* [gentoo-commits] proj/bouncer:master commit in: php/, php/inc/, php/rss/, php/cfg/, php/admin/
@ 2018-12-10 5:09 Robin H. Johnson
0 siblings, 0 replies; only message in thread
From: Robin H. Johnson @ 2018-12-10 5:09 UTC (permalink / raw
To: gentoo-commits
commit: 2a8844ce2c1ebe0f206ea366120eea3734a9cbd3
Author: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
AuthorDate: Mon Dec 10 05:08:59 2018 +0000
Commit: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
CommitDate: Mon Dec 10 05:08:59 2018 +0000
URL: https://gitweb.gentoo.org/proj/bouncer.git/commit/?id=2a8844ce
Avoid HTTP downgrades
Signed-off-by: Robin H. Johnson <robbat2 <AT> gentoo.org>
php/admin/index.php | 4 ++--
php/admin/locations.php | 4 ++--
php/admin/login.php | 2 +-
php/admin/logout.php | 2 +-
php/admin/os.php | 4 ++--
php/admin/products.php | 4 ++--
php/admin/regions.php | 4 ++--
php/admin/users.php | 4 ++--
php/cfg/admin_init.php | 2 +-
php/cfg/init.php | 2 ++
| 6 +++---
php/index.php | 2 +-
| 10 +++++-----
13 files changed, 26 insertions(+), 24 deletions(-)
diff --git a/php/admin/index.php b/php/admin/index.php
index 1e08189..e058900 100644
--- a/php/admin/index.php
+++ b/php/admin/index.php
@@ -11,7 +11,7 @@ require_once('../cfg/init.php');
if (!empty($_POST['add-submit'])) {
if (Mirror::insert_mirror($_POST['mirror_name'],$_POST['region_id'],$_POST['mirror_baseurl'],$_POST['mirror_rating'])) {
set_msg('Mirror added successfully.');
- header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/');
+ header('Location: '.$_SERVER['HTTP_PROTO'].'://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/');
exit;
} else {
set_error('Mirror could not be added because of an unknown error.');
@@ -26,7 +26,7 @@ if (!empty($_POST['submit'])) {
if (!empty($_POST['doit'])) {
if (Mirror::update_mirror($_POST['mirror_id'],$_POST['mirror_name'],$_POST['region_id'],$_POST['mirror_baseurl'],$_POST['mirror_rating'])) {
set_msg('Mirror updated successfully.');
- header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/');
+ header('Location: '.$_SERVER['HTTP_PROTO'].'://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/');
exit;
} else {
set_error('Mirror update failed.');
diff --git a/php/admin/locations.php b/php/admin/locations.php
index 029594e..4069452 100644
--- a/php/admin/locations.php
+++ b/php/admin/locations.php
@@ -11,7 +11,7 @@ require_once('../cfg/init.php');
if (!empty($_POST['add-submit'])&&!empty($_POST['location_path'])) {
if (Mirror::insert_location($_POST['product_id'],$_POST['os_id'],$_POST['location_path'])) {
set_msg('Location added successfully.');
- header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/locations.php');
+ header('Location: '.$_SERVER['HTTP_PROTO'].'://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/locations.php');
exit;
} else {
set_error('Location could not be added because of an unknown error.');
@@ -26,7 +26,7 @@ if (!empty($_POST['submit'])) {
if (!empty($_POST['doit'])) {
if (Mirror::update_location($_POST['location_id'],$_POST['product_id'],$_POST['os_id'],$_POST['location_path'])) {
set_msg('Location updated successfully.');
- header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/locations.php');
+ header('Location: '.$_SERVER['HTTP_PROTO'].'://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/locations.php');
exit;
} else {
set_error('Location update failed.');
diff --git a/php/admin/login.php b/php/admin/login.php
index 455c556..51c7ee4 100644
--- a/php/admin/login.php
+++ b/php/admin/login.php
@@ -11,7 +11,7 @@ require_once(LIB.'/auth.php');
if (!empty($_POST['submit'])) {
if ($auth = Auth::query($_POST['username'],$_POST['password'])) {
Auth::create_session($auth);
- header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/');
+ header('Location: '.$_SERVER['HTTP_PROTO'].'://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/');
exit;
} else {
$msg = 'Authentication failed. Please check username and password and try again.';
diff --git a/php/admin/logout.php b/php/admin/logout.php
index f876efe..0219191 100644
--- a/php/admin/logout.php
+++ b/php/admin/logout.php
@@ -7,4 +7,4 @@
require_once('../cfg/init.php');
require_once(LIB.'/auth.php');
Auth::logout();
-header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/login.php');
+header('Location: '.$_SERVER['HTTP_PROTO'].'://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/login.php');
diff --git a/php/admin/os.php b/php/admin/os.php
index 8be6c0e..f554094 100644
--- a/php/admin/os.php
