function securepages_form_alter in Secure Pages 7
Same name and namespace in other branches
- 5 securepages.module \securepages_form_alter()
- 6.2 securepages.module \securepages_form_alter()
- 6 securepages.module \securepages_form_alter()
Implements hook_form_alter().
File
- ./
securepages.module, line 76 - Allows certain pages to be viewable only via HTTPS.
Code
function securepages_form_alter(&$form, &$form_state, $form_id) {
global $is_https, $user, $language;
if (!variable_get('securepages_enable', 0)) {
return;
}
if (isset($form['#action']) && securepages_can_alter_url($form['#action'])) {
// Remove the base_path, and extract the path component.
$url = substr(rawurldecode($form['#action']), strlen(base_path()));
// Filter out any language prefixes as it will be automatically added to
// the URL again.
if (!empty($language->prefix) && preg_match('/^' . $language->prefix . '/', $url) > 0) {
$url = preg_replace('/^' . $language->prefix . '\\//', '', $url);
}
$url = drupal_parse_url($url);
$path = drupal_get_normal_path($url['path']);
$page_match = securepages_match($path);
$role_match = securepages_roles($user);
if ($role_match) {
if (!$is_https) {
$form['#https'] = TRUE;
}
return;
}
if (isset($form['#https'])) {
// if the #https is set don't reset it as module that set it knows better.
}
elseif ($page_match && !$is_https) {
$form['#https'] = TRUE;
}
elseif ($page_match === 0 && $is_https && variable_get('securepages_switch', FALSE)) {
$url['https'] = FALSE;
$url['absolute'] = TRUE;
$form['#action'] = url($url['path'], $url);
}
}
// Check to see if this form needs to be secured.
$secure_form = securepages_match_form($form_id, $form_state['build_info']['args']);
if (!$is_https && $secure_form) {
$form['#https'] = TRUE;
}
}