Merge pull request #1336 from kijin/no-optional-ssl

SSL 선택적 사용 옵션 제거 #1323

classes/context/Context.class.php

@@ -131,17 +131,13 @@ class Context
 	 * Current route information
 	 */
 	private static $_route_info = null;
+
 	/**
 	 * object oFrontEndFileHandler()
 	 * @var object
 	 */
 	private static $_oFrontEndFileHandler = null;
 
-	/**
-	 * SSL action cache
-	 */
-	private static $_ssl_actions = array();
-
 	/**
 	 * Plugin blacklist cache
 	 */
@@ -268,7 +264,7 @@ class Context
 			self::set('_default_url', self::$_instance->db_info->default_url = self::getDefaultUrl($site_module_info));
 			self::set('_http_port', self::$_instance->db_info->http_port = $site_module_info->http_port ?: null);
 			self::set('_https_port', self::$_instance->db_info->https_port = $site_module_info->https_port ?: null);
-			self::set('_use_ssl', self::$_instance->db_info->use_ssl = $site_module_info->security ?: 'none');
+			self::set('_use_ssl', self::$_instance->db_info->use_ssl = ($site_module_info->security === 'none' ? 'none' : 'always'));
 		}
 		else
 		{
@@ -280,8 +276,8 @@ class Context
 			self::set('site_module_info', $site_module_info);
 		}
 		
-		// Redirect to SSL if the current domain always uses SSL.
-		if (!RX_SSL && PHP_SAPI !== 'cli' && $site_module_info->security === 'always' && !$site_module_info->is_default_replaced)
+		// Redirect to SSL if the current domain requires SSL.
+		if (!RX_SSL && PHP_SAPI !== 'cli' && $site_module_info->security !== 'none' && !$site_module_info->is_default_replaced)
 		{
 			$ssl_url = self::getDefaultUrl($site_module_info, true) . RX_REQUEST_URL;
 			self::setCacheControl(0);
@@ -289,16 +285,6 @@ class Context
 			exit;
 		}
 		
-		// Redirect to SSL if the current action requires SSL.
-		self::$_ssl_actions = $site_module_info->security === 'optional' ? ModuleModel::getActionSecurity() : array();
-		if (!RX_SSL && count(self::$_ssl_actions) && self::isExistsSSLAction(self::get('act')) && self::getRequestMethod() === 'GET')
-		{
-			$ssl_url = self::getDefaultUrl($site_module_info, true) . RX_REQUEST_URL;
-			self::setCacheControl(0);
-			header('Location: ' . $ssl_url, true, 301);
-			exit;
-		}
-
 		// Load language support.
 		$enabled_langs = self::loadLangSelected();
 		$set_lang_cookie = false;
@@ -631,7 +617,7 @@ class Context
 	/**
 	 * Return ssl status
 	 *
-	 * @return object SSL status (Optional - none|always|optional)
+	 * @return object SSL status (none or always)
 	 */
 	public static function getSSLStatus()
 	{
@@ -657,7 +643,7 @@ class Context
 			$site_module_info = self::get('site_module_info');
 		}
 		
-		$prefix = ($site_module_info->security === 'always' || $use_ssl) ? 'https://' : 'http://';
+		$prefix = ($site_module_info->security !== 'none' || $use_ssl) ? 'https://' : 'http://';
 		$hostname = $site_module_info->domain;
 		$port = ($prefix === 'https://') ? $site_module_info->https_port : $site_module_info->http_port;
 		$result = $prefix . $hostname . ($port ? sprintf(':%d', $port) : '') . RX_BASEURL;
@@ -1751,7 +1737,7 @@ class Context
 		}
 		
 		// If using SSL always
-		if($site_module_info->security == 'always')
+		if($site_module_info->security !== 'none')
 		{
 			if(!$domain && RX_SSL)
 			{
@@ -1762,20 +1748,6 @@ class Context
 				$query = self::getRequestUri(ENFORCE_SSL, $domain) . $query;
 			}
 		}
-		// optional SSL use
-		elseif($site_module_info->security == 'optional')
-		{
-			$ssl_mode = ((self::get('module') === 'admin') || ($get_vars['module'] === 'admin') || (isset($get_vars['act']) && self::isExistsSSLAction($get_vars['act']))) ? ENFORCE_SSL : RELEASE_SSL;
-			if(!$domain && (RX_SSL && ENFORCE_SSL) || (!RX_SSL && RELEASE_SSL))
-			{
-				$query = RX_BASEURL . $query;
-			}
-			else
-			{
-				$query = self::getRequestUri($ssl_mode, $domain) . $query;
-			}
-		}
-		// no SSL
 		else
 		{
 			// currently on SSL but target is not based on SSL
@@ -1841,7 +1813,7 @@ class Context
 		}
 
 		$site_module_info = self::get('site_module_info');
-		if ($site_module_info->security === 'always')
+		if ($site_module_info->security !== 'none')
 		{
 			$ssl_mode = ENFORCE_SSL;
 		}
@@ -2001,73 +1973,60 @@ class Context
 	/**
 	 * Register if an action is to be encrypted by SSL. Those actions are sent to https in common/js/xml_handler.js
 	 *
+	 * @deprecated
 	 * @param string $action act name
 	 * @return void
 	 */
 	public static function addSSLAction($action)
 	{
-		if (!ModuleModel::getActionSecurity($action))
-		{
-			getController('module')->insertActionSecurity($action);
-		}
-		self::$_ssl_actions[$action] = true;
+		
 	}
 
 	/**
 	 * Register if actions are to be encrypted by SSL. Those actions are sent to https in common/js/xml_handler.js
 	 *
+	 * @deprecated
 	 * @param array $action_array
 	 * @return void
 	 */
 	public static function addSSLActions($action_array)
 	{
-		foreach($action_array as $action)
-		{
-			self::addSSLAction($action);
-		}
+		
 	}
 
 	/**
 	 * Delete if action is registerd to be encrypted by SSL.
 	 *
+	 * @deprecated
 	 * @param string $action act name
 	 * @return void
 	 */
 	public static function subtractSSLAction($action)
 	{
-		if (ModuleModel::getActionSecurity($action))
-		{
-			getController('module')->deleteActionSecurity($action);
-		}
-		unset(self::$_ssl_actions[$action]);
+		
 	}
 
 	/**
 	 * Get SSL Action
 	 *
+	 * @deprecated
 	 * @return string acts in array
 	 */
 	public static function getSSLActions()
 	{
-		if(self::getSSLStatus() == 'optional')
-		{
-			return self::$_ssl_actions;
-		}
-		else
-		{
-			return array();
-		}
+		return array();
 	}
 
 	/**
 	 * Check SSL action are existed
 	 *
+	 * @deprecated
 	 * @param string $action act name
-	 * @return bool If SSL exists, return TRUE.
+	 * @return bool
 	 */
 	public static function isExistsSSLAction($action)
 	{
-		return isset(self::$_ssl_actions[$action]);
+		return false;
 	}
 
 	/**

common/framework/parsers/configparser.php

@@ -198,7 +198,7 @@ class ConfigParser
 		$config['url']['default'] = $default_url ?: (\RX_SSL ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . \RX_BASEURL;
 		$config['url']['http_port'] = $db_info->http_port ?: null;
 		$config['url']['https_port'] = $db_info->https_port ?: null;
-		$config['url']['ssl'] = $db_info->use_ssl ?: 'none';
+		$config['url']['ssl'] = ($db_info->use_ssl === 'none') ? 'none' : 'always';
 		
 		// Convert session configuration.
 		$config['session']['delay'] = $db_info->delay_session === 'Y' ? true : false;

common/framework/parsers/moduleactionparser.php

@@ -127,7 +127,6 @@ class ModuleActionParser extends BaseParser
 			$action_info->check_csrf = (trim($action['check_csrf']) ?: trim($action['check-csrf'])) === 'false' ? 'false' : 'true';
 			$action_info->meta_noindex = (trim($action['meta_noindex']) ?: trim($action['meta-noindex'])) === 'true' ? 'true' : 'false';
 			$action_info->global_route = (trim($action['global_route']) ?: trim($action['global-route'])) === 'true' ? 'true' : 'false';
-			$action_info->use_ssl = (trim($action['use_ssl']) ?: trim($action['use-ssl'])) === 'true' ? 'true' : 'false';
 			$info->action->{$action_name} = $action_info;
 			
 			// Set the menu name and index settings.

common/tpl/common_layout.html

@@ -57,7 +57,7 @@
 	var https_port = {Context::get("_https_port") ?: 'null'};
 	var enforce_ssl = {$site_module_info->security === 'always' ? 'true' : 'false'};
 	var cookies_ssl = {config('session.use_ssl_cookies') ? 'true' : 'false'};
-	var ssl_actions = {json_encode(array_keys(Context::getSSLActions()))};
+	var ssl_actions = [];
 	var xeVid = null;
 </script>
 </head>

