* @return array
*/
protected function buildPersonalUrls() {
+ global $wgSecureLogin;
+
$title = $this->getTitle();
$request = $this->getRequest();
$pageurl = $title->getLocalURL();
$a['returntoquery'] = $query;
}
}
+
+ if ( $wgSecureLogin && $request->detectProtocol() == 'https' ) {
+ $a['wpStickHTTPS'] = true;
+ }
+
$returnto = wfArrayToCGI( $a );
if( $this->loggedin ) {
$personal_urls['userpage'] = array(
*
* @param $request WebRequest object to use; $wgRequest will be used if null
* is passed.
+ * @param $secure Whether to force secure/insecure cookies or use default
*/
- public function setCookies( $request = null ) {
+ public function setCookies( $request = null, $secure = null ) {
if ( $request === null ) {
$request = $this->getRequest();
}
if ( $value === false ) {
$this->clearCookie( $name );
} else {
- $this->setCookie( $name, $value );
+ $this->setCookie( $name, $value, 0, $secure );
}
}
$this->load();
$this->setHeaders();
+ global $wgSecureLogin;
+ if (
+ $this->mType != 'signup' &&
+ $wgSecureLogin &&
+ WebRequest::detectProtocol() !== 'https'
+ ) {
+ $title = $this->getFullTitle();
+ $query = array(
+ 'returnto' => $this->mReturnTo,
+ 'returntoquery' => $this->mReturnToQuery,
+ 'wpStickHTTPS' => $this->mStickHTTPS
+ );
+ $url = $title->getFullURL( $query, false, PROTO_HTTPS );
+ $this->getOutput()->redirect( $url );
+ return;
+ }
+
if ( $par == 'signup' ) { # Check for [[Special:Userlogin/signup]]
$this->mType = 'signup';
}
switch ( $this->authenticateUserData() ) {
case self::SUCCESS:
+ global $wgSecureLogin;
# We've verified now, update the real record
$user = $this->getUser();
if( (bool)$this->mRemember != (bool)$user->getOption( 'rememberpassword' ) ) {
} else {
$user->invalidateCache();
}
- $user->setCookies();
+ $user->setCookies( null, $wgSecureLogin && !$this->mStickHTTPS ? false : null );
self::clearLoginToken();
// Reset the throttle
$returnToTitle = Title::newMainPage();
}
+ if( $wgSecureLogin && !$this->mStickHTTPS ) {
+ $options = array( 'http' );
+ $proto = PROTO_HTTP;
+ } else {
+ $options = array( 'https' );
+ $proto = PROTO_HTTPS;
+ }
+
if ( $type == 'successredirect' ) {
- $redirectUrl = $returnToTitle->getFullURL( $returnToQuery );
- if( $wgSecureLogin && !$this->mStickHTTPS ) {
- $redirectUrl = preg_replace( '/^https:/', 'http:', $redirectUrl );
- }
+ $redirectUrl = $returnToTitle->getFullURL( $returnToQuery, false, $proto );
$this->getOutput()->redirect( $redirectUrl );
} else {
- $this->getOutput()->addReturnTo( $returnToTitle, $returnToQuery );
+ $this->getOutput()->addReturnTo( $returnToTitle, $returnToQuery, $options );
}
}