+++ b/php/admin/os.php
@@ -11,7 +11,7 @@ require_once('../cfg/init.php');
if (!empty($_POST['add-submit'])&&!empty($_POST['os_name'])) {
if (Mirror::insert_os($_POST['os_name'],$_POST['os_priority'])) {
set_msg('OS added successfully.');
- header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/os.php');
+ header('Location: '.$_SERVER['HTTP_PROTO'].'://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/os.php');
exit;
} else {
set_error('OS could not be added because of an unknown error.');
@@ -26,7 +26,7 @@ if (!empty($_POST['submit'])) {
if (!empty($_POST['doit'])) {
if (Mirror::update_os($_POST['os_id'],$_POST['os_name'],$_POST['os_priority'])) {
set_msg('OS updated successfully.');
- header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/os.php');
+ header('Location: '.$_SERVER['HTTP_PROTO'].'://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/os.php');
exit;
} else {
set_error('OS update failed.');
diff --git a/php/admin/products.php b/php/admin/products.php
index fbf5e87..d97efdc 100644
--- a/php/admin/products.php
+++ b/php/admin/products.php
@@ -11,7 +11,7 @@ require_once('../cfg/init.php');
if (!empty($_POST['add-submit'])&&!empty($_POST['product_name'])) {
if (Mirror::insert_product($_POST['product_name'],$_POST['product_priority'])) {
set_msg('Product added successfully.');
- header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/products.php');
+ header('Location: '.$_SERVER['HTTP_PROTO'].'://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/products.php');
exit;
} else {
set_error('Product could not be added because of an unknown error.');
@@ -26,7 +26,7 @@ if (!empty($_POST['submit'])) {
if (!empty($_POST['doit'])) {
if (Mirror::update_product($_POST['product_id'],$_POST['product_name'],$_POST['product_priority'])) {
set_msg('Product updated successfully.');
- header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/products.php');
+ header('Location: '.$_SERVER['HTTP_PROTO'].'://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/products.php');
exit;
} else {
set_error('Product update failed.');
diff --git a/php/admin/regions.php b/php/admin/regions.php
index 370f953..5028a03 100644
--- a/php/admin/regions.php
+++ b/php/admin/regions.php
@@ -11,7 +11,7 @@ require_once('../cfg/init.php');
if (!empty($_POST['add-submit'])&&!empty($_POST['region_name'])) {
if (Mirror::insert_region($_POST['region_name'],$_POST['region_priority'])) {
set_msg('Region added successfully.');
- header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/regions.php');
+ header('Location: '.$_SERVER['HTTP_PROTO'].'://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/regions.php');
exit;
} else {
set_error('Region could not be added because of an unknown error.');
@@ -26,7 +26,7 @@ if (!empty($_POST['submit'])) {
if (!empty($_POST['doit'])) {
if (Mirror::update_region($_POST['region_id'],$_POST['region_name'],$_POST['region_priority'])) {
set_msg('Region updated successfully.');
- header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/regions.php');
+ header('Location: '.$_SERVER['HTTP_PROTO'].'://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/regions.php');
exit;
} else {
set_error('Region update failed.');
diff --git a/php/admin/users.php b/php/admin/users.php
index c200a70..b3a0d20 100644
--- a/php/admin/users.php
+++ b/php/admin/users.php
@@ -11,7 +11,7 @@ require_once('../cfg/init.php');
if (!empty($_POST['add-submit'])&&!empty($_POST['username'])&&!empty($_POST['password'])&&!empty($_POST['rpassword'])) {
if (Mirror::insert_user($_POST['username'],$_POST['password'],$_POST['rpassword'],$_POST['user_firstname'],$_POST['user_lastname'],$_POST['user_email'])) {
set_msg('User added successfully.');
- header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/users.php');
+ header('Location: '.$_SERVER['HTTP_PROTO'].'://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/users.php');
exit;
} else {
set_error('User could not be added because of an unknown error.');
@@ -26,7 +26,7 @@ if (!empty($_POST['submit'])) {
if (!empty($_POST['doit'])) {
if (Mirror::update_user($_POST['user_id'],$_POST['username'],$_POST['password'],$_POST['rpassword'],$_POST['user_firstname'],$_POST['user_lastname'],$_POST['user_email'])) {
set_msg('User updated successfully.');
- header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/users.php');
+ header('Location: '.$_SERVER['HTTP_PROTO'].'://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/users.php');
