From a8f85252eeedf28aef5e9f11d9edaf7c778b3108 Mon Sep 17 00:00:00 2001
From: Steve Sutton <steve@gaslightmedia.com>
Date: Wed, 19 Dec 2018 09:24:52 -0500
Subject: [PATCH] Force SSL on entire website.

Force the url to https
---
 .htaccess                              | 10 +++++++++-
 Toolkit/CKImages/imageFetch.php        |  1 +
 Toolkit/FileServer/AdapterAbstract.php |  2 ++
 Toolkit/FileServer/ImageAdapter.php    |  2 ++
 Toolkit/Image/Server.php               |  3 +++
 config/server.ini                      | 10 +++++-----
 setup.phtml                            |  2 +-
 7 files changed, 23 insertions(+), 7 deletions(-)

diff --git a/.htaccess b/.htaccess
index 894e4ea..a21e157 100644
--- a/.htaccess
+++ b/.htaccess
@@ -27,7 +27,15 @@ RewriteRule .* - [F]
 # Redirect non-www to www
 RewriteCond %{ENV:GLM_HOST_ID} PRODUCTION
 RewriteCond %{HTTP_HOST} !^www\.gaylordgolfmecca\. [NC]
-RewriteRule ^(.*)$ http://www.gaylordgolfmecca.com/$1 [R=301,L]
+RewriteRule ^(.*)$ https://www.gaylordgolfmecca.com/$1 [R=301,L]
+
+RewriteCond %{ENV:GLM_HOST_ID} PRODUCTION
+RewriteCond %{HTTPS} !=on
+RewriteRule ^/?(.*) https://www.gaylordgolfmecca.com/$1 [R,L]
+
+RewriteCond %{ENV:GLM_HOST_ID} DEVELOPMENT
+RewriteCond %{HTTPS} !=on
+RewriteRule ^/?(.*) https://dev53.gaslightmedia.com/www.gaylordgolfmecca.com/$1 [R,L]
 
 # CacheBusting
 RewriteCond %{REQUEST_URI} v/[0-9\.]+/
diff --git a/Toolkit/CKImages/imageFetch.php b/Toolkit/CKImages/imageFetch.php
index 0c41ae8..cd3d087 100644
--- a/Toolkit/CKImages/imageFetch.php
+++ b/Toolkit/CKImages/imageFetch.php
@@ -34,6 +34,7 @@ $ch = curl_init(CKIMAGE_ORIGINAL . $fileToFetch);
 curl_setopt($ch, CURLOPT_TIMEOUT, 50);
 curl_setopt($ch, CURLOPT_FILE, $fp);
 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
 curl_exec($ch);
 curl_close($ch);
 fclose($fp);
diff --git a/Toolkit/FileServer/AdapterAbstract.php b/Toolkit/FileServer/AdapterAbstract.php
index 36e214a..a82cedf 100644
--- a/Toolkit/FileServer/AdapterAbstract.php
+++ b/Toolkit/FileServer/AdapterAbstract.php
@@ -164,6 +164,7 @@ abstract class Toolkit_FileServer_AdapterAbstract
             CURLOPT_URL            => IS_SUBMIT_URL,
             CURLOPT_HEADER         => 0,
             CURLOPT_RETURNTRANSFER => 1,
+            CURLOPT_SSL_VERIFYPEER => false,
             CURLOPT_POSTFIELDS     => $fileData
         );
         curl_setopt_array($ch, $curlOptions);
@@ -332,6 +333,7 @@ abstract class Toolkit_FileServer_AdapterAbstract
                 CURLOPT_URL            => IS_SUBMIT_URL,
                 CURLOPT_HEADER         => 0,
                 CURLOPT_RETURNTRANSFER => 1,
+                CURLOPT_SSL_VERIFYPEER => false,
                 CURLOPT_POST           => 1,
                 CURLOPT_POSTFIELDS     => $fileData
             );
diff --git a/Toolkit/FileServer/ImageAdapter.php b/Toolkit/FileServer/ImageAdapter.php
index 6db761e..8133430 100644
--- a/Toolkit/FileServer/ImageAdapter.php
+++ b/Toolkit/FileServer/ImageAdapter.php
@@ -139,6 +139,7 @@ class Toolkit_FileServer_ImageAdapter extends Toolkit_FileServer_AdapterAbstract
             CURLOPT_URL            => "{$image}/info",
             CURLOPT_HEADER         => 0,
             CURLOPT_RETURNTRANSFER => 1,
+            CURLOPT_SSL_VERIFYPEER => false,
             CURLOPT_POSTFIELDS     => $fileData
         );
         curl_setopt_array($ch, $curlOptions);
@@ -203,6 +204,7 @@ class Toolkit_FileServer_ImageAdapter extends Toolkit_FileServer_AdapterAbstract
             CURLOPT_URL            => IS_SUBMIT_URL,
             CURLOPT_HEADER         => 0,
             CURLOPT_RETURNTRANSFER => 1,
+            CURLOPT_SSL_VERIFYPEER => false,
             CURLOPT_POSTFIELDS     => $fileData
         );
         curl_setopt_array($ch, $curlOptions);
diff --git a/Toolkit/Image/Server.php b/Toolkit/Image/Server.php
index c56daca..f3f113c 100755
--- a/Toolkit/Image/Server.php
+++ b/Toolkit/Image/Server.php
@@ -180,6 +180,7 @@ class Toolkit_Image_Server
                     CURLOPT_URL            => IS_SUBMIT_URL,
                     CURLOPT_HEADER         => 0,
                     CURLOPT_RETURNTRANSFER => 1,
+                    CURLOPT_SSL_VERIFYPEER => false,
                     CURLOPT_POSTFIELDS     => $fileData
                     );
             curl_setopt_array($ch, $curlOptions);
@@ -268,6 +269,7 @@ class Toolkit_Image_Server
                     CURLOPT_URL            => IS_SUBMIT_URL,
                     CURLOPT_HEADER         => 0,
                     CURLOPT_RETURNTRANSFER => 1,
+                    CURLOPT_SSL_VERIFYPEER => false,
                     CURLOPT_POSTFIELDS     => $fileData
                     );
             curl_setopt_array($ch, $curlOptions);
@@ -341,6 +343,7 @@ class Toolkit_Image_Server
             CURLOPT_URL            => "{$image}/info",
             CURLOPT_HEADER         => 0,
             CURLOPT_RETURNTRANSFER => 1,
+            CURLOPT_SSL_VERIFYPEER => false,
 //            CURLOPT_POSTFIELDS     => $fileData
         );
         curl_setopt_array($ch, $curlOptions);
diff --git a/config/server.ini b/config/server.ini
index 7344a47..50248e5 100644
--- a/config/server.ini
+++ b/config/server.ini
@@ -1,7 +1,7 @@
 ; Production site configuration data
 [production]
 ; Name used in the title tag, admin area and emails
-site_url = "http://www.gaylordgolfmecca.com/"
+site_url = "https://www.gaylordgolfmecca.com/"
 coupon_site_url = "www.gaylordgolfmecca.com"
 
