Commit cd1eb7ce authored by John Okely's avatar John Okely Committed by Mark Nelson
Browse files

MDL-42834 admin: Upgrade script and warning for loginhttps sites

parent ebc11ab3
......@@ -875,6 +875,8 @@ if (empty($CFG->disabledevlibdirscheck) && (is_dir($CFG->dirroot.'/vendor') || i
} else {
$devlibdir = false;
}
// Check if the site is being foced onto ssl.
$overridetossl = !empty($CFG->overridetossl);
admin_externalpage_setup('adminnotifications');
......@@ -883,4 +885,4 @@ $output = $PAGE->get_renderer('core', 'admin');
echo $output->admin_notifications_page($maturity, $insecuredataroot, $errorsdisplayed, $cronoverdue, $dbproblems,
$maintenancemode, $availableupdates, $availableupdatesfetch, $buggyiconvnomb,
$registered, $cachewarnings, $eventshandlers, $themedesignermode, $devlibdir,
$mobileconfigured);
$mobileconfigured, $overridetossl);
......@@ -279,13 +279,15 @@ class core_admin_renderer extends plugin_renderer_base {
* @param bool $themedesignermode Warn about the theme designer mode.
* @param bool $devlibdir Warn about development libs directory presence.
* @param bool $mobileconfigured Whether the mobile web services have been enabled
* @param bool $overridetossl Whether or not ssl is being forced.
*
* @return string HTML to output.
*/
public function admin_notifications_page($maturity, $insecuredataroot, $errorsdisplayed,
$cronoverdue, $dbproblems, $maintenancemode, $availableupdates, $availableupdatesfetch,
$buggyiconvnomb, $registered, array $cachewarnings = array(), $eventshandlers = 0,
$themedesignermode = false, $devlibdir = false, $mobileconfigured = false) {
$themedesignermode = false, $devlibdir = false, $mobileconfigured = false,
$overridetossl = false) {
global $CFG;
$output = '';
......@@ -301,6 +303,7 @@ class core_admin_renderer extends plugin_renderer_base {
$output .= $this->cron_overdue_warning($cronoverdue);
$output .= $this->db_problems($dbproblems);
$output .= $this->maintenance_mode_warning($maintenancemode);
$output .= $this->overridetossl_warning($overridetossl);
$output .= $this->cache_warnings($cachewarnings);
$output .= $this->events_handlers($eventshandlers);
$output .= $this->registration_warning($registered);
......@@ -668,6 +671,20 @@ class core_admin_renderer extends plugin_renderer_base {
return $this->warning(get_string('sitemaintenancewarning2', 'admin', $url));
}
/**
* Render a warning that ssl is forced because the site was on loginhttps.
*
* @param bool $overridetossl Whether or not ssl is being forced.
* @return string
*/
protected function overridetossl_warning($overridetossl) {
if (!$overridetossl) {
return '';
}
$warning = get_string('overridetossl', 'core_admin');
return $this->warning($warning, 'warning');
}
/**
* Display a warning about installing development code if necesary.
* @param int $maturity
......
......@@ -813,6 +813,7 @@ $string['order2'] = 'Second';
$string['order3'] = 'Third';
$string['order4'] = 'Fourth';
$string['outgoingmailconfig'] = 'Outgoing mail configuration';
$string['overridetossl'] = 'HTTPS for logins has now been deprecated. This instance is now forced to SSL. To remedy this warning change your wwwroot in config.php to https://';
$string['passwordchangelogout'] = 'Log out after password change';
$string['passwordchangelogout_desc'] = 'If enabled, when a password is changed, all browser sessions are terminated, apart from the one in which the new password is specified. (This setting does not affect password changes via bulk user upload.)';
$string['passwordchangetokendeletion'] = 'Remove web service access tokens after password change';
......
......@@ -2781,5 +2781,17 @@ function xmldb_main_upgrade($oldversion) {
upgrade_main_savepoint(true, 2017101900.02);
}
if ($oldversion < 2017101900.03) {
// We will need to force them onto ssl if loginhttps is set.
if (!empty($CFG->loginhttps)) {
set_config('overridetossl', 1);
}
// Loginhttps should no longer be set.
unset_config('loginhttps');
// Main savepoint reached.
upgrade_main_savepoint(true, 2017101900.03);
}
return true;
}
......@@ -828,6 +828,13 @@ function initialise_fullme() {
initialise_fullme_cli();
return;
}
if (!empty($CFG->overridetossl)) {
if (strpos($CFG->wwwroot, 'http://') === 0) {
$CFG->wwwroot = str_replace('http:', 'https:', $CFG->wwwroot);
} else {
unset_config('overridetossl');
}
}
$rurl = setup_get_remote_url();
$wwwroot = parse_url($CFG->wwwroot.'/');
......
......@@ -29,7 +29,7 @@
defined('MOODLE_INTERNAL') || die();
$version = 2017101900.02; // YYYYMMDD = weekly release date of this DEV branch.
$version = 2017101900.03; // YYYYMMDD = weekly release date of this DEV branch.
// RR = release increments - 00 in DEV branches.
// .XX = incremental changes.
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment