From 8a33e3717d19e1d2d650634e301d23a82438c136 Mon Sep 17 00:00:00 2001
From: moodler <moodler>
Date: Sat, 19 Jun 2004 16:13:28 +0000
Subject: [PATCH] Based on code from Janne - this allows secure logins via
 https

   $CFG->loginhttps

After logging in via https, Moodle returns to a normal http URL


More info:  http://moodle.org/mod/forum/discuss.php?d=8555
---
 config-dist.php   |  6 ++++++
 index.php         |  7 ++++++-
 lib/moodlelib.php |  7 ++++++-
 lib/weblib.php    | 18 ++++++++++++++----
 login/index.php   |  7 ++++++-
 5 files changed, 38 insertions(+), 7 deletions(-)

diff --git a/config-dist.php b/config-dist.php
index 851bd7dce6..c4dfa56db8 100644
--- a/config-dist.php
+++ b/config-dist.php
@@ -161,6 +161,12 @@ $CFG->admin = 'admin';
 // most likely doesn't work yet.   THIS IS FOR DEVELOPERS ONLY, IT IS
 // NOT RECOMMENDED FOR PRODUCTION SITES
 //      $CFG->unicode = true;
+//
+// Turning this on will make Moodle use a https connection just for the 
+// login page (providing a secure login), and then afterwards revert 
+// back to the normal http URL.  Requires https to be enabled on the 
+// web server.
+//      $CFG->loginhttps = true;
 
 
 
diff --git a/index.php b/index.php
index 4ddf7f75b8..44a99b4cf5 100644
--- a/index.php
+++ b/index.php
@@ -28,7 +28,12 @@
     }
 
     if (empty($USER->id)) {
-        $loginstring = "<font size=2><a href=\"$CFG->wwwroot/login/index.php\">".get_string("login")."</a></font>";
+        if (empty($CFG->loginhttps)) {
+            $wwwroot = $CFG->wwwroot;
+        } else {
+            $wwwroot = str_replace('http','https',$CFG->wwwroot);
+        }
+        $loginstring = "<font size=2><a href=\"$wwwroot/login/index.php\">".get_string("login")."</a></font>";
     } else {
         $loginstring = "<font size=1>".user_login_string($site)."</font>";
     }
diff --git a/lib/moodlelib.php b/lib/moodlelib.php
index 9219f2024c..80a78432b5 100644
--- a/lib/moodlelib.php
+++ b/lib/moodlelib.php
@@ -365,7 +365,12 @@ function require_login($courseid=0) {
             $SESSION->fromurl  = $_SERVER["HTTP_REFERER"];
         }
         $USER = NULL;
-        redirect("$CFG->wwwroot/login/index.php");
+        if (empty($CFG->loginhttps)) {
+            redirect("$CFG->wwwroot/login/index.php");
+        } else {
+            $wwwroot = str_replace('http','https',$CFG->wwwroot);
+            redirect("$wwwroot/login/index.php");
+        }
         die;
     }
 
diff --git a/lib/weblib.php b/lib/weblib.php
index 900c4ba11e..54f71e265c 100644
--- a/lib/weblib.php
+++ b/lib/weblib.php
@@ -953,10 +953,15 @@ function print_header ($title="", $heading="", $navigation="", $focus="", $meta=
     }
 
     if (!$menu and $navigation) {
+        if (empty($CFG->loginhttps)) {
+            $wwwroot = $CFG->wwwroot;
+        } else {
+            $wwwroot = str_replace('http','https',$CFG->wwwroot);
+        }
         if (isset($USER->id)) {
-            $menu = "<font size=\"2\"><a target=\"$CFG->framename\" href=\"$CFG->wwwroot/login/logout.php\">".get_string("logout")."</a></font>";
+            $menu = "<font size=\"2\"><a target=\"$CFG->framename\" href=\"$wwwroot/login/logout.php\">".get_string("logout")."</a></font>";
         } else {
-            $menu = "<font size=\"2\"><a target=\"$CFG->framename\" href=\"$CFG->wwwroot/login/index.php\">".get_string("login")."</a></font>";
+            $menu = "<font size=\"2\"><a target=\"$CFG->framename\" href=\"$wwwroot/login/index.php\">".get_string("login")."</a></font>";
         }
     }
 
@@ -1076,18 +1081,23 @@ function user_login_string($course, $user=NULL) {
     }
 
     if (isset($user->id) and $user->id) {
+        if (empty($CFG->loginhttps)) {
+            $wwwroot = $CFG->wwwroot;
+        } else {
+            $wwwroot = str_replace('http','https',$CFG->wwwroot);
+        }
         $fullname = fullname($user, true);
         $username = "<a target=\"{$CFG->framename}\" href=\"$CFG->wwwroot/user/view.php?id=$user->id&amp;course=$course->id\">$fullname</a>";
         if (isguest($user->id)) {
             $loggedinas = $realuserinfo.get_string("loggedinas", "moodle", "$username").
-                      " (<a target=\"{$CFG->framename}\" href=\"$CFG->wwwroot/login/index.php\">".get_string("login")."</a>)";
+                      " (<a target=\"{$CFG->framename}\" href=\"$wwwroot/login/index.php\">".get_string("login")."</a>)";
         } else {
             $loggedinas = $realuserinfo.get_string("loggedinas", "moodle", "$username").
                       " (<a target=\"{$CFG->framename}\" href=\"$CFG->wwwroot/login/logout.php\">".get_string("logout")."</a>)";
         }
     } else {
         $loggedinas = get_string("loggedinnot", "moodle").
-                      " (<a target=\"{$CFG->framename}\" href=\"$CFG->wwwroot/login/index.php\">".get_string("login")."</a>)";
+                      " (<a target=\"{$CFG->framename}\" href=\"$wwwroot/login/index.php\">".get_string("login")."</a>)";
     }
     return $loggedinas;
 }
diff --git a/login/index.php b/login/index.php
index 91150dd08f..b70e72e31b 100644
--- a/login/index.php
+++ b/login/index.php
@@ -125,7 +125,12 @@
     } else {
         $currlang = current_language();
         $langs    = get_list_of_languages();
-        $langmenu = popup_form ("$CFG->wwwroot/login/index.php?lang=", $langs, "chooselang", $currlang, "", "", "", true);
+        if (empty($CFG->loginhttps)) {
+            $wwwroot = $CFG->wwwroot;
+        } else {
+            $wwwroot = str_replace('http','https',$CFG->wwwroot);
+        }
+        $langmenu = popup_form ("$wwwroot/login/index.php?lang=", $langs, "chooselang", $currlang, "", "", "", true);
     }
 
     $loginsite = get_string("loginsite");
-- 
2.39.5