fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-03 16:51:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

Remove optional SSL

Browse source
This commit is contained in:
Kijin Sung 2020-07-03 00:41:59 +09:00
parent 9fdcd86f1d
commit 67dfb3c282
20 changed files with 24 additions and 205 deletions
Download patch file Download diff file Expand all files Collapse all files

79
classes/context/Context.class.php
View file

@ -131,17 +131,13 @@ class Context
* Current route information
*/
private static $_route_info = null;
/**
* object oFrontEndFileHandler()
* @var object
*/
private static $_oFrontEndFileHandler = null;
/**
* SSL action cache
*/
private static $_ssl_actions = array();
/**
* Plugin blacklist cache
*/
@ -268,7 +264,7 @@ class Context
self::set('_default_url', self::$_instance->db_info->default_url = self::getDefaultUrl($site_module_info));
self::set('_http_port', self::$_instance->db_info->http_port = $site_module_info->http_port ?: null);
self::set('_https_port', self::$_instance->db_info->https_port = $site_module_info->https_port ?: null);
self::set('_use_ssl', self::$_instance->db_info->use_ssl = $site_module_info->security ?: 'none');
self::set('_use_ssl', self::$_instance->db_info->use_ssl = ($site_module_info->security === 'none' ? 'none' : 'always'));
}
else
{
@ -280,8 +276,8 @@ class Context
self::set('site_module_info', $site_module_info);
}
// Redirect to SSL if the current domain always uses SSL.
if (!RX_SSL && PHP_SAPI !== 'cli' && $site_module_info->security === 'always' && !$site_module_info->is_default_replaced)
// Redirect to SSL if the current domain requires SSL.
if (!RX_SSL && PHP_SAPI !== 'cli' && $site_module_info->security !== 'none' && !$site_module_info->is_default_replaced)
{
$ssl_url = self::getDefaultUrl($site_module_info, true) . RX_REQUEST_URL;
self::setCacheControl(0);
@ -289,16 +285,6 @@ class Context
exit;
}
// Redirect to SSL if the current action requires SSL.
self::$_ssl_actions = $site_module_info->security === 'optional' ? ModuleModel::getActionSecurity() : array();
if (!RX_SSL && count(self::$_ssl_actions) && self::isExistsSSLAction(self::get('act')) && self::getRequestMethod() === 'GET')
{
$ssl_url = self::getDefaultUrl($site_module_info, true) . RX_REQUEST_URL;
self::setCacheControl(0);
header('Location: ' . $ssl_url, true, 301);
exit;
}
// Load language support.
$enabled_langs = self::loadLangSelected();
$set_lang_cookie = false;
@ -631,7 +617,7 @@ class Context
/**
* Return ssl status
*
* @return object SSL status (Optional - none|always|optional)
* @return object SSL status (none or always)
*/
public static function getSSLStatus()
{
@ -657,7 +643,7 @@ class Context
$site_module_info = self::get('site_module_info');
}
$prefix = ($site_module_info->security === 'always' || $use_ssl) ? 'https://' : 'http://';
$prefix = ($site_module_info->security !== 'none' || $use_ssl) ? 'https://' : 'http://';
$hostname = $site_module_info->domain;
$port = ($prefix === 'https://') ? $site_module_info->https_port : $site_module_info->http_port;
$result = $prefix . $hostname . ($port ? sprintf(':%d', $port) : '') . RX_BASEURL;
@ -1751,7 +1737,7 @@ class Context
}
// If using SSL always
if($site_module_info->security == 'always')
if($site_module_info->security !== 'none')
{
if(!$domain && RX_SSL)
{
@ -1762,20 +1748,6 @@ class Context
$query = self::getRequestUri(ENFORCE_SSL, $domain) . $query;
}
}
// optional SSL use
elseif($site_module_info->security == 'optional')
{
$ssl_mode = ((self::get('module') === 'admin') || ($get_vars['module'] === 'admin') || (isset($get_vars['act']) && self::isExistsSSLAction($get_vars['act']))) ? ENFORCE_SSL : RELEASE_SSL;
if(!$domain && (RX_SSL && ENFORCE_SSL) || (!RX_SSL && RELEASE_SSL))
{
$query = RX_BASEURL . $query;
}
else
{
$query = self::getRequestUri($ssl_mode, $domain) . $query;
}
}
// no SSL
else
{
// currently on SSL but target is not based on SSL
@ -1841,7 +1813,7 @@ class Context
}
$site_module_info = self::get('site_module_info');
if ($site_module_info->security === 'always')
if ($site_module_info->security !== 'none')
{
$ssl_mode = ENFORCE_SSL;
}
@ -2001,73 +1973,60 @@ class Context
/**
* Register if an action is to be encrypted by SSL. Those actions are sent to https in common/js/xml_handler.js
*
* @deprecated
* @param string $action act name
* @return void
*/
public static function addSSLAction($action)
{
if (!ModuleModel::getActionSecurity($action))
{
getController('module')->insertActionSecurity($action);
}
self::$_ssl_actions[$action] = true;
}
/**
* Register if actions are to be encrypted by SSL. Those actions are sent to https in common/js/xml_handler.js
*
* @deprecated
* @param array $action_array
* @return void
*/
public static function addSSLActions($action_array)
{
foreach($action_array as $action)
{
self::addSSLAction($action);
}
}
/**
* Delete if action is registerd to be encrypted by SSL.
*
* @deprecated
* @param string $action act name
* @return void
*/
public static function subtractSSLAction($action)
{
if (ModuleModel::getActionSecurity($action))
{
getController('module')->deleteActionSecurity($action);
}
unset(self::$_ssl_actions[$action]);
}
/**
* Get SSL Action
*
* @deprecated
* @return string acts in array
*/
public static function getSSLActions()
{
if(self::getSSLStatus() == 'optional')
{
return self::$_ssl_actions;
}
else
{
return array();
}
return array();
}
/**
* Check SSL action are existed
*
* @deprecated
* @param string $action act name
* @return bool If SSL exists, return TRUE.
* @return bool
*/
public static function isExistsSSLAction($action)
{
return isset(self::$_ssl_actions[$action]);
return false;
}
/**

