsConfig['session_name'], session_id(), time()+(60*$xoopsConfig['session_expire']), '/', '', 0);

}

$xoopsUser->setGroups($_SESSION['xoopsUserGroups']);

$xoopsUserIsAdmin = $xoopsUser->isAdmin();

}

}





with:



//<<< PARCHE SSL >>>

if (!empty($_SESSION['xoopsUserId']) ) {

if ( !$_SERVER["HTTPS"] && $_SESSION['xoopsSessionSSL'] != "" ){

header("Location: https://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"]);

}

if( $_SERVER["HTTPS"] && $_SESSION['xoopsSessionSSL'] == "" ){

header("Location: http://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"]);

}

$xoopsUser =& $member_handler->getUser($_SESSION['xoopsUserId']);

if (!is_object($xoopsUser)) {

$xoopsUser = '';

$_SESSION = array();

} else {

if ($xoopsConfig['use_mysession'] && $xoopsConfig['session_name'] != '') {

setcookie($xoopsConfig['session_name'], session_id(), time()+(60*$xoopsConfig['session_expire']), '/', '', 0);

}

$xoopsUser->setGroups($_SESSION['xoopsUserGroups']);

}

}else{

if ( $_SERVER["HTTPS"] && $_SERVER["REQUEST_URI"] != "/user.php" && $_SERVER["REQUEST_URI"] != "/register.php" && $_SERVER["REQUEST_URI"] != "/modules/profile/register.php"){

header("Location: http://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"]);

}

}

//<<< PARCHE SSL >>>





4- You also have to change 3 files to have the option too login under SSL mode or not.



/include/checklogin.php

/modules/templates/blocks/system_block_login.html

/modules/templates/system_userform.html



LUCK ... correct me... and sorry for my english.

Login

Who's Online

433 user(s) are online (317 user(s) are browsing Support Forums)


Members: 0


Guests: 433


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits