[pmwiki-users] SwitchToSSLMode

Maria McKinley mariak at mariakathryn.net
Tue Feb 26 18:45:14 CST 2013 

Yay, solved! So for others reference, here is what I did. I combined the
last suggestion by jtankers from the http://www.pmwiki
.org/wiki/Cookbook/SwitchToSSLMode web page and the hint from Patrick to
get this (had to include all new path variables because of the way my site
is set up, but this may not always be necessary):

include_once("scripts/authuser.php");

##  Set URL to http or https,
##  Open Source 2007/09/13pm jtankers/PmWiki 2.2.0-beta63
function ChangeUrlScheme($urlscheme) {
  $url = array();
  $query = '';
  reset($_GET);
  while(list($name,$value) = each($_GET)) {
    if (!empty($value)) {
      $url[$name] = $name."=".urlencode($value);
      $query = '?';
    }
  }
  header("Location: ".$urlscheme."://".$_SERVER['HTTP_HOST']
         .$_SERVER['PHP_SELF'].$query.implode("&",$url));
  exit;
}

# check to see if logged in or attempting to login, if so switch to ssl
if (@$AuthId
    || substr_count($pagename, 'SiteAdmin')
    || substr_count($action, 'login')
    ) {
  $ScriptUrl = 'https://www.example.com/pmwiki/pmwiki.php';
  $PubDirUrl = 'https://www.example.com/pmwiki/pub';
  $UploadUrlFmt = "https:/www.example.com/uploads";
  $UploadDir = "pmwiki/uploads";
  if (@$_SERVER['SERVER_PORT'] != '443') ChangeUrlScheme('https');
    # ... other switch-to-ssl stuff here
 } else {
  if (@$_SERVER['SERVER_PORT'] == '443') ChangeUrlScheme('http');
 }

Thanks! I like the idea of everything being ssl as long as one is logged
in. Seems cleaner than going back and forth depending on whether you are
actually editing or not.

cheers,
maria

On Tue, Feb 26, 2013 at 6:58 AM, Patrick R. Michaud <pmichaud at pobox.com>wrote:

> Depending on what sort of authentication system you're using, it'd
> be something like:
>
>     include_once("scripts/authuser.php");
>     if (@$AuthId) {
>         $ScriptUrl = 'https://www.example.com/pmwiki/pmwiki.php';
>         $PubDirUrl = 'https://www.example.com/pmwiki/pub';
>         # ... other switch-to-ssl stuff here
>     }
>
> Essentially, load the authentication system and let it do its
> thing, then check $AuthId to determine if the visitor has
> logged in yet.  If they have, then switch everything over to SSL.
>
> Pm
>
>
> On Sun, Feb 24, 2013 at 10:39:41PM -0800, Maria McKinley wrote:
> > Does anyone know if there is a way to detect from config.php if a user is
> > logged in or not? Most of the recipes in SwitchToSSLMode assume you just
> want
> > the login itself to use ssl, or at most just certain actions to use ssl.
> But it
> > seems that the way my wiki is set up, switching back and forth between
> ssl and
> > not causes the site to forget that someone is logged in. So, I'd like ssl
> > always on if you are logged in; so the logic in config.php would be that
> if the
> > action is login or if the user is already logged in, then pages are sent
> via
> > ssl, otherwise http.
> >
> > thanks,
> > maria
>
> > _______________________________________________
> > pmwiki-users mailing list
> > pmwiki-users at pmichaud.com
> > http://www.pmichaud.com/mailman/listinfo/pmwiki-users
>
> --
> Maria Mckinley
> Programmer and System Administrator
> <http://www.pmichaud.com/mailman/listinfo/pmwiki-users>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pmichaud.com/pipermail/pmwiki-users/attachments/20130226/14a6bfda/attachment.html>

More information about the pmwiki-users mailing list