diff options
| -rw-r--r-- | app/class/controller.class.php | 20 | 
1 files changed, 20 insertions, 0 deletions
| diff --git a/app/class/controller.class.php b/app/class/controller.class.php index 4ea40d1..fabd7e7 100644 --- a/app/class/controller.class.php +++ b/app/class/controller.class.php @@ -12,6 +12,26 @@ abstract class Controller extends Framework       * Abstract function for concrete controller to handle the page request       */      abstract function handle($argv); + +    /* +     * Security check +     * Assert that the current connection to this server is secure. Redirects if not. +     */ +    function sec_require_https() +    { +        if (!isset($_SERVER['HTTPS'])) +            $this->redirectTo("https://" . $_SERVER['SERVER_NAME'] . $this->ap()); +    } + +    /* +     * Security check +     * Assert that the current connection to this server is NOT secure. Redirects if not. +     */ +    function sec_forbid_https() +    { +        if (isset($_SERVER['HTTPS'])) +            $this->redirectTo("http://" . $_SERVER['SERVER_NAME'] . $this->ap()); +    }  }  ?> | 
