Potential fixes for HTTPS servers and potential iframe embed fix

An issue was reported from within Enjin which may be related to HTTPS versus HTTP requests for content. Additionally, an iframe embed of the HTML server banner is now more robust by explicitly referring to the URI of the object instead of assuming the working directory is correct.
tyger07 · Apr 20, 2021 · 52c0568 · 52c0568
1 parent 5291c3d
commit 52c0568
Show file tree

Hide file tree

Showing 10 changed files with 70 additions and 17 deletions.
diff --git a/common/countries/wrapper.php b/common/countries/wrapper.php
@@ -71,7 +71,8 @@
 	$mapcount = 0;
 	echo '
 	<script type="text/javascript" src="http';
-	if(isset($_SERVER['HTTPS']))
+	// is this an HTTPS server?
+	if((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443)
 	{
 		echo 's';
 	}

diff --git a/common/functions.php b/common/functions.php
@@ -1534,7 +1534,15 @@ function session_count($userip, $ServerID, $valid_ids, $GameID, $BF4stats, $page
 			// deliberate attack?
 			// kill it
 			// find current URL info
-			$host = 'http://' . $_SERVER['HTTP_HOST'];
+			// is this an HTTPS server?
+			if((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443)
+			{
+				$host = 'https://' . $_SERVER['HTTP_HOST'];
+			}
+			else
+			{
+				$host = 'http://' . $_SERVER['HTTP_HOST'];
+			}
 			$dir = dirname($_SERVER['PHP_SELF']);
 			// build redirect link
 			$redirect =  $host . $dir . '/index.php';

diff --git a/common/home/scoreboard-live.php b/common/home/scoreboard-live.php
@@ -76,7 +76,7 @@
 	$used_slots = $Basic_r['usedSlots'];
 	$available_slots = $Basic_r['maxSlots'];
 	$name = $Basic_r['ServerName'];
-	$battlelog = 'http://battlelog.battlefield.com/bf4/servers/pc/?filtered=1&amp;expand=0&amp;useAdvanced=1&amp;q=' . urlencode($name);
+	$battlelog = 'https://battlelog.battlefield.com/bf4/servers/pc/?filtered=1&amp;expand=0&amp;useAdvanced=1&amp;q=' . urlencode($name);
 	$mode = $Basic_r['Gamemode'];
 	// convert mode to friendly name
 	if(in_array($mode,$mode_array))
@@ -131,7 +131,7 @@
 // display blank information
 else
 {
-	$battlelog = 'http://battlelog.battlefield.com/bf4/servers/pc/';
+	$battlelog = 'https://battlelog.battlefield.com/bf4/servers/pc/';
 	echo '
 	<div style="margin-bottom: 4px; position: relative;">
 	<div style="position: absolute; z-index: 2; width: 100%; height: 100%; top: 0; left: 0; padding: 0px; margin: 0px;"><a class="fill-div" style="padding: 0px; margin: 0px;" href="' . $battlelog . '" target="_blank"></a></div>

diff --git a/common/images/license.txt b/common/images/license.txt
@@ -2,4 +2,4 @@ Many of these images are edited, altered, or un-edited copies of images taken pr
 
 BF4stats.com API : http://bf4stats.com/api
 
-BattleLog: http://battlelog.battlefield.com/bf4/
+BattleLog: https://battlelog.battlefield.com/bf4/
diff --git a/common/init.php b/common/init.php
@@ -57,7 +57,7 @@
 	else
 	{
 		$ServerName = 'Error';
-		$battlelog = 'http://battlelog.battlefield.com/bf4/servers/pc/';
+		$battlelog = 'https://battlelog.battlefield.com/bf4/servers/pc/';
 	}
 	// lets see if a SoldierName or PlayerID was provided to us in the URL
 	// first look for a SoldierName in URL and try to convert it to PlayerID

diff --git a/common/player/player.php b/common/player/player.php
@@ -1318,7 +1318,15 @@ function drawVisualization() {
 			';
 			// done with the dummy cache stuff...
 			// find current URL info
-			$host = 'http://' . $_SERVER['HTTP_HOST'];
+			// is this an HTTPS server?
+			if((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443)
+			{
+				$host = 'https://' . $_SERVER['HTTP_HOST'];
+			}
+			else
+			{
+				$host = 'http://' . $_SERVER['HTTP_HOST'];
+			}
 			$dir = dirname($_SERVER['PHP_SELF']);
 			$file = $_SERVER['PHP_SELF'];
 			// show signature images