2
common/tpl/common_layout.html
View file

@ -57,7 +57,7 @@
var https_port = {Context::get("_https_port") ?: 'null'};
var enforce_ssl = {$site_module_info->security === 'always' ? 'true' : 'false'};
var cookies_ssl = {config('session.use_ssl_cookies') ? 'true' : 'false'};
var ssl_actions = {json_encode(array_keys(Context::getSSLActions()))};
var ssl_actions = [];
var xeVid = null;
</script>
</head>

5
modules/admin/lang/en.php
View file

@ -110,9 +110,8 @@ $lang->about_auto_select_lang = 'Automatically select the language based on the
$lang->about_recompile_cache = 'Delete useless or invalid cache files?';
$lang->confirm_run = 'It may take a long time. Do you want to run?';
$lang->use_ssl = 'Use HTTPS';
$lang->ssl_options['none'] = 'None';
$lang->ssl_options['optional'] = 'Optional (not recommended)';
$lang->ssl_options['always'] = 'Always (recommended)';
$lang->ssl_options['none'] = 'No';
$lang->ssl_options['always'] = 'Yes (recommended)';
$lang->cmd_http_port = 'HTTP Port';
$lang->cmd_https_port = 'HTTPS Port';
$lang->cmd_index_module_srl = 'Main Module';

1
modules/admin/lang/es.php
View file

@ -35,7 +35,6 @@ $lang->welcome_to_xe = 'Esta es la página del Administrador de Rhymix';
$lang->about_lang_env = 'Para aplicar idioma seleccionado conjunto de los usuarios, como por defecto, haga clic en el botón [Guardar] el cambio.';
$lang->xe_license = 'Rhymix está bajo la Licencia de GPL';
$lang->ssl_options['none'] = 'Desactivar';
$lang->ssl_options['optional'] = 'Opcionalmente el (no recomendado)';
$lang->ssl_options['always'] = 'Utilice siempre el (recomendado)';
$lang->about_use_ssl = 'Opcionalmente, la composición de suscripción / editar la información y el uso de SSL especificada en la acción es siempre el uso de SSL para todos los servicios que se utilizarán.';
$lang->server_ports = 'Especifique el puerto del servidor';

1
modules/admin/lang/fr.php
View file

@ -34,7 +34,6 @@ $lang->welcome_to_xe = 'Bienvenue sur la Page d\'Administration du Rhymix';
$lang->about_lang_env = 'Vous pouvez fixer la Langue Par Défaut par cliquer le boutton [Conserver] au-dessous. Les visiteurs vont voir tous les menus et les messages en langue que vous choisissez.';
$lang->xe_license = 'Rhymix s\'applique la GPL';
$lang->ssl_options['none'] = 'Ne Pas utiliser';
$lang->ssl_options['optional'] = 'Optionnel (non recommandé)';
$lang->ssl_options['always'] = 'Toujours (recommandé)';
$lang->about_use_ssl = 'Si l\'on choisit \'Optionnel\' , on utilise protocole SSL seulement dans quelques services comme inscription ou modification. Si l\'on choisit \'Toujours\', on utilise protocole SSL dans tous les services.';
$lang->server_ports = 'déclarer le port de serveur';

1
modules/admin/lang/ja.php
View file

@ -70,7 +70,6 @@ $lang->about_recompile_cache = '不要もしくは、無効なキャッシュフ
$lang->confirm_run = '時間がかかる場合があります。実行しますか?';
$lang->use_ssl = '<abbr title="Secure Sockets Layer">SSL</abbr>を使用';
$lang->ssl_options['none'] = '使わない';
$lang->ssl_options['optional'] = '部分的に使う(推奨しない)';
$lang->ssl_options['always'] = '常に使う(推奨)';
$lang->about_use_ssl = '「部分的に使う」は、「会員登録/会員情報変更」など指定されたアクションでSSLを使います。「常に使う」は、すべてのサービスにSSLを使います。SSLサーバ証明書がインストールされてない場合での使用はお控えください。サイトへのアクセスができない場合があります。';
$lang->server_ports = 'サーバーポート指定';

1
modules/admin/lang/ko.php
View file

@ -110,7 +110,6 @@ $lang->about_recompile_cache = '쓸모 없어졌거나 잘못된 캐시파일들
$lang->confirm_run = '오랜 시간이 걸릴 수 있습니다. 실행하시겠습니까?';
$lang->use_ssl = 'HTTPS 사용';
$lang->ssl_options['none'] = '사용하지 않음';
$lang->ssl_options['optional'] = '선택적으로 사용 (권장하지 않음)';
$lang->ssl_options['always'] = '항상 사용 (권장)';
$lang->cmd_http_port = 'HTTP 포트';
$lang->cmd_https_port = 'HTTPS 포트';

1
modules/admin/lang/ru.php
View file

@ -30,7 +30,6 @@ $lang->xe_license = 'Rhymix подчиняется Стандартной Общ
$lang->yesterday = 'Вчера';
$lang->today = 'Сегодня';
$lang->ssl_options['none'] = 'Никогда';
$lang->ssl_options['optional'] = 'На выбор';
$lang->ssl_options['always'] = 'Всегда';
$lang->thumbnail_type = 'Тип миниатюры';
$lang->thumbnail_crop = 'Обрезать';

1
modules/admin/lang/tr.php
View file

@ -62,7 +62,6 @@ $lang->about_recompile_cache = 'Gereksiz ve ya yanlış olan önbellek dosyalar
$lang->confirm_run = 'Bu işlem biraz uzun sürebilir. Başlatmak istiyor musunuz?';
$lang->use_ssl = '<abbr title="Secure Sockets Layer">SSL</abbr>\'i kullanmak istiyor musunuz?';
$lang->ssl_options['none'] = 'Hiçbir zaman';
$lang->ssl_options['optional'] = 'İsteğe Bağlı';
$lang->ssl_options['always'] = 'Her zaman';
$lang->about_use_ssl = '\'İsteği Bağlı\' seçiminde; SSL, kayıt olma/bilgi değiştirme gibi eylemler için kullanılacaktır. \'Her zaman\' seçiminde, siteniz sadece http yoluyla hizmet verecektir.';
$lang->server_ports = 'Sunucu Bağlantı Noktası (port)';

