Exemple #1
0
/**
 * Initialises $FULLME and friends. Private function. Should only be called from
 * setup.php.
 */
function initialise_fullme()
{
    global $CFG, $FULLME, $ME, $SCRIPT, $FULLSCRIPT;
    // Detect common config error.
    if (substr($CFG->wwwroot, -1) == '/') {
        print_error('wwwrootslash', 'error');
    }
    if (CLI_SCRIPT) {
        initialise_fullme_cli();
        return;
    }
    $rurl = setup_get_remote_url();
    $wwwroot = parse_url($CFG->wwwroot . '/');
    if (empty($rurl['host'])) {
        // missing host in request header, probably not a real browser, let's ignore them
    } else {
        if (!empty($CFG->reverseproxy)) {
            // $CFG->reverseproxy specifies if reverse proxy server used
            // Used in load balancing scenarios.
            // Do not abuse this to try to solve lan/wan access problems!!!!!
        } else {
            if ($rurl['host'] !== $wwwroot['host'] or !empty($wwwroot['port']) and $rurl['port'] != $wwwroot['port']) {
                // Explain the problem and redirect them to the right URL
                if (!defined('NO_MOODLE_COOKIES')) {
                    define('NO_MOODLE_COOKIES', true);
                }
                // The login/token.php script should call the correct url/port.
                if (defined('REQUIRE_CORRECT_ACCESS') && REQUIRE_CORRECT_ACCESS) {
                    $wwwrootport = empty($wwwroot['port']) ? '' : $wwwroot['port'];
                    $calledurl = $rurl['host'];
                    if (!empty($rurl['port'])) {
                        $calledurl .= ':' . $rurl['port'];
                    }
                    $correcturl = $wwwroot['host'];
                    if (!empty($wwwrootport)) {
                        $correcturl .= ':' . $wwwrootport;
                    }
                    throw new moodle_exception('requirecorrectaccess', 'error', '', null, 'You called ' . $calledurl . ', you should have called ' . $correcturl);
                }
                redirect($CFG->wwwroot, get_string('wwwrootmismatch', 'error', $CFG->wwwroot), 3);
            }
        }
    }
    // Check that URL is under $CFG->wwwroot.
    if (strpos($rurl['path'], $wwwroot['path']) === 0) {
        $SCRIPT = substr($rurl['path'], strlen($wwwroot['path']) - 1);
    } else {
        // Probably some weird external script
        $SCRIPT = $FULLSCRIPT = $FULLME = $ME = null;
        return;
    }
    // $CFG->sslproxy specifies if external SSL appliance is used
    // (That is, the Moodle server uses http, with an external box translating everything to https).
    if (empty($CFG->sslproxy)) {
        if ($rurl['scheme'] === 'http' and $wwwroot['scheme'] === 'https') {
            print_error('sslonlyaccess', 'error');
        }
    } else {
        if ($wwwroot['scheme'] !== 'https') {
            throw new coding_exception('Must use https address in wwwroot when ssl proxy enabled!');
        }
        $rurl['scheme'] = 'https';
        // make moodle believe it runs on https, squid or something else it doing it
    }
    // hopefully this will stop all those "clever" admins trying to set up moodle
    // with two different addresses in intranet and Internet
    if (!empty($CFG->reverseproxy) && $rurl['host'] === $wwwroot['host']) {
        print_error('reverseproxyabused', 'error');
    }
    $hostandport = $rurl['scheme'] . '://' . $wwwroot['host'];
    if (!empty($wwwroot['port'])) {
        $hostandport .= ':' . $wwwroot['port'];
    }
    $FULLSCRIPT = $hostandport . $rurl['path'];
    $FULLME = $hostandport . $rurl['fullpath'];
    $ME = $rurl['fullpath'];
}
/**
 * Initialises $FULLME and friends. Private function. Should only be called from
 * setup.php.
 */
function initialise_fullme()
{
    global $CFG, $FULLME, $ME, $SCRIPT, $FULLSCRIPT;
    // Detect common config error.
    if (substr($CFG->wwwroot, -1) == '/') {
        print_error('wwwrootslash', 'error');
    }
    if (CLI_SCRIPT) {
        initialise_fullme_cli();
        return;
    }
    $wwwroot = parse_url($CFG->wwwroot);
    if (!isset($wwwroot['path'])) {
        $wwwroot['path'] = '';
    }
    $wwwroot['path'] .= '/';
    $rurl = setup_get_remote_url();
    // Check that URL is under $CFG->wwwroot.
    if (strpos($rurl['path'], $wwwroot['path']) === 0) {
        $SCRIPT = substr($rurl['path'], strlen($wwwroot['path']) - 1);
    } else {
        // Probably some weird external script
        $SCRIPT = $FULLSCRIPT = $FULLME = $ME = null;
        return;
    }
    // $CFG->sslproxy specifies if external SSL appliance is used
    // (That is, the Moodle server uses http, with an external box translating everything to https).
    if (empty($CFG->sslproxy)) {
        if ($rurl['scheme'] == 'http' and $wwwroot['scheme'] == 'https') {
            print_error('sslonlyaccess', 'error');
        }
    }
    // $CFG->reverseproxy specifies if reverse proxy server used.
    // Used in load balancing scenarios.
    // Do not abuse this to try to solve lan/wan access problems!!!!!
    if (empty($CFG->reverseproxy)) {
        if ($rurl['host'] != $wwwroot['host'] or !empty($wwwroot['port']) and $rurl['port'] != $wwwroot['port']) {
            print_error('wwwrootmismatch', 'error', '', $CFG->wwwroot);
        }
    }
    // hopefully this will stop all those "clever" admins trying to set up moodle
    // with two different addresses in intranet and Internet
    if (!empty($CFG->reverseproxy) && $rurl['host'] == $wwwroot['host']) {
        print_error('reverseproxyabused', 'error');
    }
    $hostandport = $rurl['scheme'] . '://' . $wwwroot['host'];
    if (!empty($wwwroot['port'])) {
        $hostandport .= ':' . $wwwroot['port'];
    }
    $FULLSCRIPT = $hostandport . $rurl['path'];
    $FULLME = $hostandport . $rurl['fullpath'];
    $ME = $rurl['fullpath'];
    $rurl['path'] = $rurl['fullpath'];
}