modules/admin/lang/en.php

@@ -110,9 +110,8 @@ $lang->about_auto_select_lang = 'Automatically select the language based on the
 $lang->about_recompile_cache = 'Delete useless or invalid cache files?';
 $lang->confirm_run = 'It may take a long time. Do you want to run?';
 $lang->use_ssl = 'Use HTTPS';
-$lang->ssl_options['none'] = 'None';
-$lang->ssl_options['optional'] = 'Optional (not recommended)';
-$lang->ssl_options['always'] = 'Always (recommended)';
+$lang->ssl_options['none'] = 'No';
+$lang->ssl_options['always'] = 'Yes (recommended)';
 $lang->cmd_http_port = 'HTTP Port';
 $lang->cmd_https_port = 'HTTPS Port';
 $lang->cmd_index_module_srl = 'Main Module';

modules/admin/lang/es.php

@@ -35,7 +35,6 @@ $lang->welcome_to_xe = 'Esta es la página del Administrador de Rhymix';
 $lang->about_lang_env = 'Para aplicar idioma seleccionado conjunto de los usuarios, como por defecto, haga clic en el botón [Guardar] el cambio.';
 $lang->xe_license = 'Rhymix está bajo la Licencia de GPL';
 $lang->ssl_options['none'] = 'Desactivar';
-$lang->ssl_options['optional'] = 'Opcionalmente el (no recomendado)';
 $lang->ssl_options['always'] = 'Utilice siempre el (recomendado)';
 $lang->about_use_ssl = 'Opcionalmente, la composición de suscripción / editar la información y el uso de SSL especificada en la acción es siempre el uso de SSL para todos los servicios que se utilizarán.';
 $lang->server_ports = 'Especifique el puerto del servidor';

modules/admin/lang/fr.php

@@ -34,7 +34,6 @@ $lang->welcome_to_xe = 'Bienvenue sur la Page d\'Administration du Rhymix';
 $lang->about_lang_env = 'Vous pouvez fixer la Langue Par Défaut par cliquer le boutton [Conserver] au-dessous. Les visiteurs vont voir tous les menus et les messages en langue que vous choisissez.';
 $lang->xe_license = 'Rhymix s\'applique la GPL';
 $lang->ssl_options['none'] = 'Ne Pas utiliser';
-$lang->ssl_options['optional'] = 'Optionnel (non recommandé)';
 $lang->ssl_options['always'] = 'Toujours (recommandé)';
 $lang->about_use_ssl = 'Si l\'on choisit \'Optionnel\' , on utilise protocole SSL seulement dans quelques services comme inscription ou modification. Si l\'on choisit \'Toujours\', on utilise protocole SSL dans tous les services.';
 $lang->server_ports = 'déclarer le port de serveur';

modules/admin/lang/ja.php

@@ -70,7 +70,6 @@ $lang->about_recompile_cache = '不要もしくは、無効なキャッシュフ
 $lang->confirm_run = '時間がかかる場合があります。実行しますか？';
 $lang->use_ssl = '<abbr title="Secure Sockets Layer">SSL</abbr>を使用';
 $lang->ssl_options['none'] = '使わない';
-$lang->ssl_options['optional'] = '部分的に使う（推奨しない）';
 $lang->ssl_options['always'] = '常に使う（推奨）';
 $lang->about_use_ssl = '「部分的に使う」は、「会員登録/会員情報変更」など指定されたアクションでSSLを使います。「常に使う」は、すべてのサービスにSSLを使います。SSLサーバ証明書がインストールされてない場合での使用はお控えください。サイトへのアクセスができない場合があります。';
 $lang->server_ports = 'サーバーポート指定';

modules/admin/lang/ko.php

@@ -110,7 +110,6 @@ $lang->about_recompile_cache = '쓸모 없어졌거나 잘못된 캐시파일들
 $lang->confirm_run = '오랜 시간이 걸릴 수 있습니다. 실행하시겠습니까?';
 $lang->use_ssl = 'HTTPS 사용';
 $lang->ssl_options['none'] = '사용하지 않음';
-$lang->ssl_options['optional'] = '선택적으로 사용 (권장하지 않음)';
 $lang->ssl_options['always'] = '항상 사용 (권장)';
 $lang->cmd_http_port = 'HTTP 포트';
 $lang->cmd_https_port = 'HTTPS 포트';

modules/admin/lang/ru.php

@@ -30,7 +30,6 @@ $lang->xe_license = 'Rhymix подчиняется Стандартной Общ
 $lang->yesterday = 'Вчера';
 $lang->today = 'Сегодня';
 $lang->ssl_options['none'] = 'Никогда';
-$lang->ssl_options['optional'] = 'На выбор';
 $lang->ssl_options['always'] = 'Всегда';
 $lang->thumbnail_type = 'Тип миниатюры';
 $lang->thumbnail_crop = 'Обрезать';