1
modules/admin/lang/vi.php
View file

@ -43,7 +43,6 @@ $lang->xe_license = 'Rhymix sử dụng giấy phép GPL';
$lang->yesterday = 'Hôm qua';
$lang->today = 'Hôm nay';
$lang->ssl_options['none'] = 'Không sử dụng';
$lang->ssl_options['optional'] = 'Tùy chỉnh';
$lang->ssl_options['always'] = 'Luôn luôn';
$lang->about_use_ssl = 'Nếu bạn chọn \'Tùy chỉnh\', SSL sẽ sử dụng và những công việc như đăng kí, sửa thông tin thành viên, . Chỉ chọn \'Luôn luôn\' khi Website của bạn đang chạy trên Server có hỗ trợ https. SSL 환경이 갖춰지지 않은 상태에서 SSL을 사용할 경우 접속이 되지 않을 수 있으니 주의 바랍니다.';
$lang->server_ports = 'Cổng kết nối';

1
modules/admin/lang/zh-CN.php
View file

@ -57,7 +57,6 @@ $lang->about_recompile_cache = '清空cache缓存?';
$lang->confirm_run = '此过程可能需要耗费一段时间,是否继续?';
$lang->use_ssl = '是否使用<abbr title="Secure Sockets Layer">SSL</abbr>安全连接?';
$lang->ssl_options['none'] = '不使用';
$lang->ssl_options['optional'] = '可选(不推荐)';
$lang->ssl_options['always'] = '始终(推荐)';
$lang->about_use_ssl = '<p>选择“可选”是为指定的操作例如注册和更改信息使用SSL。<br />选择“总是”是为Rhymix生成的整个页面使用SSL。</p><p>请小心! 在安装SSL证书之前您可能无法访问该网站。</p>';
$lang->server_ports = '指定服务器端口';

1
modules/admin/lang/zh-TW.php
View file

@ -39,7 +39,6 @@ $lang->xe_license = 'Rhymix遵循 GPL協議';
$lang->yesterday = '昨天';
$lang->today = '今天';
$lang->ssl_options['none'] = '關閉';
$lang->ssl_options['optional'] = '可選(不推薦)';
$lang->ssl_options['always'] = '始終(推薦)';
$lang->about_use_ssl = '<p>選擇“可選”是為指定的操作例如註冊和更改信息使用SSL。 <br />選擇“總是”是為Rhymix生成的整個頁面使用SSL。 </p><p>請小心在安裝SSL證書之前您可能無法訪問該網站。</p>';
$lang->server_ports = '主機埠口';

5
modules/admin/tpl/config_domains_edit.html
View file

@ -54,9 +54,8 @@
<label class="x_control-label" for="domain_security">{$lang->use_ssl}</label>
<div class="x_controls">
<select id="domain_security" name="domain_security">
<!--@foreach($lang->ssl_options as $key => $val)-->
<option value="{$key}" selected="selected"|cond="($domain_info && $domain_info->security == $key) || (!$domain_info && config('url.ssl') == $key)" />{$val}</option>
<!--@endforeach-->
<option value="none" selected="selected"|cond="($domain_info && $domain_info->security === 'none') || (!$domain_info && config('url.ssl') === 'none')" />{$lang->ssl_options['none']}</option>
<option value="always" selected="selected"|cond="($domain_info && $domain_info->security !== 'none') || (!$domain_info && config('url.ssl') !== 'none')" />{$lang->ssl_options['always']}</option>
</select>
<div class="x_help-block">{lang('admin.about_use_ssl')}</div>
</div>

7
modules/install/install.admin.controller.php
View file

@ -26,7 +26,6 @@ class installAdminController extends install
$oInstallController->installModule($module_name, './modules/'.$module_name);
$oModuleController = getController('module');
$oModuleController->registerActionForwardRoutes($module_name);
$oModuleController->registerSecureActions($module_name);
$this->setMessage('success_installed');
}
@ -58,12 +57,6 @@ class installAdminController extends install
Rhymix\Framework\Session::start();
return $output;
}
$output = $oModuleController->registerSecureActions($module_name);
if($output instanceof BaseObject && !$output->toBool())
{
Rhymix\Framework\Session::start();
return $output;
}
Rhymix\Framework\Session::start();
$this->setMessage('success_updated');