 ; Link URL to access mobile site to home page
@@ -16,14 +16,14 @@ google.search.site_restriction = "http://demo.gaslightmedia.com/"
 google.maps.key   = "ABQIAAAANX0yQZ2OteLu_zqbwdfUuRT9PY8-4c5xPr71Q7CZ_E9OOktIvhS7e6r_9XaLW5jy3O84t-dz7SK21Q"
 
 ; unsecure url to servers app.gaslightmedia.com directory
-app.base_url        = "http://app.gaslightmedia.com/"
+app.base_url        = "https://app.gaslightmedia.com/"
 ; secure url to servers app.gaslightmedia.com directory
 app.base_secure_url = "https://app.gaslightmedia.com/"
 
 ; secure url to file server
 file_server.secure   = "https://is0.gaslightmedia.com/"
 ; unsecure url to file server
-file_server.unsecure = "http://is0.gaslightmedia.com/"
+file_server.unsecure = "https://is0.gaslightmedia.com/"
 ; owner id for the file server
 file_server.owner_id = "golfmecca"
 ; owner password for the file server
@@ -164,7 +164,7 @@ resources.environment.css = "prod"
 ; development site configuration data inherits from production and
 ; overrides values as necessary
 [development : production]
-site_url = "http://dev53.gaslightmedia.com/www.gaylordgolfmecca.com/"
+site_url = "https://dev53.gaslightmedia.com/www.gaylordgolfmecca.com/"
 
 mobile.link =
 mobile.hostname = Off
@@ -172,7 +172,7 @@ mobile.hostname = Off
 google.search.key = "ABQIAAAANX0yQZ2OteLu_zqbwdfUuRTeX7yNUukyMrmY8FsCXcCA9axlYBTyhehgzuXOUfNI0E5UYHCLponA0A"
 google.maps.key   = "ABQIAAAANX0yQZ2OteLu_zqbwdfUuRQsHGkczIjpqPY1-dTKNoaiGtfPJBTloI-YH7fzUV-bsMLwcy2Yjyti7A"
 
-app.base_url        = "http://dev53.gaslightmedia.com/app.gaslightmedia.com/"
+app.base_url        = "https://dev53.gaslightmedia.com/app.gaslightmedia.com/"
 app.base_secure_url = "https:/dev53.gaslightmedia.com/app.gaslightmedia.com/"
 
 error.reporting[] = E_ALL
diff --git a/setup.phtml b/setup.phtml
index 40677f1..152d034 100644
--- a/setup.phtml
+++ b/setup.phtml
@@ -47,7 +47,7 @@ if (($x = strlen($CALLED_FROM_DIR)) > 0) {
 }
 // Added to strip any trailing /'s to make sure we don't end up with many
 $base_url = preg_replace('|/*$|', '', $base_url);
-$BASE_URL = "http://$base_url";
+$BASE_URL = "https://$base_url";
 
 if (!isset($DEBUG)) {
     $DEBUG = (isset($mysecretcode) && $mysecretcode == 1234);
-- 
2.17.1