Change the login link so that it points directly to the HTTPs version of the login page if "$DISABLE_HTTP_LOGIN" is set and if HTTP is used.
Signed-off-by: Lukas Fleischer <[email protected]> --- web/lib/aur.inc.php | 2 ++ web/template/header.php | 4 ++++ 2 files changed, 6 insertions(+) diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php index 93ae23b..018d5c8 100644 --- a/web/lib/aur.inc.php +++ b/web/lib/aur.inc.php @@ -298,6 +298,8 @@ function db_connect() { * @return void */ function html_header($title="") { + global $AUR_LOCATION; + global $DISABLE_HTTP_LOGIN; global $LANG; global $SUPPORTED_LANGS; diff --git a/web/template/header.php b/web/template/header.php index c78f1e3..265d638 100644 --- a/web/template/header.php +++ b/web/template/header.php @@ -63,7 +63,11 @@ <li><a href="<?= get_uri('/logout/'); ?>"><?= __("Logout"); ?></a></li> <?php else: ?> <li><a href="<?= get_uri('/register/'); ?>"><?= __("Register"); ?></a></li> + <?php if ($DISABLE_HTTP_LOGIN && empty($_SERVER['HTTPS'])): ?> + <li><a href="<?= $AUR_LOCATION . get_uri('/login/'); ?>"><?= __("Login"); ?></a></li> + <?php else: ?> <li><a href="<?= get_uri('/login/'); ?>"><?= __("Login"); ?></a></li> + <?php endif; ?> <?php endif; ?> </ul> </div><!-- #archdev-navbar --> -- 1.7.12.4
