Development

Changeset 3634

You must first sign up to be able to contribute.

Changeset 3634

Show
Ignore:
Timestamp:
03/20/07 08:54:43 (2 years ago)
Author:
lsmith
Message:

- refactored the code to be more efficient and more flexible:

  • filter is only executed once
  • filter can be disabled on a per environment basis using app_disable_sslfilter config setting (may be either a scalar with the name of the environment or an array of environment names)
  • logic is now much simpler (see plugin documentation for details)

Note: please do not hit me up the head for my formatting in the multi line if statement :)

Feedback appreciated :)

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • plugins/sfSslRequirementPlugin/lib/filter/sfSslRequirementFilter.class.php

    r3192 r3634  
    2020  public function execute ($filterChain) 
    2121  { 
    22     // get the cool stuff 
    23     $context    = $this->getContext(); 
    24     $controller = $context->getController(); 
    25     $request    = $context->getRequest(); 
     22    $disable_sslfilter = sfConfig::get('app_disable_sslfilter'); 
     23    // execute only once and only if we are not in using a disabled environment 
     24    if ($this->isFirstCall() 
     25      && (empty($disable_sslfilter) 
     26        || (is_scalar($disable_sslfilter) && SF_ENVIRONMENT != $disable_sslfilter) 
     27        || (is_array($disable_sslfilter) && !in_array(SF_ENVIRONMENT, $disable_sslfilter)) 
     28      ) 
     29    ) { 
     30      // get the cool stuff 
     31      $context    = $this->getContext(); 
     32      $request    = $context->getRequest(); 
    2633 
    27     // get the current action instance 
    28     $actionEntry    = $controller->getActionStack()->getLastEntry(); 
    29     $actionInstance = $actionEntry->getActionInstance(); 
     34      // only redirect if not posting 
     35      if ($request->getMethod() != sfRequest::POST) { 
     36        $controller = $context->getController(); 
    3037 
    31     if ($actionInstance->sslAllowed()) 
    32     { 
    33       $filterChain->execute(); 
     38        // get the current action instance 
     39        $actionEntry    = $controller->getActionStack()->getLastEntry(); 
     40        $actionInstance = $actionEntry->getActionInstance(); 
     41 
     42        // request is SSL secured 
     43        if ($request->isSecure()) 
     44        { 
     45          // but SSL is not allowed 
     46          if (!$actionInstance->sslAllowed()) 
     47          { 
     48            $controller->redirect(str_replace('https', 'http', $request->getUri())); 
     49          } 
     50        } 
     51        // request is not SSL secured, but SSL is required 
     52        elseif ($actionInstance->sslRequired()) 
     53        { 
     54          $controller->redirect(str_replace('http', 'https', $request->getUri())); 
     55        } 
     56      } 
    3457    } 
    35     else if ($actionInstance->sslRequired() && !$request->isSecure() && $request->getMethod() != sfRequest::POST) 
    36     { 
    37       $controller->redirect(str_replace('http', 'https', $request->getUri())); 
    38     } 
    39     else if (!$actionInstance->sslRequired() && $request->isSecure() && $request->getMethod() != sfRequest::POST) 
    40     { 
    41       $controller->redirect(str_replace('https', 'http', $request->getUri())); 
    42     } 
    43     else 
    44     { 
    45       $filterChain->execute(); 
    46     } 
     58 
     59    $filterChain->execute(); 
    4760  } 
    4861}