diff options
Diffstat (limited to 'boot.php')
-rwxr-xr-x | boot.php | 41 |
1 files changed, 28 insertions, 13 deletions
@@ -9,8 +9,8 @@ require_once('include/nav.php'); require_once('include/cache.php'); define ( 'FRIENDICA_PLATFORM', 'Friendica'); -define ( 'FRIENDICA_VERSION', '2.3.1280' ); -define ( 'DFRN_PROTOCOL_VERSION', '2.22' ); +define ( 'FRIENDICA_VERSION', '2.3.1281' ); +define ( 'DFRN_PROTOCOL_VERSION', '2.23' ); define ( 'DB_UPDATE_VERSION', 1131 ); define ( 'EOL', "<br />\r\n" ); @@ -379,11 +379,22 @@ class App { $scheme = $this->scheme; - if(x($this->config,'ssl_policy')) { - if(($ssl) || ($this->config['ssl_policy'] == SSL_POLICY_FULL)) - $scheme = 'https'; - if(($this->config['ssl_policy'] == SSL_POLICY_SELFSIGN) && (local_user() || x($_POST,'auth-params'))) + if((x($this->config,'system')) && (x($this->config['system'],'ssl_policy'))) { + if($this->config['system']['ssl_policy'] == SSL_POLICY_FULL) $scheme = 'https'; + +// We need to populate the $ssl flag across the entire program before turning this on. +// Basically, we'll have $ssl = true on any links which can only be seen by a logged in user +// (and also the login link). Anything seen by an outsider will have it turned off. +// At present, setting SSL_POLICY_SELFSIGN will only force remote contacts to update their +// contact links to this site with "http:" if they are currently using "https:" + +// if($this->config['system']['ssl_policy'] == SSL_POLICY_SELFSIGN) { +// if($ssl) +// $scheme = 'https'; +// else +// $scheme = 'http'; +// } } $this->baseurl = $scheme . "://" . $this->hostname . ((isset($this->path) && strlen($this->path)) ? '/' . $this->path : '' ); @@ -685,6 +696,7 @@ function get_guid($size=16) { if(! function_exists('login')) { function login($register = false, $hiddens=false) { + $a = get_app(); $o = ""; $reg = false; if ($register) { @@ -704,23 +716,26 @@ function login($register = false, $hiddens=false) { } + $dest_url = $a->get_baseurl(true) . '/' . $a->query_string; $o .= replace_macros($tpl,array( - '$logout' => t('Logout'), - '$login' => t('Login'), + + '$dest_url' => $dest_url, + '$logout' => t('Logout'), + '$login' => t('Login'), '$lname' => array('username', t('Nickname or Email address: ') , '', ''), '$lpassword' => array('password', t('Password: '), '', ''), '$openid' => !$noid, - '$lopenid' => array('openid_url', t('Or login using OpenID: '),'',''), + '$lopenid' => array('openid_url', t('Or login using OpenID: '),'',''), - '$hiddens' => $hiddens, + '$hiddens' => $hiddens, - '$register' => $reg, + '$register' => $reg, - '$lostpass' => t('Forgot your password?'), - '$lostlink' => t('Password Reset'), + '$lostpass' => t('Forgot your password?'), + '$lostlink' => t('Password Reset'), )); call_hooks('login_hook',$o); |