$this->load();
$this->setHeaders();
+ global $wgSecureLogin;
+ if (
+ $this->mType !== 'signup' &&
+ $wgSecureLogin &&
+ WebRequest::detectProtocol() !== 'https'
+ ) {
+ $title = $this->getFullTitle();
+ $query = array(
+ 'returnto' => $this->mReturnTo,
+ 'returntoquery' => $this->mReturnToQuery,
+ 'wpStickHTTPS' => $this->mStickHTTPS
+ );
+ $url = $title->getFullURL( $query, false, PROTO_HTTPS );
+ $this->getOutput()->redirect( $url );
+ return;
+ }
+
if ( $par == 'signup' ) { # Check for [[Special:Userlogin/signup]]
$this->mType = 'signup';
}
switch ( $this->authenticateUserData() ) {
case self::SUCCESS:
+ global $wgSecureLogin;
# We've verified now, update the real record
$user = $this->getUser();
if( (bool)$this->mRemember != (bool)$user->getOption( 'rememberpassword' ) ) {
} else {
$user->invalidateCache();
}
- $user->setCookies();
+
+ if( $wgSecureLogin && !$this->mStickHTTPS ) {
+ $user->setCookies( null, false );
+ } else {
+ $user->setCookies();
+ }
self::clearLoginToken();
// Reset the throttle
$returnToTitle = Title::newMainPage();
}
+ if ( $wgSecureLogin && !$this->mStickHTTPS ) {
+ $options = array( 'http' );
+ $proto = PROTO_HTTP;
+ } else {
+ $options = array( 'https' );
+ $proto = PROTO_HTTPS;
+ }
+
if ( $type == 'successredirect' ) {
- $redirectUrl = $returnToTitle->getFullURL( $returnToQuery );
- if( $wgSecureLogin && !$this->mStickHTTPS ) {
- $redirectUrl = preg_replace( '/^https:/', 'http:', $redirectUrl );
- }
+ $redirectUrl = $returnToTitle->getFullURL( $returnToQuery, false, $proto );
$this->getOutput()->redirect( $redirectUrl );
} else {
- $this->getOutput()->addReturnTo( $returnToTitle, $returnToQuery );
+ $this->getOutput()->addReturnTo( $returnToTitle, $returnToQuery, null, $options );
}
}