Skip to content

Commit 66453fd

Browse files
committed
Correct the webinterface HTTPS warning
The current HTTPS detection does not work with a load balancer between the rank system and the client. Therefore the detection is moved to the client side (javascript).
1 parent 8f1eb92 commit 66453fd

3 files changed

Lines changed: 30 additions & 19 deletions

File tree

other/_functions.php

Lines changed: 21 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -55,33 +55,39 @@ function enter_logfile($cfg,$loglevel,$logtext,$norotate = false) {
5555
}
5656
}
5757

58-
function error_handling($msg,$type = NULL) {
58+
function error_handling_str_builder($msg,$type = NULL) {
59+
$string = '';
5960
if(strstr($type, '#') && strstr($msg, '#####')) {
6061
$type_arr = explode('#', $type);
6162
$msg_arr = explode('#####', $msg);
6263
$cnt = 0;
63-
64+
6465
foreach($msg_arr as $msg) {
6566
switch ($type_arr[$cnt]) {
66-
case NULL: echo '<div class="alert alert-success alert-dismissible">'; break;
67-
case 0: echo '<div class="alert alert-success alert-dismissible">'; break;
68-
case 1: echo '<div class="alert alert-info alert-dismissible">'; break;
69-
case 2: echo '<div class="alert alert-warning alert-dismissible">'; break;
70-
case 3: echo '<div class="alert alert-danger alert-dismissible">'; break;
67+
case NULL: $string .= '<div class="alert alert-success alert-dismissible">'; break;
68+
case 0: $string .= '<div class="alert alert-success alert-dismissible">'; break;
69+
case 1: $string .= '<div class="alert alert-info alert-dismissible">'; break;
70+
case 2: $string .= '<div class="alert alert-warning alert-dismissible">'; break;
71+
case 3: $string .= '<div class="alert alert-danger alert-dismissible">'; break;
7172
}
72-
echo '<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>',$msg_arr[$cnt],'</div>';
73+
$string .= '<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>' . $msg_arr[$cnt] . '</div>';
7374
$cnt++;
7475
}
7576
} else {
7677
switch ($type) {
77-
case NULL: echo '<div class="alert alert-success alert-dismissible">'; break;
78-
case 0: echo '<div class="alert alert-success alert-dismissible">'; break;
79-
case 1: echo '<div class="alert alert-info alert-dismissible">'; break;
80-
case 2: echo '<div class="alert alert-warning alert-dismissible">'; break;
81-
case 3: echo '<div class="alert alert-danger alert-dismissible">'; break;
78+
case NULL: $string .= '<div class="alert alert-success alert-dismissible">'; break;
79+
case 0: $string .= '<div class="alert alert-success alert-dismissible">'; break;
80+
case 1: $string .= '<div class="alert alert-info alert-dismissible">'; break;
81+
case 2: $string .= '<div class="alert alert-warning alert-dismissible">'; break;
82+
case 3: $string .= '<div class="alert alert-danger alert-dismissible">'; break;
8283
}
83-
echo '<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>',$msg,'</div>';
84+
$string .= '<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>' . $msg . '</div>';
8485
}
86+
return $string;
87+
}
88+
89+
function error_handling($msg,$type = NULL) {
90+
echo error_handling_str_builder($msg,$type);
8591
}
8692

8793
function getclientip() {
@@ -480,4 +486,4 @@ function start_session($cfg) {
480486
session_start();
481487
return $prot;
482488
}
483-
?>
489+
?>

webinterface/_nav.php

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -272,8 +272,12 @@
272272
$err_msg = $lang['winav11']; $err_lvl = 2;
273273
}
274274

275-
if((!isset($_SERVER['HTTPS']) || isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != "on") && !isset($err_msg) && basename($_SERVER['SCRIPT_NAME']) == "index.php") {
275+
$js_test_https = '';
276+
if(!isset($err_msg) && basename($_SERVER['SCRIPT_NAME']) == "index.php") {
276277
$host = "<a href=\"https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\')."\">";
277-
$err_msg = sprintf($lang['winav10'], $host,'</a>!<br>', '<br>'); $err_lvl = 2;
278+
$msg = sprintf($lang['winav10'], $host,'</a>!<br>', '<br>');
279+
$js_test_https = '<script> if (location.protocol !== \'https:\') {';
280+
$js_test_https .= 'document.write(\'' . error_handling_str_builder($msg, 2) . '\')';
281+
$js_test_https .= '} </script>';
278282
}
279-
?>
283+
?>

webinterface/index.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -102,6 +102,7 @@
102102
?>
103103
<div id="page-wrapper">
104104
<?PHP if(isset($err_msg)) error_handling($err_msg, $err_lvl); ?>
105+
<?PHP echo $js_test_https ?>
105106
<div class="container-fluid">
106107
<div id="login-overlay" class="modal-dialog">
107108
<div class="modal-content">
@@ -152,4 +153,4 @@
152153
</html>
153154
<?PHP
154155
} catch(Throwable $ex) { }
155-
?>
156+
?>

0 commit comments

Comments
 (0)