modules/admin/lang/tr.php

@@ -62,7 +62,6 @@ $lang->about_recompile_cache = 'Gereksiz ve ya yanlış olan önbellek dosyalar
 $lang->confirm_run = 'Bu işlem biraz uzun sürebilir. Başlatmak istiyor musunuz?';
 $lang->use_ssl = '<abbr title="Secure Sockets Layer">SSL</abbr>\'i kullanmak istiyor musunuz?';
 $lang->ssl_options['none'] = 'Hiçbir zaman';
-$lang->ssl_options['optional'] = 'İsteğe Bağlı';
 $lang->ssl_options['always'] = 'Her zaman';
 $lang->about_use_ssl = '\'İsteği Bağlı\' seçiminde; SSL, kayıt olma/bilgi değiştirme gibi eylemler için kullanılacaktır. \'Her zaman\' seçiminde, siteniz sadece http yoluyla hizmet verecektir.';
 $lang->server_ports = 'Sunucu Bağlantı Noktası (port)';

modules/admin/lang/vi.php

@@ -43,7 +43,6 @@ $lang->xe_license = 'Rhymix sử dụng giấy phép GPL';
 $lang->yesterday = 'Hôm qua';
 $lang->today = 'Hôm nay';
 $lang->ssl_options['none'] = 'Không sử dụng';
-$lang->ssl_options['optional'] = 'Tùy chỉnh';
 $lang->ssl_options['always'] = 'Luôn luôn';
 $lang->about_use_ssl = 'Nếu bạn chọn \'Tùy chỉnh\', SSL sẽ sử dụng và những công việc như đăng kí, sửa thông tin thành viên, . Chỉ chọn \'Luôn luôn\' khi Website của bạn đang chạy trên Server có hỗ trợ https. SSL 환경이 갖춰지지 않은 상태에서 SSL을 사용할 경우 접속이 되지 않을 수 있으니 주의 바랍니다.';
 $lang->server_ports = 'Cổng kết nối';

modules/admin/lang/zh-CN.php

@@ -57,7 +57,6 @@ $lang->about_recompile_cache = '清空cache缓存?';
 $lang->confirm_run = '此过程可能需要耗费一段时间，是否继续?';
 $lang->use_ssl = '是否使用<abbr title="Secure Sockets Layer">SSL</abbr>安全连接?';
 $lang->ssl_options['none'] = '不使用';
-$lang->ssl_options['optional'] = '可选（不推荐）';
 $lang->ssl_options['always'] = '始终（推荐）';
 $lang->about_use_ssl = '<p>选择“可选”是为指定的操作（例如注册和更改信息）使用SSL。<br />选择“总是”是为Rhymix生成的整个页面使用SSL。</p><p>请小心！ 在安装SSL证书之前，您可能无法访问该网站。</p>';
 $lang->server_ports = '指定服务器端口';

modules/admin/lang/zh-TW.php

@@ -39,7 +39,6 @@ $lang->xe_license = 'Rhymix遵循 GPL協議';
 $lang->yesterday = '昨天';
 $lang->today = '今天';
 $lang->ssl_options['none'] = '關閉';
-$lang->ssl_options['optional'] = '可選（不推薦）';
 $lang->ssl_options['always'] = '始終（推薦）';
 $lang->about_use_ssl = '<p>選擇“可選”是為指定的操作（例如註冊和更改信息）使用SSL。 <br />選擇“總是”是為Rhymix生成的整個頁面使用SSL。 </p><p>請小心！在安裝SSL證書之前，您可能無法訪問該網站。</p>';
 $lang->server_ports = '主機埠口';

modules/admin/tpl/config_domains_edit.html

@@ -54,9 +54,8 @@
 			<label class="x_control-label" for="domain_security">{$lang->use_ssl}</label>
 			<div class="x_controls">
 				<select id="domain_security" name="domain_security">
-					<!--@foreach($lang->ssl_options as $key => $val)-->
-						<option value="{$key}" selected="selected"|cond="($domain_info && $domain_info->security == $key) || (!$domain_info && config('url.ssl') == $key)" />{$val}</option>
-					<!--@endforeach-->
+					<option value="none" selected="selected"|cond="($domain_info && $domain_info->security === 'none') || (!$domain_info && config('url.ssl') === 'none')" />{$lang->ssl_options['none']}</option>
+					<option value="always" selected="selected"|cond="($domain_info && $domain_info->security !== 'none') || (!$domain_info && config('url.ssl') !== 'none')" />{$lang->ssl_options['always']}</option>
 				</select>
 				<div class="x_help-block">{lang('admin.about_use_ssl')}</div>
 			</div>

