Permalink
Browse files

More security, loginhttps must be ON.

  • Loading branch information...
1 parent 7b38062 commit 76c0b226480e401aba50f4f1fcda6f6b33da9c61 ethem committed Jul 18, 2005
Showing with 10 additions and 0 deletions.
  1. +10 −0 enrol/authorize/enrol.php
View
10 enrol/authorize/enrol.php
@@ -39,6 +39,10 @@ function print_entry($course) {
exit;
}
+ if (!isset($_SERVER['HTTPS'])) {
+ error(get_string("httpsrequired", "enrol_authorize"));
+ }
+
$CCTYPES = array(
'mcd' => 'Master Card',
'vis' => 'Visa',
@@ -356,6 +360,9 @@ function config_form($frm) {
if (empty($frm->an_tran_key) && empty($frm->an_password)) {
notify("an_tran_key or an_password required");
}
+ if (empty($CFG->loginhttps)) {
+ notify("\$CFG->loginhttps MUST BE ON");
+ }
}
include($CFG->dirroot.'/enrol/authorize/config.html');
}
@@ -365,6 +372,7 @@ function check_openssl_loaded() {
}
function process_config($config) {
+ global $CFG;
$return = $this->check_openssl_loaded();
@@ -390,6 +398,8 @@ function process_config($config) {
if (empty($config->an_tran_key) && empty($config->an_password)) {
$return = false;
}
+ // $CFG->loginhttps must be on.
+ $return = (!empty($CFG->loginhttps));
if (empty($config->an_referer)) {
$config->an_referer = 'http://';

0 comments on commit 76c0b22

Please sign in to comment.