From 5818e44345204e2323781adb87edcfba45e246a8 Mon Sep 17 00:00:00 2001
From: alecpl <alec@alec.pl>
Date: Tue, 27 Oct 2009 09:43:39 +0000
Subject: - Fix $_SERVER['HTTPS'] check for SSL forcing on IIS (#1486243) + fix
 port check

---
 CHANGELOG                        |  1 +
 index.php                        |  2 +-
 program/include/main.inc         | 21 +++++++++++++++++++++
 program/include/rcube_shared.inc |  2 +-
 4 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 427955139..7d6e32e3c 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
 CHANGELOG RoundCube Webmail
 ===========================
 
+- Fix $_SERVER['HTTPS'] check for SSL forcing on IIS (#1486243)
 - Avoid unnecessary page loads for selected tab (#1486032)
 - Fix quota indicator issues by content generation on client-size (#1486197, #1486220)
 - Don't display disabled sections in Settings (#1486099)
diff --git a/index.php b/index.php
index e0956b4ff..e9b3676e9 100644
--- a/index.php
+++ b/index.php
@@ -66,7 +66,7 @@ if ($RCMAIL->action=='error' && !empty($_GET['_code'])) {
 // check if https is required (for login) and redirect if necessary
 if (empty($_SESSION['user_id']) && ($force_https = $RCMAIL->config->get('force_https', false))) {
   $https_port = is_bool($force_https) ? 443 : $force_https;
-  if (!(isset($_SERVER['HTTPS']) || $_SERVER['SERVER_PORT'] == $use_https || $RCMAIL->config->get('use_https'))) {
+  if (!rcube_https_check($https_port)) {
     header('Location: https://' . $_SERVER['HTTP_HOST'] . ($https_port != 443 ? ':' . $https_port : '') . $_SERVER['REQUEST_URI']);
     exit;
   }
diff --git a/program/include/main.inc b/program/include/main.inc
index 06d7780d1..aa0d3fa26 100644
--- a/program/include/main.inc
+++ b/program/include/main.inc
@@ -1400,6 +1400,27 @@ function rcube_html_editor($mode='')
 }
 
 
+/**
+ * Check if working in SSL mode
+ *
+ * @param integer HTTPS port number
+ * @param boolean Enables 'use_https' option checking
+ */
+function rcube_https_check($port=null, $use_https=true)
+{
+  global $RCMAIL;
+  
+  if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')
+    return true;
+  if ($port && $_SERVER['SERVER_PORT'] == $port)
+    return true;
+  if ($use_https && $RCMAIL->config->get('use_https'))
+    return true;
+
+  return false;
+}
+
+
 /**
  * E-mail address validation
  */
diff --git a/program/include/rcube_shared.inc b/program/include/rcube_shared.inc
index 97314ccd1..4119f1287 100644
--- a/program/include/rcube_shared.inc
+++ b/program/include/rcube_shared.inc
@@ -41,7 +41,7 @@ function send_nocacheing_headers()
   header("Pragma: no-cache");
   
   // We need to set the following headers to make downloads work using IE in HTTPS mode.
-  if (isset($_SERVER['HTTPS']) || rcmail::get_instance()->config->get('use_https')) {
+  if (rcube_https_check()) {
     header('Pragma: ');
     header('Cache-Control: ');
   }
-- 
cgit v1.2.3