modules/board/conf/module.xml

@@ -68,25 +68,25 @@
 			<route route="category/$category:int/page/$page:int" priority="40" />
 			<route route="page/$page:int" priority="10" />
 		</action>
-		<action name="dispBoardWrite" type="view" permission="write_document" standalone="false" meta-noindex="true" use-ssl="true">
+		<action name="dispBoardWrite" type="view" permission="write_document" standalone="false" meta-noindex="true">
 			<route route="write" />
 			<route route="$document_srl/edit" />
 		</action>
-		<action name="dispBoardDelete" type="view" permission="write_document" standalone="false" meta-noindex="true" use-ssl="true" route="$document_srl/delete" />
-		<action name="dispBoardWriteComment" type="view" permission="write_comment" standalone="false" meta-noindex="true" use-ssl="true" route="$document_srl/comment" />
-		<action name="dispBoardReplyComment" type="view" permission="write_comment" standalone="false" meta-noindex="true" use-ssl="true">
+		<action name="dispBoardDelete" type="view" permission="write_document" standalone="false" meta-noindex="true" route="$document_srl/delete" />
+		<action name="dispBoardWriteComment" type="view" permission="write_comment" standalone="false" meta-noindex="true" route="$document_srl/comment" />
+		<action name="dispBoardReplyComment" type="view" permission="write_comment" standalone="false" meta-noindex="true">
 			<route route="comment/$comment_srl/reply" />
 			<route route="comment/$comment_srl/reply$document_srl:delete" />
 		</action>
-		<action name="dispBoardModifyComment" type="view" permission="write_comment" standalone="false" meta-noindex="true" use-ssl="true">
+		<action name="dispBoardModifyComment" type="view" permission="write_comment" standalone="false" meta-noindex="true">
 			<route route="comment/$comment_srl/edit" />
 			<route route="comment/$comment_srl/edit$document_srl:delete" />
 		</action>
-		<action name="dispBoardDeleteComment" type="view" permission="write_comment" standalone="false" meta-noindex="true" use-ssl="true">
+		<action name="dispBoardDeleteComment" type="view" permission="write_comment" standalone="false" meta-noindex="true">
 			<route route="comment/$comment_srl/delete" />
 			<route route="comment/$comment_srl/delete$document_srl:delete" />
 		</action>
-		<action name="dispBoardDeleteTrackback" type="view" permission="list,view" standalone="false" meta-noindex="true" use-ssl="true" />
+		<action name="dispBoardDeleteTrackback" type="view" permission="list,view" standalone="false" meta-noindex="true" />
 		<action name="dispBoardContentList" type="view" permission="list" standalone="false" />
 		<action name="dispBoardContentView" type="view" permission="view" standalone="false" />
 		<action name="dispBoardUpdateLog" type="view" permission="update_view" standalone="false" />
@@ -103,13 +103,13 @@
 		<action name="dispBoardCommentPage" type="view" permission="view" standalone="false" />
 		<action name="getBoardCommentPage" type="mobile" permission="view" standalone="false" />
 		
-		<action name="procBoardInsertDocument" type="controller" permission="write_document" standalone="false" use-ssl="true" ruleset="insertDocument" />
-		<action name="procBoardDeleteDocument" type="controller" permission="write_document" standalone="false" use-ssl="true" />
-		<action name="procBoardRevertDocument" type="controller" permission="update_view" standalone="false" use-ssl="true" />
-		<action name="procBoardInsertComment" type="controller" permission="write_comment" standalone="false" use-ssl="true" />
-		<action name="procBoardDeleteComment" type="controller" permission="write_comment" standalone="false" use-ssl="true" />
-		<action name="procBoardDeleteTrackback" type="controller" permission="list,view" standalone="false" use-ssl="true" />
-		<action name="procBoardVerificationPassword" type="controller" permission="view" standalone="false" use-ssl="true" />
+		<action name="procBoardInsertDocument" type="controller" permission="write_document" standalone="false" ruleset="insertDocument" />
+		<action name="procBoardDeleteDocument" type="controller" permission="write_document" standalone="false" />
+		<action name="procBoardRevertDocument" type="controller" permission="update_view" standalone="false" />
+		<action name="procBoardInsertComment" type="controller" permission="write_comment" standalone="false" />
+		<action name="procBoardDeleteComment" type="controller" permission="write_comment" standalone="false" />
+		<action name="procBoardDeleteTrackback" type="controller" permission="list,view" standalone="false" />
+		<action name="procBoardVerificationPassword" type="controller" permission="view" standalone="false" />
 		<action name="procBoardVoteDocument" type="controller" permission="view" standalone="false" />
 		
