diff --git a/core/app.cpp b/core/app.cpp index 5e59ab7..e6b898f 100755 --- a/core/app.cpp +++ b/core/app.cpp @@ -221,23 +221,34 @@ return true; /* - if this method returns true then we make a redirect + this method is called when the connection is through SSL + if this method returns true then we make a redirect to an ordinary http (without ssl) */ bool App::ShouldNotUseSSL() { if( cur.request->method == Request::post ) + { + // something comes via POST, don't do a redirect because you lose the date return false; + } if( !config.use_ssl ) + { + // we should not use SSL, we make a redirect return true; + } - // !! IMPROVE ME add a flag to functions to indicate if the function need SSL - if( cur.request->function == &functions.fun_login || - cur.request->function == &functions.fun_adduser ) + if( cur.request->function->need_ssl ) + { + // this winix function require SSL, so we don't make a redirect return false; + } if( config.use_ssl_only_for_logged_users && !cur.session->puser ) + { + // use_ssl_only_for_logged_users is true and noone is logged, do the redirect return true; + } return false; } @@ -245,23 +256,35 @@ return false; /* - if this method returns true then we make a redirect + this method is called when the connection is NOT through SSL + if this method returns true then we make a redirect to SSL */ bool App::ShouldUseSSL() { if( cur.request->method == Request::post ) + { + // something comes via POST, don't do a redirect because you lose the date return false; + } if( !config.use_ssl ) + { + // we do not use ssl, don't do the redirect return false; + } - // !! IMPROVE ME add a flag to functions to indicate if the function need SSL - if( cur.request->function == &functions.fun_login || - cur.request->function == &functions.fun_adduser ) + if( cur.request->function->need_ssl ) + { + // this functions require SSL, do the redirect return true; + } if( config.use_ssl_only_for_logged_users && !cur.session->puser ) + { + // we require SSL but only for logged users + // dont do redirect return false; + } return true; } @@ -276,7 +299,7 @@ bool status = true; if( ShouldNotUseSSL() ) { BaseUrlRedirect(config.use_ssl_redirect_code, true); - log << log3 << "App: this operation should NOT be used in SSL connection" << logend; + log << log3 << "App: this operation should NOT be used through SSL" << logend; status = false; } } @@ -284,7 +307,7 @@ bool status = true; if( ShouldUseSSL() ) { BaseUrlRedirect(config.use_ssl_redirect_code, true); - log << log3 << "App: this operation should be used in SSL connection" << logend; + log << log3 << "App: this operation should be used through SSL" << logend; status = false; } diff --git a/functions/adduser.cpp b/functions/adduser.cpp index a11f3d7..b4d1c42 100755 --- a/functions/adduser.cpp +++ b/functions/adduser.cpp @@ -21,7 +21,8 @@ namespace Fun AddUser::AddUser() { - fun.url = L"adduser"; + fun.url = L"adduser"; + need_ssl = true; } diff --git a/functions/functionbase.cpp b/functions/functionbase.cpp index 2bb37ab..f7cdc1c 100755 --- a/functions/functionbase.cpp +++ b/functions/functionbase.cpp @@ -16,6 +16,7 @@ FunctionBase::FunctionBase() { follow_symlinks = true; template_index = size_t(-1); + need_ssl = false; fun.user_id = -1; fun.group_id = -1; diff --git a/functions/functionbase.h b/functions/functionbase.h index 8ffca0a..00e9f78 100755 --- a/functions/functionbase.h +++ b/functions/functionbase.h @@ -43,6 +43,14 @@ public: // html template index (for using with 'patterns' object) size_t template_index; + // try to use SSL + // if in the config 'use_ssl' is true and 'use_ssl_only_for_logged_users' is true + // then ssl is used only for logged users but sometimes there is a need to use + // SSL even if noone is logged (for example for such functions like 'login' or 'adduser') + // default: false + // (this option is ignored if 'use_ssl' in the config is false) + bool need_ssl; + virtual void Init(); virtual bool HasAccess(); virtual void MakePost(); diff --git a/functions/login.cpp b/functions/login.cpp index 28dba08..359d8a9 100755 --- a/functions/login.cpp +++ b/functions/login.cpp @@ -17,7 +17,8 @@ namespace Fun Login::Login() { - fun.url = L"login"; + fun.url = L"login"; + need_ssl = true; }