Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

More security, loginhttps must be ON.

  • Loading branch information...
commit 76c0b226480e401aba50f4f1fcda6f6b33da9c61 1 parent 7b38062
authored July 18, 2005

Showing 1 changed file with 10 additions and 0 deletions. Show diff stats Hide diff stats

  1. 10  enrol/authorize/enrol.php
10  enrol/authorize/enrol.php
@@ -39,6 +39,10 @@ function print_entry($course) {
39 39
         exit;
40 40
     }
41 41
 
  42
+    if (!isset($_SERVER['HTTPS'])) {
  43
+        error(get_string("httpsrequired", "enrol_authorize"));
  44
+    }
  45
+
42 46
     $CCTYPES = array(
43 47
         'mcd' => 'Master Card',
44 48
         'vis' => 'Visa',
@@ -356,6 +360,9 @@ function config_form($frm) {
356 360
         if (empty($frm->an_tran_key) && empty($frm->an_password)) {
357 361
     	    notify("an_tran_key or an_password required");
358 362
         }
  363
+        if (empty($CFG->loginhttps)) {
  364
+    	    notify("\$CFG->loginhttps MUST BE ON");
  365
+        }
359 366
     }
360 367
     include($CFG->dirroot.'/enrol/authorize/config.html');
361 368
 }
@@ -365,6 +372,7 @@ function check_openssl_loaded() {
365 372
 }
366 373
 
367 374
 function process_config($config) {
  375
+    global $CFG;
368 376
 
369 377
     $return = $this->check_openssl_loaded();
370 378
 
@@ -390,6 +398,8 @@ function process_config($config) {
390 398
     if (empty($config->an_tran_key) && empty($config->an_password)) {
391 399
     	$return = false;   	
392 400
     }
  401
+    // $CFG->loginhttps must be on.
  402
+    $return = (!empty($CFG->loginhttps));
393 403
 
394 404
     if (empty($config->an_referer)) {
395 405
     	$config->an_referer = 'http://';

0 notes on commit 76c0b22

Please sign in to comment.
Something went wrong with that request. Please try again.