diff options
author | Craig Andrews <candrews@integralblue.com> | 2010-10-20 20:22:34 -0400 |
---|---|---|
committer | Craig Andrews <candrews@integralblue.com> | 2010-10-20 20:26:35 -0400 |
commit | 90c87553ee7566593529199374215ae80bb3e209 (patch) | |
tree | b53bc9c461a8be0ae26beac6e7805228760a2612 /actions | |
parent | 3593f3f1323bfce289bc9805629f7d126dac7ae6 (diff) |
Redirect to https when making an http request for a sensitive action
Diffstat (limited to 'actions')
-rw-r--r-- | actions/login.php | 22 | ||||
-rw-r--r-- | actions/register.php | 7 |
2 files changed, 0 insertions, 29 deletions
diff --git a/actions/login.php b/actions/login.php index 07c601a4d..103df7ee5 100644 --- a/actions/login.php +++ b/actions/login.php @@ -63,28 +63,6 @@ class LoginAction extends Action } /** - * Prepare page to run - * - * - * @param $args - * @return string title - */ - - function prepare($args) - { - parent::prepare($args); - - // @todo this check should really be in index.php for all sensitive actions - $ssl = common_config('site', 'ssl'); - if (empty($_SERVER['HTTPS']) && ($ssl == 'always' || $ssl == 'sometimes')) { - common_redirect(common_local_url('login')); - // exit - } - - return true; - } - - /** * Handle input, produce output * * Switches on request method; either shows the form or handles its input. diff --git a/actions/register.php b/actions/register.php index 7307bc689..9b8161e08 100644 --- a/actions/register.php +++ b/actions/register.php @@ -74,13 +74,6 @@ class RegisterAction extends Action parent::prepare($args); $this->code = $this->trimmed('code'); - // @todo this check should really be in index.php for all sensitive actions - $ssl = common_config('site', 'ssl'); - if (empty($_SERVER['HTTPS']) && ($ssl == 'always' || $ssl == 'sometimes')) { - common_redirect(common_local_url('register')); - // exit - } - if (empty($this->code)) { common_ensure_session(); if (array_key_exists('invitecode', $_SESSION)) { |