diff --git a/admin/index.php b/admin/index.php
index 6d97e525a2deb..0db307f38eb7b 100644
--- a/admin/index.php
+++ b/admin/index.php
@@ -574,6 +574,13 @@
print_box(get_string('datarootsecuritywarning', 'admin', $CFG->dataroot), 'generalbox adminwarning');
}
+ if (substr($CFG->wwwroot, -1) == '/') {
+ print_box(get_string('cfgwwwrootslashwarning', 'admin'), 'generalbox adminwarning');
+ }
+ if (strpos($ME, $CFG->httpswwwroot.'/') === false) {
+ print_box(get_string('cfgwwwrootwarning', 'admin'), 'generalbox adminwarning');
+ }
+
/// If no recently cron run
$lastcron = get_field_sql('SELECT max(lastcron) FROM ' . $CFG->prefix . 'modules');
if (time() - $lastcron > 3600 * 24) {
diff --git a/lang/en_utf8/admin.php b/lang/en_utf8/admin.php
index 7b95eb5cab0d0..cdbddf4a88636 100644
--- a/lang/en_utf8/admin.php
+++ b/lang/en_utf8/admin.php
@@ -36,6 +36,8 @@
$string['cachetype'] = 'Cache Type';
$string['calendar_weekend'] = 'Weekend Days';
$string['calendarsettings'] = 'Calendar';
+$string['cfgwwwrootwarning'] = 'You have defined $CFG->wwwroot incorrectly in your config.php file. It does not match the URL you are using to access this page. Please correct it, or you will experience strange bugs like MDL-11061.';
+$string['cfgwwwrootslashwarning'] = 'You have defined $CFG->wwwroot incorrectly in your config.php file. You have included a \'/\' character at the end. Please remove it, or you will experience strange bugs like MDL-11061.';
$string['change'] = 'change';
$string['changesitelang'] = 'Change site language';
$string['choosefiletoedit'] = 'Choose file to edit';
diff --git a/lib/weblib.php b/lib/weblib.php
index 209916bcc478c..72b20cef1931f 100644
--- a/lib/weblib.php
+++ b/lib/weblib.php
@@ -271,6 +271,9 @@ function qualified_me() {
}
}
+ // TODO, this does not work in the situation described in MDL-11061, but
+ // I don't know how to fix it. Possibly believe $CFG->wwwroot ahead of what
+ // the server reports.
if (isset($_SERVER['HTTPS'])) {
$protocol = ($_SERVER['HTTPS'] == 'on') ? 'https://' : 'http://';
} else if (isset($_SERVER['SERVER_PORT'])) { # Apache2 does not export $_SERVER['HTTPS']