exit;
} else {
set_error('User update failed.');
diff --git a/php/cfg/admin_init.php b/php/cfg/admin_init.php
index 68f3063..0819201 100644
--- a/php/cfg/admin_init.php
+++ b/php/cfg/admin_init.php
@@ -8,7 +8,7 @@ require_once(LIB.'/auth.php'); // auth functions
require_once(LIB.'/forms.php'); // form library
if (!Auth::is_valid_session()) {
- header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/login.php');
+ header('Location: '.$_SERVER['HTTP_PROTO'].'://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/login.php');
exit;
}
diff --git a/php/cfg/init.php b/php/cfg/init.php
index 80f545f..20c671e 100644
--- a/php/cfg/init.php
+++ b/php/cfg/init.php
@@ -5,6 +5,8 @@
* @subpackage cfg
*/
require_once('config.php'); // config file that defines constants
+// Make it easier for variables
+$_SERVER['HTTP_PROTO'] = $_SERVER['HTTPS'] === 'on' ? 'https' : 'http';
require_once(LIB.'/util.php'); // util file for random functions (no SQL here)
require_once(LIB.'/csv.php'); // util file for random functions (no SQL here)
$start = microtime_float(); // start timer
--git a/php/inc/header.php b/php/inc/header.php
index dbe97b2..3f5afdf 100644
--- a/php/inc/header.php
+++ b/php/inc/header.php
@@ -10,11 +10,11 @@ ob_start();
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
-<link rel="home" title="Home" href="http://www.gentoo.org/">
-<link rel="stylesheet" type="text/css" href="http://www.gentoo.org/css/main.css" media="all">
+<link rel="home" title="Home" href="https://www.gentoo.org/">
+<link rel="stylesheet" type="text/css" href="https://www.gentoo.org/css/main.css" media="all">
<link rel="stylesheet" type="text/css" href="<?php echo WEBPATH; ?>/css/screen.css" media="screen">
-<link rel="icon" href="http://www.gentoo.org/favicon.ico" type="image/png">
+<link rel="icon" href="https://www.gentoo.org/favicon.ico" type="image/png">
<title><?php echo $title; ?></title>
<meta name="robots" content="all">
<meta name="keywords" content="gentoo linux distribution source compile">
diff --git a/php/index.php b/php/index.php
index b925502..d1d4733 100644
--- a/php/index.php
+++ b/php/index.php
@@ -77,4 +77,4 @@ catch (Exception $ex) {
// if we get here, the request was invalid; redirect to Gentoo home
-header('Location: http://www.gentoo.org/');
+header('Location: https://www.gentoo.org/');
--git a/php/rss/download-counts.php b/php/rss/download-counts.php
index 94d96dc..68f4b93 100644
--- a/php/rss/download-counts.php
+++ b/php/rss/download-counts.php
@@ -26,16 +26,16 @@ echo ' xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"'."\n";
echo ' xmlns="http://purl.org/rss/1.0/">'."\n\n";
// channel details
-echo '<channel rdf:about="http://bouncer.gentoo.org/rss/download-counts.php">'."\n";
+echo '<channel rdf:about="https://bouncer.gentoo.org/rss/download-counts.php">'."\n";
echo ' <title>Gentoo Download Counts</title>'."\n";
-echo ' <link>http://www.gentoo.org/</link>'."\n";
+echo ' <link>https://www.gentoo.org/</link>'."\n";
echo ' <description>Gentoo product download counts pulled from Bouncer database.</description> '."\n";
// item listing
echo ' <items>'."\n";
echo ' <rdf:Seq>'."\n";
foreach ($data as $product) {
- echo ' <rdf:li rdf:resource="http://bouncer.gentoo.org/?product='.$product['product_name'].'&lastmod='.$now.'"/>'."\n";
+ echo ' <rdf:li rdf:resource="https://bouncer.gentoo.org/?product='.$product['product_name'].'&lastmod='.$now.'"/>'."\n";
}
echo ' </rdf:Seq>'."\n";
echo ' </items>'."\n";
@@ -43,10 +43,10 @@ echo '</channel>'."\n\n";
// item details
foreach ($data as $product) {
- echo '<item rdf:about="http://bouncer.gentoo.org/?product='.$product['product_name'].'&lastmod='.$now.'">'."\n";
+ echo '<item rdf:about="https://bouncer.gentoo.org/?product='.$product['product_name'].'&lastmod='.$now.'">'."\n";
echo ' <title>'.$product['product_name'].'</title>'."\n";
echo ' <description>'.$product['product_count'].'</description>'."\n";
- echo ' <link>http://bouncer.gentoo.org/?product='.$product['product_name'].'&lastmod='.$now.'</link>'."\n";
+ echo ' <link>https://bouncer.gentoo.org/?product='.$product['product_name'].'&lastmod='.$now.'</link>'."\n";
echo '</item>'."\n";
}
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2018-12-10 5:09 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-12-10 5:09 [gentoo-commits] proj/bouncer:master commit in: php/, php/inc/, php/rss/, php/cfg/, php/admin/ Robin H. Johnson
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox