XOOPS under SSL [XOOPS Core Hacks] - XOOPS Web Application System

XOOPS under SSL

2006/7/14 13:35
nekro
Quite a regular
Posts: 213
Since: 2005/11/9

I had to use XOOPS under ssl every time soo.. i realiced a hack to do it..

1- In mainfile.php just before the license put:

//<<< SSL PATCH >>>

if ( $_SERVER["SERVER_PORT"] == 80 ){

define('XOOPS_HTTP_METHOD', 'http');

}else{

define('XOOPS_HTTP_METHOD', 'https');

}

//<<< SSL PATCH >>>

You also habe to modify the line 39 from the mainfile.php

define('XOOPS_URL', 'http://THESITEURL');

with:

//<<< SSL PATCH >>>

define('XOOPS_URL', XOOPS_HTTP_METHOD.'://THESITEURL');

//<<< SSL PATCH >>>

Those lines changes that if the petition was under ssl .. . every URL link will be in SSL (HTTPS)
.

2- On header.php just before the licese you have to insert:

//<<< PARCHE SSL >>>

$secure_page = array();

$secure_page[1] = "/user.php";

$secure_page[2] = "/register.php";

if ( !$_SERVER["HTTPS"] && array_search( $_SERVER["REQUEST_URI"] , $secure_page ) != false ){

header("Location:https://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"]);

}

//<<< PARCHE SSL >>>

On include/common.php change the next lines:

if (!empty($_SESSION['xoopsUserId'])) {

$xoopsUser =& $member_handler->getUser($_SESSION['xoopsUserId']);

if (!is_object($xoopsUser)) {

$xoopsUser = '';

$_SESSION = array();

} else {

if ($xoopsConfig['use_mysession'] && $xoopsConfig['session_name'] != '') {

setcookie($xoopsConfig['session_name'], session_id(), time()+(60*$xoopsConfig['session_expire']), '/', '', 0);

}

$xoopsUser->setGroups($_SESSION['xoopsUserGroups']);

$xoopsUserIsAdmin = $xoopsUser->isAdmin();

}

}

with:

//<<< PARCHE SSL >>>

if (!empty($_SESSION['xoopsUserId']) ) {

if ( !$_SERVER["HTTPS"] && $_SESSION['xoopsSessionSSL'] != "" ){

header("Location:https://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"]);

}

if( $_SERVER["HTTPS"] && $_SESSION['xoopsSessionSSL'] == "" ){

header("Location:http://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"]);

}

$xoopsUser =& $member_handler->getUser($_SESSION['xoopsUserId']);

if (!is_object($xoopsUser)) {

$xoopsUser = '';

$_SESSION = array();

} else {

if ($xoopsConfig['use_mysession'] && $xoopsConfig['session_name'] != '') {

setcookie($xoopsConfig['session_name'], session_id(), time()+(60*$xoopsConfig['session_expire']), '/', '', 0);

}

$xoopsUser->setGroups($_SESSION['xoopsUserGroups']);

}

}else{

if ( $_SERVER["HTTPS"] && $_SERVER["REQUEST_URI"] != "/user.php" && $_SERVER["REQUEST_URI"] != "/register.php" && $_SERVER["REQUEST_URI"] != "/modules/profile/register.php"){

header("Location:http://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"]);

}

}

//<<< PARCHE SSL >>>

4- You also have to change 3 files to have the option too login under SSL mode or not.

/include/checklogin.php

/modules/templates/blocks/system_block_login.html

/modules/templates/system_userform.html

LUCK ... correct me... and sorry for my english.

Stats
Goal:	$100.00
Due Date:	Apr 30
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

XOOPS under SSL

Login

Search

Recent Posts

Re: Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Re: NewBB v 5.1.0 b 6

Re: NewBB v 5.1.0 b 6

NewBB v 5.1.0 b 6

Re: XOOPS 2.5.11 search user is not working

Re: oledrion

Re: oledrion

Re: oledrion

Re: oledrion

Who's Online

Donat-O-Meter

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}