anonymous wrote on Saturday, November 14, 2009:
Hi all,
Not being a php developer let me please try to ask a question.
Is there something about the contents of the calendar directory that would break https rewrites?
I am forcing https on an openemr installation and all the links work as expected with the exception of index.php in the calendar directory.
thanks
bradymiller wrote on Saturday, November 14, 2009:
hey,
https should be fine. I just spent time testing this out on the OpenEMR Appliance which forces https (port 80 is closed) and based on ubuntu server. Calendar working fine. What do you mean by Calendar/Admin; perhaps point me to a specific link and then will see if I get same behavior.
-brady
anonymous wrote on Saturday, November 14, 2009:
Hi Brady,
I am using split screen mode so I click on Admin and then click the Calendar link across the top.
This give me a screen with the following choices:
Clear Smarty Cache Test System Categories Category Limits
These are the links (also the calendar icon) that do not present as https.
anonymous wrote on Saturday, November 14, 2009:
Is something bypassing mod_rewrite ??
bradymiller wrote on Saturday, November 14, 2009:
hey,
Those links are working ok in the OpenEMR Appliance (on bottom of browser links show up as https also), which also forces ssh. To force it in the appliance I simply firewalled port 80, so user can only get to it via https (did not use mod\_rewrite). How are you forcing it in CentOS? I don’t know much about mod\_rewrite, but perhaps there’s something in the actual openemr link that is throwing off one of your RewriteRules.
-brady
anonymous wrote on Saturday, November 14, 2009:
Thanks for all your help on this Brady.
In httpd.conf:
RewriteEngine On
RewriteRule (.*) https://%{HTTP_HOST}/
It seems that all the links exhibiting this problem are in pnadmin.php with that pnModURL call.
If you are working okay, then I guess there are a couple of possibilities:
1) my mod_rewrite config is wrong
2) my config is okay but mod_rewrite isn’t compatible with the stuff in pnadmin.php ???
anonymous wrote on Saturday, November 14, 2009:
Well, I think I am going to start from scratch. This has become more bizzare. I have completely disabled mod_rewrite and the problem persists.
If I am to understand you correctly, if I use https from the start, everything should be okay.
I am doing so but the problem persists. Very strange.
anonymous wrote on Sunday, November 15, 2009:
Brady,
If you go to the demo at openemr.org and login, then change the link to https. Then choose some of the buttons. The https seems to stick. Then choose the calendar button and move your mouse over the << and >> on either side of the date. The links lose the https.
bradymiller wrote on Sunday, November 15, 2009:
hi,
As an aside, aslo endure you restarted apache after making the changes.
Very bizarre. On the demo at oemr.org, if I put https: nothing works. This makes sense to me since I’m pretty sure oemr.org firewalls port 443. (I’m assuming your using the demo link at top of xoops site and not the demos in the wiki).
Is your client going through a proxy? Try to connect to it from another computer.
-brady
anonymous wrote on Sunday, November 15, 2009:
I typically do httpd reload.
I am using the demo link at the top of www.oemr.org. But, https no longer work at all now. Something has changed.
I see several demos listed on google. How about opening up port 443 on one of them and we give this a try?
I am not behind a proxy.
bradymiller wrote on Monday, November 16, 2009:
hi,
Opened up a port on my server for https in the 3.1.0 OpenEMR Appliance (can’t use 443 since it’s used by something else vital to my server):
ssh:
user:admin pass:pass
normal:
user:admin pass:pass
Let us know how it goes.
-brady
: http://bradymd.com/appliance/demos.html
: https://opensourceemr.com:2092/openemr
: http://opensourceemr.com:2094/openemr
anonymous wrote on Monday, November 16, 2009:
Thanks Brady,
You can close it now.
It works as it should.
I guess it’s back to the drawing board for me.
anonymous wrote on Monday, November 16, 2009:
Brady,
I was able to fix my problem by changing line 1085 in pnAPI.php. Now the links present as https.
I am still going to proceed with a virgin rebuild and see how that works out. I will let you know.
Thanks again,
Dave
anonymous wrote on Monday, November 16, 2009:
https://sourceforge.net/projects/openemr/forums/forum/202506/topic/2040919?message=4967286
anonymous wrote on Monday, November 16, 2009:
bradymiller wrote on Monday, November 16, 2009:
hey,
nice catch. please post this in our bug tracker here. should be able to get this in the next 3.1.0 patch. Did the code mod that you linked to work for you?
-brady
anonymous wrote on Monday, November 16, 2009:
I will post it. That patch doesn’t work against the latest version of pnAPI.php but I will post a patch that does work. Again, I am not a developer, so there may be a better way. I will give credit to Jeff Ross as well.
bradymiller wrote on Monday, November 16, 2009:
hey,
Patches posted in the forums don’t work because of spacing and formatting issues. Feel free to make a patch (just include it as attachment file in the bug tracker), although not required since a simple mod. If a patch is a hassle at all, just let me know the modification (and that it worked for you since your the sole tester on this 
). I’ll then get it into cvs for the next release and into the next 3.1.0 patch (as an aside, 3.1.0 patches are in the tracker->Patches).
thanks,
brady
cfapress wrote on Wednesday, December 02, 2009:
I’m forcing HTTPS via mod_rewrite and never ran into the trouble described above with Firefox or IE. Here’s a copy-and-paste of my Apache2 config section for the rewrite (sourceforge f*cks up the formatting, sorry)
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /home/www/
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /home/www/>
Options Indexes FollowSymLinks MultiViews
# for tighter security use the options below instead of above
#Options SymLinksIfOwnerMatch MultiViews
AllowOverride None
Order allow,deny
allow from all
# This directive allows us to have apache2’s default start page
# in /apache2-default/, but still have / go to the right place
# RedirectMatch ^/$ /apache2-default/
</Directory>
#########################################
#### XXX: BEGIN EDIT FOR MOD_REWRITE ####
#### This is intended to force HTTPS ####
#### for all inbound HTTP requests ####
####
# This module (mod_rewrite) simply tells Apache2 that all connections to
# port 80 need to go to port 443 - SSL - No exceptions
####
<IfModule !mod_rewrite.c>
LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine on
####
# The line below sets the rewrite condition for mod_rewrite.so.
# That is, if the server port does not equal 443, then this condition is true
####
ReWriteCond %{SERVER_PORT} !^443$
RewriteCond %{HTTPS} !=on
####
# The line below is the rule, it states that if above condition is true,
# and the request can be any url, then redirect everything to https:// plus
# the original url that was requested.
####
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1
</IfModule>
#### XXX: END EDIT FOR MOD_REWRITE ####
#######################################
</VirtualHost>
Jason
bradymiller wrote on Wednesday, December 02, 2009:
hey,
Does the new patch fix it:
(it’s the interface/main/calendar/includes/pnAPI.php file)
-brady