# セッションハイジャック対策を導入
include CheckSessionSignature
+ include SslRequirement
+ ssl_allowed :get_address
+
def load_system
@system = System.find(:first)
@system_supplier_use_flag = true if @system && @system.supplier_use_flag
end
end
+ private
+ #sslの有効無効をuse_sslで決定する
+ def ensure_proper_protocol
+ return true unless @system #specでload_systemが通らない問題に対応するため
+ return true unless @system.use_ssl
+ return true if ssl_allowed?
+
+ if ssl_required? && !request.ssl?
+ redirect_to "https://" + request.host + request.request_uri
+ flash.keep
+ return false
+ elsif request.ssl? && !ssl_required?
+ redirect_to "http://" + request.host + request.request_uri
+ flash.keep
+ return false
+ end
+ end
+
+
end
class CartController < BaseController
include CartControllerExtend
+ ssl_required :temporary_shipping, :shipping, :purchase, :purchase2, :purchase_confirm, :confirm, :complete, :before_finish, :finish, :select_delivery_time, :select_delivery_time_with_delivery_trader_id_ajax
+
before_filter :cart_check, :only => [:temporary_shipping,:shipping, :purchase,:purchase2, :confirm, :complete, :delivery, :delivery2]
before_filter :login_divaricate ,:only =>[:purchase,:purchase2,:confirm, :complete, :delivery, :delivery2]
before_filter :login_check, :only => [:shipping]
--- /dev/null
+class AddUseSslToSystems < ActiveRecord::Migration
+ def self.up
+ add_column :systems, :use_ssl, :boolean, :default => false
+ end
+
+ def self.down
+ remove_column :systems, :use_ssl
+ end
+end
googleanalytics_use_flag: true
googleanalytics_account_num: UA-00000-1
tracking_code: "<script></script>"
+ use_ssl: false
\ No newline at end of file