 		<action name="dispBoardAdminContent" type="view" admin_index="true" menu_name="board" menu_index="true" />

modules/document/conf/module.xml

@@ -4,7 +4,7 @@
 	<actions>
 		<action name="dispDocumentPrint" type="view" meta-noindex="true"/>
 		<action name="dispDocumentPreview" type="view" meta-noindex="true"/>
-		<action name="dispTempSavedList" type="view" permission="member" meta-noindex="true" use-ssl="true" />
+		<action name="dispTempSavedList" type="view" permission="member" meta-noindex="true" />
 		<action name="dispDocumentDeclare" type="view" permission="member" meta-noindex="true" />
 		<action name="dispDocumentManageDocument" type="view" permission="all-managers" meta-noindex="true" />
 		

modules/install/install.admin.controller.php

@@ -26,7 +26,6 @@ class installAdminController extends install
 		$oInstallController->installModule($module_name, './modules/'.$module_name);
 		$oModuleController = getController('module');
 		$oModuleController->registerActionForwardRoutes($module_name);
-		$oModuleController->registerSecureActions($module_name);
 		$this->setMessage('success_installed');
 	}
 
@@ -58,12 +57,6 @@ class installAdminController extends install
 			Rhymix\Framework\Session::start();
 			return $output;
 		}
-		$output = $oModuleController->registerSecureActions($module_name);
-		if($output instanceof BaseObject && !$output->toBool())
-		{
-			Rhymix\Framework\Session::start();
-			return $output;
-		}
 		
 		Rhymix\Framework\Session::start();
 		$this->setMessage('success_updated');

modules/install/tpl/other_config.html

@@ -50,9 +50,8 @@
 		<div class="x_control-group">
 			<label class="x_control-label">{$lang->use_ssl}</label>
 			<div class="x_controls">
-				<!--@foreach($lang->ssl_options as $key => $val)-->
-				<label for="ssl_{$key}" class="x_inline"><input type="radio" name="use_ssl" id="ssl_{$key}" value="{$key}" checked="checked"|cond="$use_ssl==$key" /> {$val}</label>
-				<!--@endforeach-->
+				<label for="ssl_always" class="x_inline"><input type="radio" name="use_ssl" id="ssl_always" value="always" checked="checked"|cond="$use_ssl !== 'none'" /> {$lang->cmd_yes}</label>
+				<label for="ssl_none" class="x_inline"><input type="radio" name="use_ssl" id="ssl_none" value="none" checked="checked"|cond="$use_ssl === 'none'" /> {$lang->cmd_no}</label>
 			</div>
 		</div>
 		<div class="x_control-group">

modules/member/conf/module.xml

@@ -2,44 +2,44 @@
 <module>
 	<grants />
 	<actions>
-		<action name="dispMemberSignUpForm" type="view" meta-noindex="true" use-ssl="true" route="signup" />
-		<action name="dispMemberLoginForm" type="view" meta-noindex="true" use-ssl="true" route="login" />
-		<action name="dispMemberFindAccount" type="view" meta-noindex="true" use-ssl="true" />
-		<action name="dispMemberResendAuthMail" type="view" meta-noindex="true" use-ssl="true" />
+		<action name="dispMemberSignUpForm" type="view" meta-noindex="true" route="signup" />
+		<action name="dispMemberLoginForm" type="view" meta-noindex="true" route="login" />
+		<action name="dispMemberFindAccount" type="view" meta-noindex="true" />
+		<action name="dispMemberResendAuthMail" type="view" meta-noindex="true" />
 		<action name="dispMemberInfo" type="view" permission="member" meta-noindex="true" route="member_info" />
-		<action name="dispMemberModifyInfo" type="view" permission="member" meta-noindex="true" use-ssl="true" />
-		<action name="dispMemberModifyPassword" type="view" permission="member" meta-noindex="true" use-ssl="true" />
-		<action name="dispMemberModifyEmailAddress" type="view" permission="member" meta-noindex="true" use-ssl="true" />
-		<action name="dispMemberLeave" type="view" permission="member" meta-noindex="true" use-ssl="true" />
-		<action name="dispMemberScrappedDocument" type="view" permission="member" meta-noindex="true" use-ssl="true" route="my_scrap" />
-		<action name="dispMemberSavedDocument" type="view" permission="member" meta-noindex="true" use-ssl="true" route="my_saved_documents" />
-		<action name="dispMemberOwnDocument" type="view" permission="member" meta-noindex="true" use-ssl="true" route="my_documents" />
-		<action name="dispMemberOwnComment" type="view" permission="member" meta-noindex="true" use-ssl="true" route="my_comments" />
-		<action name="dispMemberActiveLogins" type="view" permission="member" meta-noindex="true" use-ssl="true" route="active_logins" />
-		<action name="dispMemberModifyNicknameLog" type="view" permission="member" meta-noindex="true" use-ssl="true" />
+		<action name="dispMemberModifyInfo" type="view" permission="member" meta-noindex="true" />
+		<action name="dispMemberModifyPassword" type="view" permission="member" meta-noindex="true" />
+		<action name="dispMemberModifyEmailAddress" type="view" permission="member" meta-noindex="true" />
+		<action name="dispMemberLeave" type="view" permission="member" meta-noindex="true" />
+		<action name="dispMemberScrappedDocument" type="view" permission="member" meta-noindex="true" route="my_scrap" />
+		<action name="dispMemberSavedDocument" type="view" permission="member" meta-noindex="true" route="my_saved_documents" />
+		<action name="dispMemberOwnDocument" type="view" permission="member" meta-noindex="true" route="my_documents" />
+		<action name="dispMemberOwnComment" type="view" permission="member" meta-noindex="true" route="my_comments" />
+		<action name="dispMemberActiveLogins" type="view" permission="member" meta-noindex="true" route="active_logins" />
+		<action name="dispMemberModifyNicknameLog" type="view" permission="member" meta-noindex="true" />
 		<action name="dispMemberLogout" type="view" permission="member" meta-noindex="true" />
 		<action name="dispMemberSpammer" type="view" permission="manager" check_var="module_srl" meta-noindex="true" />
 		
