| public static isConnectionSecure ( ) : boolean | ||
| return | boolean | |
public static function isConnectionSecure()
{
global $browser, $conf, $registry;
if ($browser->usingSSLConnection()) {
return true;
}
if (!empty($conf['safe_ips'])) {
if (reset($conf['safe_ips']) == '*') {
return true;
}
/* $_SERVER['HTTP_X_FORWARDED_FOR'] is user data and not
* reliable. We don't consult it for safe IPs. We also have to
* assume that if it is present, the user is coming through a proxy
* server. If so, we don't count any non-SSL connection as safe, no
* matter the source IP. */
$remote = $registry->remoteHost();
if (!$remote->proxy) {
foreach ($conf['safe_ips'] as $safe_ip) {
$safe_ip = preg_replace('/(\\.0)*$/', '', $safe_ip);
if (strpos($remote->addr, $safe_ip) === 0) {
return true;
}
}
}
}
return false;
}/**
* Encryption tests.
*/
function showPassphrase($memo)
{
global $notification;
if (!$memo['body'] instanceof Mnemo_Exception) {
return false;
}
/* Check for secure connection. */
$secure_check = Horde::isConnectionSecure();
if ($memo['body']->getCode() == Mnemo::ERR_NO_PASSPHRASE) {
if ($secure_check) {
$notification->push(_("This note has been encrypted, please provide the password."), 'horde.message');
return true;
}
$notification->push(_("This note has been encrypted, and cannot be decrypted without a secure web connection"), 'horde.error');
$memo['body'] = '';
return false;
}
if ($memo['body']->getCode() == Mnemo::ERR_DECRYPT) {
if ($secure_check) {
$notification->push(_("This note cannot be decrypted:") . ' ' . $memo['body']->getMessage(), 'horde.message');
return true;
}
$notification->push(_("This note has been encrypted, and cannot be decrypted without a secure web connection"), 'horde.error');
$memo['body'] = '';
return false;
}
$notification->push($memo['body'], 'horde.error');
$memo['body'] = '';
return false;
}
