chamilo.org

[CTS]

Hi All,
Can i start by saying what a great product Chamilo is, easy to use and for a novice LMS user that means a lot. (Moodle take note!) I have though, been asken to create a secure login page for users and I'm told this is a legal requirement under the Data Protection Act in the UK. I've bought an SSL certificate and everything is configured except how I point it to my LMS homepage. I can't find the PHP file, or the line of code where I would point it to the SSL. Has anyone out there done this already and if so, can you please help?

[ywarnier]

Hi CTS,

Welcome to our community.

I don't think that's been tried but:
- considering SSL is much cheaper (in terms of computer resources), wouldn't it be a good option to put the whole site in SSL?
- as far as I understand it, you could hack into index.php and, at the beginning, put a condition of this type:

Code: Select all

<?php
//beginning of script ...
//inclusion of global.inc.php
if (empty($_SERVER['HTTPS']) or ($_SERVER['HTTPS'] == 'off')) {
  header('location: '.str_replace('http','https',api_get_path('WEB_PATH')));
  exit;
}


This should do the trick (although I'm not sure how the cookie is kept over a transition from SSL to non-SSL, but I think it's alright).

Oh, maybe you would also have to change the URL of the form action, but as far as the code shows, it should get translated automatically if index.php is in SSL...

[ywarnier]

Obviously, if that works, please let us know so we can include a bit of code in our next version to make that easier for everybody.

[CTS]

This worked perfectly. Thanks again for your help, you got me out of a really tight spot. Cheers!

[ywarnier]

This worked perfectly. Thanks again for your help, you got me out of a really tight spot. Cheers!

Great. Thanks for reporting back to us. I'll add the redirect option in a bit for the next version of Chamilo.

[CTS]

Hi All,
Can i start by saying what a great product Chamilo is, easy to use and for a novice LMS user that means a lot. (Moodle take note!) I have though, been asken to create a secure login page for users and I'm told this is a legal requirement under the Data Protection Act in the UK. I've bought an SSL certificate and everything is configured except how I point it to my LMS homepage. I can't find the PHP file, or the line of code where I would point it to the SSL. Has anyone out there done this already and if so, can you please help?

[ywarnier]

Hi CTS,

Welcome to our community.

I don't think that's been tried but:
- considering SSL is much cheaper (in terms of computer resources), wouldn't it be a good option to put the whole site in SSL?
- as far as I understand it, you could hack into index.php and, at the beginning, put a condition of this type:

Code: Select all

<?php
//beginning of script ...
//inclusion of global.inc.php
if (empty($_SERVER['HTTPS']) or ($_SERVER['HTTPS'] == 'off')) {
  header('location: '.str_replace('http','https',api_get_path('WEB_PATH')));
  exit;
}


This should do the trick (although I'm not sure how the cookie is kept over a transition from SSL to non-SSL, but I think it's alright).

Oh, maybe you would also have to change the URL of the form action, but as far as the code shows, it should get translated automatically if index.php is in SSL...

[ywarnier]

Obviously, if that works, please let us know so we can include a bit of code in our next version to make that easier for everybody.

[CTS]

This worked perfectly. Thanks again for your help, you got me out of a really tight spot. Cheers!

[ywarnier]

This worked perfectly. Thanks again for your help, you got me out of a really tight spot. Cheers!

Great. Thanks for reporting back to us. I'll add the redirect option in a bit for the next version of Chamilo.