diff --git a/common/server-banner/html-banner-content.php b/common/server-banner/html-banner-content.php
@@ -219,6 +219,21 @@
 	</table>
 	</center>';
 }
+// find current URL info
+// is this an HTTPS server?
+if((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443)
+{
+	$host = 'https://' . $_SERVER['HTTP_HOST'];
+}
+else
+{
+	$host = 'http://' . $_SERVER['HTTP_HOST'];
+}
+$dir = dirname($_SERVER['PHP_SELF']);
+// remove this directory name from the string
+$dir = str_replace("/server-banner", "", $dir);
+// adjust URL to reflect the location of index.php
+$home = str_replace("common", "", $dir);
 // display online players
 echo '
 <div class="section"><b>Online Players:</b></div>
@@ -247,7 +262,7 @@
 		echo '
 		<tr>
 		<td width="75%" style="text-align: left;">
-		' . $count . ' <a href="../../index.php?p=player&amp;sid=' . $ServerID . '&amp;player=' . $soldier . '" target="_blank">' . $soldier . '</a>
+		' . $count . ' <a href="' . $host . $home . 'index.php?p=player&amp;sid=' . $ServerID . '&amp;player=' . $soldier . '" target="_blank">' . $soldier . '</a>
 		</td>
 		<td width="25%" style="text-align: right;">
 		' . $score . '
@@ -351,7 +366,7 @@
 		echo '
 		<tr>
 		<td width="75%" style="text-align: left;">
-		' . $count . ' <a href="../../index.php?p=player&amp;sid=' . $ServerID . '&amp;player=' . $soldier . '" target="_blank">' . $soldier . '</a>
+		' . $count . ' <a href="' . $host . $home . 'index.php?p=player&amp;sid=' . $ServerID . '&amp;player=' . $soldier . '" target="_blank">' . $soldier . '</a>
 		</td>
 		<td width="25%" style="text-align: right;">
 		' . $score . '

diff --git a/common/server-banner/html-banner.php b/common/server-banner/html-banner.php
@@ -78,6 +78,19 @@
 	$onlineheight = ($onlinecount * 18) + 6;
 	// total page content height based on onlineheight
 	$contentheight = 500 + $onlineheight;
+	// find current URL info
+	// is this an HTTPS server?
+	if((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443)
+	{
+		$host = 'https://' . $_SERVER['HTTP_HOST'];
+	}
+	else
+	{
+		$host = 'http://' . $_SERVER['HTTP_HOST'];
+	}
+	$dir = dirname($_SERVER['PHP_SELF']);
+	// remove this directory name from the string
+	$dir = str_replace("/server-banner", "", $dir);
 	// echo out the header
 	echo '
 	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
@@ -92,7 +105,7 @@
 	<meta name="copyright" content="2021 Ty_ger07 http://tyger07.github.io/BF4-Server-Stats/" />
 	<meta name="keywords" content="banner" />
 	<meta name="description" content="banner" />
-	<script type="text/javascript" src="../javascript/jquery-1.10.2.js"></script>
+	<script type="text/javascript" src="' . $host . $dir . '/javascript/jquery-1.10.2.js"></script>
 	<title>banner</title>
 	<style type="text/css">
 		body{
@@ -156,7 +169,7 @@
 	<script type="text/javascript">
 		$(function() {
 			function callAjax(){
-				$(\'#content\').load("./html-banner-content.php?sid=' . $ServerID . '");
+				$(\'#content\').load("' . $host . $dir . '/server-banner/html-banner-content.php?sid=' . $ServerID . '");
 			}
 			setInterval(callAjax, 30000 );
 		});
@@ -165,7 +178,7 @@ function callAjax(){
 		<br/><br/>
 		<center><img class="load" src="../images/loading.gif" alt="loading" /></center>
 		<script type="text/javascript">
-			$(\'#content\').load("./html-banner-content.php?sid=' . $ServerID . '");
+			$(\'#content\').load("' . $host . $dir . '/server-banner/html-banner-content.php?sid=' . $ServerID . '");
 		</script>
 	</div>
 	<br/>

diff --git a/common/server/server-tab.php b/common/server/server-tab.php
@@ -14,18 +14,26 @@
 	$ServerID = $sid;
 }
 // find current URL info
-$host = 'http://' . $_SERVER['HTTP_HOST'];
+// is this an HTTPS server?
+if((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443)
+{
+	$host = 'https://' . $_SERVER['HTTP_HOST'];
+}
+else
+{
+	$host = 'http://' . $_SERVER['HTTP_HOST'];
+}
 $dir = dirname($_SERVER['PHP_SELF']);
 // remove this directory name from the string
-$dir = rtrim($dir, "/server");
+$dir = str_replace("/server", "", $dir);
 // adjust URL to reflect the location of index.php
-$home = rtrim($dir, "common");
+$home = str_replace("common", "", $dir);
 echo '
 <table class="prettytable">
 <tr>
 <td class="tablecontents" width="240px">
 <br/>
-<center><a href="' . $host . $home . 'common/server-banner/image-bannersid' . $ServerID . '.png" target="_blank"><img src="./common/server-banner/image-bannersid' . $ServerID . '.png" style="width: 560px; height: 95px;" alt="banner"/></a></center>
+<center><a href="' . $host . $dir . '/server-banner/image-bannersid' . $ServerID . '.png" target="_blank"><img src="./common/server-banner/image-bannersid' . $ServerID . '.png" style="width: 560px; height: 95px;" alt="banner"/></a></center>
 <br/>
 <div class="headline" style="width: 550px; text-align: left;">BBcode</div>
 <table class="prettytable" style="width: 550px;">

diff --git a/index.php b/index.php
@@ -157,7 +157,7 @@
 	$xmlData = @file_get_contents('https://github.com/tyger07/BF4-Server-Stats/releases.atom');
 	$xml=@simplexml_load_string($xmlData);
 	$releaseVersion = $xml->entry[0]->id;
-	if((!empty($releaseVersion)) && (stripos($releaseVersion, '4-10-21') === false))
+	if((!empty($releaseVersion)) && (stripos($releaseVersion, '4-20-21') === false))
 	{
 		echo '
 		<div class="subsection">