48
modules/module/module.controller.php
View file

@ -50,32 +50,6 @@ class moduleController extends module
return $output;
}
/**
* @brief Add action security
*/
function insertActionSecurity($act)
{
$args = new stdClass();
$args->act = $act;
$output = executeQuery('module.insertActionSecurity', $args);
Rhymix\Framework\Cache::delete('action_security');
return $output;
}
/**
* @brief Delete action security
*/
function deleteActionSecurity($act)
{
$args = new stdClass();
$args->act = $act;
$output = executeQuery('module.deleteActionSecurity', $args);
Rhymix\Framework\Cache::delete('action_security');
return $output;
}
/**
* @brief Add trigger callback function
*
@ -1390,28 +1364,6 @@ class moduleController extends module
return new BaseObject();
}
/**
* Check if all secure actions are registered. If not, register them.
*
* @param string $module_name
* @return object
*/
public function registerSecureActions(string $module_name)
{
$action_security = ModuleModel::getActionSecurity();
$module_action_info = ModuleModel::getModuleActionXml($module_name);
foreach ($module_action_info->action ?: [] as $action_name => $action_info)
{
if ($action_info->use_ssl === 'true' && !isset($action_security[$action_name]))
{
$output = $this->insertActionSecurity($action_name);
}
}
return new BaseObject();
}
}
/* End of file module.controller.php */
/* Location: ./modules/module/module.controller.php */

44
modules/module/module.model.php
View file

@ -602,38 +602,6 @@ class moduleModel extends module
return $action_forward[$act];
}
/**
* @brief Get SSL action setting
*/
public static function getActionSecurity($act = null)
{
$action_security = Rhymix\Framework\Cache::get('action_security');
if($action_security === null)
{
$args = new stdClass();
$output = executeQueryArray('module.getActionSecurity', $args);
if(!$output->toBool())
{
return;
}
$action_security = array();
foreach($output->data as $item)
{
$action_security[$item->act] = true;
}
Rhymix\Framework\Cache::set('action_security', $action_security, 0, true);
}
if(!isset($act))
{
return $action_security;
}
return isset($action_security[$act]) ? true : false;
}
/**
* @brief Get trigger functions
*/
@ -1379,9 +1347,6 @@ class moduleModel extends module
// Get action forward
$action_forward = self::getActionForward();
// Get action security
$action_security = self::getActionSecurity();
foreach ($searched_list as $module_name)
{
@ -1466,15 +1431,6 @@ class moduleModel extends module
$info->need_update = true;
}
}
// Check if all secure actions are registered
foreach ($module_action_info->action ?: [] as $action_name => $action_info)
{
if ($action_info->use_ssl === 'true' && !isset($action_security[$action_name]))
{
$info->need_update = true;
}
}
}
$list[] = $info;
}

8
modules/module/queries/deleteActionSecurity.xml
View file

@ -1,8 +0,0 @@
<query id="deleteActionSecurity" action="delete">
<tables>
<table name="action_security" />
</tables>
<conditions>
<condition operation="equal" column="act" var="act" notnull="notnull" />
</conditions>
</query>

11
modules/module/queries/getActionSecurity.xml
View file

@ -1,11 +0,0 @@
<query id="getActionSecurity" action="select">
<tables>
<table name="action_security" />
</tables>
<columns>
<column name="*" />
</columns>
<conditions>
<condition operation="equal" column="act" var="act" />
</conditions>
</query>

8
modules/module/queries/insertActionSecurity.xml
View file

@ -1,8 +0,0 @@
<query id="insertActionSecurity" action="insert">
<tables>
<table name="action_security" />
</tables>
<columns>
<column name="act" var="act" notnull="notnull" />
</columns>
</query>

3
modules/module/schemas/action_security.xml
View file

@ -1,3 +0,0 @@
<table name="action_security">
<column name="act" type="varchar" size="80" notnull="notnull" primary_key="primary_key" />
</table>