 		<action name="getMemberMenu" type="model" />
 		<action name="getApiGroups" type="model" permission="root" />
 		
-		<action name="procMemberInsert" type="controller" ruleset="@insertMember" use-ssl="true" route="signup" />
+		<action name="procMemberInsert" type="controller" ruleset="@insertMember" route="signup" />
 		<action name="procMemberCheckValue" type="controller" />
-		<action name="procMemberLogin" type="controller" ruleset="@login" use-ssl="true" route="login" />
+		<action name="procMemberLogin" type="controller" ruleset="@login" route="login" />
 		<action name="procMemberRegisterDevice" type="controller" route="device/register" />
 		<action name="procMemberLoginWithDevice" type="controller" route="device/login" />
-		<action name="procMemberFindAccount" type="controller" method="GET|POST" ruleset="findAccount" use-ssl="true" />
-		<action name="procMemberFindAccountByQuestion" type="controller" method="GET|POST" use-ssl="true" />
-		<action name="procMemberAuthAccount" type="controller" method="GET|POST" use-ssl="true" />
-		<action name="procMemberAuthEmailAddress" type="controller" method="GET|POST" use-ssl="true" />
-		<action name="procMemberResendAuthMail" type="controller" ruleset="resendAuthMail" use-ssl="true" />
-		<action name="procMemberSendVerificationSMS" type="controller" use-ssl="true" />
-		<action name="procMemberConfirmVerificationSMS" type="controller" use-ssl="true" />
-		<action name="procMemberModifyInfoBefore" type="controller" permission="member" ruleset="recheckedPassword" use-ssl="true" />
-		<action name="procMemberModifyInfo" type="controller" permission="member" ruleset="@insertMember" use-ssl="true" />
-		<action name="procMemberModifyPassword" type="controller" permission="member" ruleset="modifyPassword" use-ssl="true" />
-		<action name="procMemberModifyEmailAddress" type="controller" permission="member" ruleset="modifyEmailAddress" use-ssl="true" />
-		<action name="procMemberLeave" type="controller" permission="member" ruleset="leaveMember" use-ssl="true" />
+		<action name="procMemberFindAccount" type="controller" method="GET|POST" ruleset="findAccount" />
+		<action name="procMemberFindAccountByQuestion" type="controller" method="GET|POST" />
+		<action name="procMemberAuthAccount" type="controller" method="GET|POST" />
+		<action name="procMemberAuthEmailAddress" type="controller" method="GET|POST" />
+		<action name="procMemberResendAuthMail" type="controller" ruleset="resendAuthMail" />
+		<action name="procMemberSendVerificationSMS" type="controller" />
+		<action name="procMemberConfirmVerificationSMS" type="controller" />
+		<action name="procMemberModifyInfoBefore" type="controller" permission="member" ruleset="recheckedPassword" />
+		<action name="procMemberModifyInfo" type="controller" permission="member" ruleset="@insertMember" />
+		<action name="procMemberModifyPassword" type="controller" permission="member" ruleset="modifyPassword" />
+		<action name="procMemberModifyEmailAddress" type="controller" permission="member" ruleset="modifyEmailAddress" />
+		<action name="procMemberLeave" type="controller" permission="member" ruleset="leaveMember" />
 		<action name="procMemberInsertProfileImage" type="controller" permission="member" ruleset="insertProfileImage" />
 		<action name="procMemberDeleteProfileImage" type="controller" permission="member" />
 		<action name="procMemberInsertImageName" type="controller" permission="member" ruleset="insertImageName" />

