X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=boot.php;h=04e16e64dc46682485026e6563dd6299c4d6957e;hb=d5a6e7b1767ebc337f31745984f1ce0904b77780;hp=df835f0c1d475225ba4052c30262f83b8effb1aa;hpb=16f00cb73b4d9acbe15e636b3ab69f81c793a6c7;p=friendica.git diff --git a/boot.php b/boot.php index df835f0c1d..04e16e64dc 100755 --- a/boot.php +++ b/boot.php @@ -9,9 +9,9 @@ require_once('include/nav.php'); require_once('include/cache.php'); define ( 'FRIENDICA_PLATFORM', 'Friendica'); -define ( 'FRIENDICA_VERSION', '2.3.1252' ); -define ( 'DFRN_PROTOCOL_VERSION', '2.22' ); -define ( 'DB_UPDATE_VERSION', 1122 ); +define ( 'FRIENDICA_VERSION', '2.3.1288' ); +define ( 'DFRN_PROTOCOL_VERSION', '2.23' ); +define ( 'DB_UPDATE_VERSION', 1133 ); define ( 'EOL', "
\r\n" ); define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' ); @@ -286,7 +286,12 @@ class App { startup(); - $this->scheme = ((isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'])) ? 'https' : 'http' ); + $this->scheme = 'http'; + if(x($_SERVER,'HTTPS') && $_SERVER['HTTPS']) + $this->scheme = 'https'; + elseif(x($_SERVER,'SERVER_PORT') && (intval($_SERVER['SERVER_PORT']) == 443)) + $this->scheme = 'https'; + if(x($_SERVER,'SERVER_NAME')) { $this->hostname = $_SERVER['SERVER_NAME']; @@ -309,8 +314,12 @@ class App { . 'library/phpsec' . PATH_SEPARATOR . '.' ); - if((x($_SERVER,'QUERY_STRING')) && substr($_SERVER['QUERY_STRING'],0,2) === "q=") + if((x($_SERVER,'QUERY_STRING')) && substr($_SERVER['QUERY_STRING'],0,2) === "q=") { $this->query_string = substr($_SERVER['QUERY_STRING'],2); + // removing trailing / - maybe a nginx problem + if (substr($this->query_string, 0, 1) == "/") + $this->query_string = substr($this->query_string, 1); + } if(x($_GET,'q')) $this->cmd = trim($_GET['q'],'/\\'); @@ -375,11 +384,22 @@ class App { $scheme = $this->scheme; - if(x($this->config,'ssl_policy')) { - if(($ssl) || ($this->config['ssl_policy'] == SSL_POLICY_FULL)) - $scheme = 'https'; - if(($this->config['ssl_policy'] == SSL_POLICY_SELFSIGN) && (local_user() || x($_POST,'auth-params'))) + if((x($this->config,'system')) && (x($this->config['system'],'ssl_policy'))) { + if(intval($this->config['system']['ssl_policy']) === intval(SSL_POLICY_FULL)) $scheme = 'https'; + +// We need to populate the $ssl flag across the entire program before turning this on. +// Basically, we'll have $ssl = true on any links which can only be seen by a logged in user +// (and also the login link). Anything seen by an outsider will have it turned off. +// At present, setting SSL_POLICY_SELFSIGN will only force remote contacts to update their +// contact links to this site with "http:" if they are currently using "https:" + +// if($this->config['system']['ssl_policy'] == SSL_POLICY_SELFSIGN) { +// if($ssl) +// $scheme = 'https'; +// else +// $scheme = 'http'; +// } } $this->baseurl = $scheme . "://" . $this->hostname . ((isset($this->path) && strlen($this->path)) ? '/' . $this->path : '' ); @@ -681,6 +701,7 @@ function get_guid($size=16) { if(! function_exists('login')) { function login($register = false, $hiddens=false) { + $a = get_app(); $o = ""; $reg = false; if ($register) { @@ -692,31 +713,35 @@ function login($register = false, $hiddens=false) { $noid = get_config('system','no_openid'); + $dest_url = $a->get_baseurl(true) . '/' . $a->query_string; + if(local_user()) { $tpl = get_markup_template("logout.tpl"); } else { $tpl = get_markup_template("login.tpl"); - + $_SESSION['return_url'] = $a->query_string; } $o .= replace_macros($tpl,array( - '$logout' => t('Logout'), - '$login' => t('Login'), + + '$dest_url' => $dest_url, + '$logout' => t('Logout'), + '$login' => t('Login'), '$lname' => array('username', t('Nickname or Email address: ') , '', ''), '$lpassword' => array('password', t('Password: '), '', ''), '$openid' => !$noid, - '$lopenid' => array('openid_url', t('Or login using OpenID: '),'',''), + '$lopenid' => array('openid_url', t('Or login using OpenID: '),'',''), - '$hiddens' => $hiddens, + '$hiddens' => $hiddens, - '$register' => $reg, + '$register' => $reg, - '$lostpass' => t('Forgot your password?'), - '$lostlink' => t('Password Reset'), + '$lostpass' => t('Forgot your password?'), + '$lostlink' => t('Password Reset'), )); call_hooks('login_hook',$o); @@ -1205,7 +1230,7 @@ function current_theme(){ $a = get_app(); $system_theme = ((isset($a->config['system']['theme'])) ? $a->config['system']['theme'] : ''); - $theme_name = ((is_array($_SESSION) && x($_SESSION,'theme')) ? $_SESSION['theme'] : $system_theme); + $theme_name = ((isset($_SESSION) && x($_SESSION,'theme')) ? $_SESSION['theme'] : $system_theme); if($theme_name && file_exists('view/theme/' . $theme_name . '/style.css')) return($theme_name); @@ -1331,7 +1356,7 @@ function profile_tabs($a, $is_owner=False, $nickname=Null){ array( 'label' => t('Profile'), 'url' => $url.'/?tab=profile', - 'sel' => (($tab=='profile')?'active':''), + 'sel' => ((isset($tab) && $tab=='profile')?'active':''), ), array( 'label' => t('Photos'),