From f5d61d845f8cfce4c7b559a900df846947e45b00 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Wed, 21 Oct 2009 08:47:40 +0000
Subject: Revert r3038 and allow to specify the port as value of force_https

---
 config/main.inc.php.dist            |  5 +++++
 index.php                           |  9 +++++++++
 plugins/force_https/force_https.php | 38 -------------------------------------
 3 files changed, 14 insertions(+), 38 deletions(-)
 delete mode 100644 plugins/force_https/force_https.php

diff --git a/config/main.inc.php.dist b/config/main.inc.php.dist
index 7fbf97132..efa45957c 100644
--- a/config/main.inc.php.dist
+++ b/config/main.inc.php.dist
@@ -49,6 +49,11 @@ $rcmail_config['enable_caching'] = FALSE;
 // possible units: s, m, h, d, w
 $rcmail_config['message_cache_lifetime'] = '10d';
 
+// enforce connections over https
+// with this option enabled, all non-secure connections will be redirected.
+// set the port for the ssl connection as value of this option if it differs from the default 443
+$rcmail_config['force_https'] = FALSE;
+
 // automatically create a new RoundCube user when log-in the first time.
 // a new user will be created once the IMAP login succeeds.
 // set to false if only registered users can use this service
diff --git a/index.php b/index.php
index 4ae71e1cf..e0956b4ff 100644
--- a/index.php
+++ b/index.php
@@ -63,6 +63,15 @@ if ($RCMAIL->action=='error' && !empty($_GET['_code'])) {
   raise_error(array('code' => hexdec($_GET['_code'])), FALSE, TRUE);
 }
 
+// check if https is required (for login) and redirect if necessary
+if (empty($_SESSION['user_id']) && ($force_https = $RCMAIL->config->get('force_https', false))) {
+  $https_port = is_bool($force_https) ? 443 : $force_https;
+  if (!(isset($_SERVER['HTTPS']) || $_SERVER['SERVER_PORT'] == $use_https || $RCMAIL->config->get('use_https'))) {
+    header('Location: https://' . $_SERVER['HTTP_HOST'] . ($https_port != 443 ? ':' . $https_port : '') . $_SERVER['REQUEST_URI']);
+    exit;
+  }
+}
+
 // trigger startup plugin hook
 $startup = $RCMAIL->plugins->exec_hook('startup', array('task' => $RCMAIL->task, 'action' => $RCMAIL->action));
 $RCMAIL->set_task($startup['task']);
diff --git a/plugins/force_https/force_https.php b/plugins/force_https/force_https.php
deleted file mode 100644
index 67552570e..000000000
--- a/plugins/force_https/force_https.php
+++ /dev/null
@@ -1,38 +0,0 @@
-<?php
-
-/**
- * Enforce secure HTTPs connection for login
- *
- * Configuration:
- * // Port for https connection
- * $rcmail_config['force_https_port'] = 443;
- *
- * @version 1.0
- * @author Aleksander 'A.L.E.C' Machniak <alec@alec.pl>
- */
-class force_https extends rcube_plugin
-{
-  function init()
-  {
-    $this->add_hook('startup', array($this, 'redirect'));
-  }
-
-  function redirect($args)
-  {
-    $config = rcmail::get_instance()->config;
-    
-    $port = (int) $config->get('force_https_port', 443);
-
-    // check if https is required (for login) and redirect if necessary
-    if (empty($_SESSION['user_id']) && !$config->get('use_https')
-	&& (!isset($_SERVER['HTTPS']) || $_SERVER['SERVER_PORT'] != $port))
-    {
-      header('Location: https://' . $_SERVER['HTTP_HOST'] . ($port != 443 ? ":$port" : '') . $_SERVER['REQUEST_URI']);
-      exit;
-    }
-	
-    return $args;
-  }
-}
-
-?>
-- 
cgit v1.2.3