Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Hi,
I'm working on a module that needs to be able to dynamically set whether a page is secure or not. What do you think about adding a hook in function securepages_match that let's modules determine if the page should be secure? Something like this:
function securepages_match($path) {
/**
* Check to see if the current menu item has a preference and ignore the
* secure pages settings
*/
if (function_exists('menu_get_item')) {
$item = menu_get_item(menu_get_active_item());
if (isset($item['secure'])) {
return $item['secure'];
}
}
/**
* Let modules implement a hook to determine if the page should be secure.
*/
if (function_exists('module_invoke_all')) {
$return = module_invoke_all('securepage', $path);
if (in_array(TRUE, $return)) return 1;
}
/**
* Check to see if the page matches the current settings
*/
$secure = variable_get('securepages_secure', 1);
$pages = variable_get('securepages_pages', "node/add*\nnode/*/edit\nuser/*\nadmin*");
$ignore = variable_get('securepages_ignore', "*/autocomplete/*\n*/ajax/*");
if ($ignore) {
$regexp = '/^('. preg_replace(array('/(\r\n?|\n)/', '/\\\\\*/', '/(^|\|)\\\\<front\\\\>($|\|)/'), array('|', '.*', '\1'. preg_quote(variable_get('site_frontpage', 'node'), '/') .'\2'), preg_quote($ignore, '/')) .')$/';
if (preg_match($regexp, $path)) {
if ($_SERVER['HTTPS'] == 'on') {
return 1;
}
else {
return 0;
}
}
}
if ($pages) {
$regexp = '/^('. preg_replace(array('/(\r\n?|\n)/', '/\\\\\*/', '/(^|\|)\\\\<front\\\\>($|\|)/'), array('|', '.*', '\1'. preg_quote(variable_get('site_frontpage', 'node'), '/') .'\2'), preg_quote($pages, '/')) .')$/';
return !($secure xor preg_match($regexp, $path)) ? 1 : 0;
}
else {
return;
}
}
Comment | File | Size | Author |
---|---|---|---|
#6 | securepages-pagesalter-234207-5-7.patch | 457 bytes | peter.thorndycraft |
#3 | securepages_redirect_alter-234207-3.patch | 1.37 KB | klausi |
#2 | securepages_redirect_alter_hook.patch | 1 KB | mh86 |
Comments
Comment #1
grendzy CreditAttribution: grendzy commentedComment #2
mh86 CreditAttribution: mh86 commentedHere is another approach in order to allow modules to alter the securepages redirect logic.
I have a very special case, where one page just can not be served as https, but the rest is role based. At the moment the secure pages module would not allow such a thing. With the attached patch other modules have the possibility to influence the redirect mechanism.
Comment #3
klausiPatch does not apply anymore, rerolled.
Comment #4
Dubs CreditAttribution: Dubs commentedThis is still a valid request I think and would be very useful for module developers. Can this please be applied?
Comment #5
peter.thorndycraft CreditAttribution: peter.thorndycraft commentedCould you please explain the "Patch does not apply anymore, rerolled."??
I also require this functionality. Is there a way to programatically set a page to be secure?
Comment #6
peter.thorndycraft CreditAttribution: peter.thorndycraft commented