modules/module/module.controller.php

@@ -50,32 +50,6 @@ class moduleController extends module
 		return $output;
 	}
 
-	/**
-	 * @brief Add action security
-	 */
-	function insertActionSecurity($act)
-	{
-		$args = new stdClass();
-		$args->act = $act;
-		$output = executeQuery('module.insertActionSecurity', $args);
-
-		Rhymix\Framework\Cache::delete('action_security');
-		return $output;
-	}
-
-	/**
-	 * @brief Delete action security
-	 */
-	function deleteActionSecurity($act)
-	{
-		$args = new stdClass();
-		$args->act = $act;
-		$output = executeQuery('module.deleteActionSecurity', $args);
-
-		Rhymix\Framework\Cache::delete('action_security');
-		return $output;
-	}
-
 	/**
 	 * @brief Add trigger callback function
 	 * 
@@ -1390,28 +1364,6 @@ class moduleController extends module
 		
 		return new BaseObject();
 	}
-	
-	/**
-	 * Check if all secure actions are registered. If not, register them.
-	 * 
-	 * @param string $module_name
-	 * @return object
-	 */
-	public function registerSecureActions(string $module_name)
-	{
-		$action_security = ModuleModel::getActionSecurity();
-		$module_action_info = ModuleModel::getModuleActionXml($module_name);
-		
-		foreach ($module_action_info->action ?: [] as $action_name => $action_info)
-		{
-			if ($action_info->use_ssl === 'true' && !isset($action_security[$action_name]))
-			{
-				$output = $this->insertActionSecurity($action_name);
-			}
-		}
-		
-		return new BaseObject();
-	}
 }
 /* End of file module.controller.php */
 /* Location: ./modules/module/module.controller.php */

modules/module/module.model.php

@@ -602,38 +602,6 @@ class moduleModel extends module
 		return $action_forward[$act];
 	}
 
-	/**
-	 * @brief Get SSL action setting
-	 */
-	public static function getActionSecurity($act = null)
-	{
-		$action_security = Rhymix\Framework\Cache::get('action_security');
-		if($action_security === null)
-		{
-			$args = new stdClass();
-			$output = executeQueryArray('module.getActionSecurity', $args);
-			if(!$output->toBool())
-			{
-				return;
-			}
-			
-			$action_security = array();
-			foreach($output->data as $item)
-			{
-				$action_security[$item->act] = true;
-			}
-			
-			Rhymix\Framework\Cache::set('action_security', $action_security, 0, true);
-		}
-		
-		if(!isset($act))
-		{
-			return $action_security;
-		}
-		
-		return isset($action_security[$act]) ? true : false;
-	}
-
 	/**
 	 * @brief Get trigger functions
 	 */
@@ -1379,9 +1347,6 @@ class moduleModel extends module
 		
 		// Get action forward
 		$action_forward = self::getActionForward();
-		
-		// Get action security
-		$action_security = self::getActionSecurity();
 
 		foreach ($searched_list as $module_name)
 		{
@@ -1466,15 +1431,6 @@ class moduleModel extends module
 						$info->need_update = true;
 					}
 				}
-				
-				// Check if all secure actions are registered
-				foreach ($module_action_info->action ?: [] as $action_name => $action_info)
-				{
-					if ($action_info->use_ssl === 'true' && !isset($action_security[$action_name]))
-					{
-						$info->need_update = true;
-					}
-				}
 			}
 			$list[] = $info;
 		}

modules/module/queries/deleteActionSecurity.xml

@@ -1,8 +0,0 @@
-<query id="deleteActionSecurity" action="delete">
-    <tables>
-        <table name="action_security" />
-    </tables>
-    <conditions>
-        <condition operation="equal" column="act" var="act" notnull="notnull" />
-    </conditions>
-</query>

modules/module/queries/getActionSecurity.xml

@@ -1,11 +0,0 @@
-<query id="getActionSecurity" action="select">
-    <tables>
-        <table name="action_security" />
-    </tables>
-    <columns>
-        <column name="*" />
-    </columns>
-    <conditions>
-        <condition operation="equal" column="act" var="act" />
-    </conditions>
-</query>

modules/module/queries/insertActionSecurity.xml

@@ -1,8 +0,0 @@
-<query id="insertActionSecurity" action="insert">
-    <tables>
-        <table name="action_security" />
-    </tables>
-    <columns>
-        <column name="act" var="act" notnull="notnull" />
-    </columns>
-</query>

modules/module/schemas/action_security.xml

@@ -1,3 +0,0 @@
-<table name="action_security">
-    <column name="act" type="varchar" size="80" notnull="notnull" primary_key="primary_key" />
-</table>