Version Description
- Tweak: Add privacy notice
- Tweak: Set javascript redirect to false by default
- Fix: Hide SSL notice on multisite for all subsites, and show only for "activate_plugins" cap users
Download this release
Release Info
Developer | RogierLankhorst |
Plugin | Really Simple SSL |
Version | 3.0.1 |
Comparing to | |
See all releases |
Code changes from version 2.5.26 to 3.0.1
- assets/ComplianZ-white.jpg +0 -0
- assets/UM-mail-alerts.jpg +0 -0
- assets/UM-tagging.jpg +0 -0
- assets/edd-moneybird.jpg +0 -0
- assets/really-simple-plugins.png +0 -0
- assets/rsssl-pro.jpg +0 -0
- assets/um-most-visited.jpg +0 -0
- assets/woocommerce-moneybird.jpg +0 -0
- class-admin.php +2788 -2340
- class-certificate.php +208 -0
- class-front-end.php +7 -7
- class-multisite.php +790 -745
- css/main.css +221 -23
- readme.txt +17 -3
- rlrsssl-really-simple-ssl.php +4 -1
assets/ComplianZ-white.jpg
ADDED
Binary file
|
assets/UM-mail-alerts.jpg
ADDED
Binary file
|
assets/UM-tagging.jpg
ADDED
Binary file
|
assets/edd-moneybird.jpg
ADDED
Binary file
|
assets/really-simple-plugins.png
ADDED
Binary file
|
assets/rsssl-pro.jpg
ADDED
Binary file
|
assets/um-most-visited.jpg
ADDED
Binary file
|
assets/woocommerce-moneybird.jpg
ADDED
Binary file
|
class-admin.php
CHANGED
@@ -1,722 +1,550 @@
|
|
1 |
<?php
|
2 |
defined('ABSPATH') or die("you do not have access to this page!");
|
3 |
|
4 |
-
|
5 |
-
|
6 |
-
private static $_this;
|
7 |
-
|
8 |
-
public $wpconfig_siteurl_not_fixed = FALSE;
|
9 |
-
public $no_server_variable = FALSE;
|
10 |
-
public $errors = Array();
|
11 |
-
|
12 |
-
public $do_wpconfig_loadbalancer_fix = FALSE;
|
13 |
-
public $site_has_ssl = FALSE;
|
14 |
-
public $ssl_enabled = FALSE;
|
15 |
-
|
16 |
-
//multisite variables
|
17 |
-
public $sites = Array(); //for multisite, list of all activated sites.
|
18 |
-
|
19 |
-
//general settings
|
20 |
-
public $capability = 'activate_plugins';
|
21 |
|
22 |
-
|
23 |
-
public $htaccess_test_success = FALSE;
|
24 |
-
public $plugin_version = rsssl_version; //deprecated, but used in pro plugin until 1.0.25
|
25 |
|
26 |
-
|
27 |
-
|
28 |
-
|
29 |
|
30 |
-
|
31 |
-
|
32 |
-
|
33 |
-
public $ssl_success_message_shown = FALSE;
|
34 |
-
public $hsts = FALSE;
|
35 |
-
public $debug = TRUE;
|
36 |
-
public $debug_log;
|
37 |
|
38 |
-
|
39 |
-
|
40 |
-
public $plugin_upgraded;
|
41 |
-
public $mixed_content_fixer_status = "OK";
|
42 |
-
public $ssl_type = "NA";
|
43 |
|
44 |
-
|
|
|
45 |
|
46 |
-
|
47 |
-
|
48 |
-
|
49 |
|
50 |
-
|
|
|
|
|
51 |
|
52 |
-
$
|
53 |
-
$
|
54 |
-
$
|
|
|
|
|
|
|
|
|
|
|
55 |
|
56 |
-
$
|
|
|
|
|
|
|
|
|
57 |
|
58 |
-
|
59 |
|
|
|
|
|
|
|
|
|
60 |
|
61 |
-
|
62 |
|
63 |
-
|
64 |
-
|
65 |
-
|
66 |
|
|
|
67 |
|
68 |
-
|
69 |
-
* Initializes the admin class
|
70 |
-
*
|
71 |
-
* @since 2.2
|
72 |
-
*
|
73 |
-
* @access public
|
74 |
-
*
|
75 |
-
*/
|
76 |
|
77 |
-
|
78 |
-
if (!current_user_can($this->capability)) return;
|
79 |
-
$is_on_settings_page = $this->is_settings_page();
|
80 |
|
81 |
-
/*
|
82 |
-
Detect configuration when:
|
83 |
-
- SSL activation just confirmed.
|
84 |
-
- on settings page
|
85 |
-
- No SSL detected
|
86 |
-
*/
|
87 |
|
88 |
-
|
89 |
-
if ($this->clicked_activate_ssl() || !$this->ssl_enabled || !$this->site_has_ssl || $is_on_settings_page || is_network_admin()) {
|
90 |
|
91 |
-
|
92 |
-
|
|
|
|
|
93 |
|
94 |
-
|
95 |
-
|
96 |
-
|
97 |
-
|
98 |
-
add_action( 'shutdown', 'flush_rewrite_rules');
|
99 |
}
|
100 |
-
add_action('admin_init', array(RSSSL()->rsssl_cache,'flush'),40);
|
101 |
-
}
|
102 |
|
103 |
-
|
104 |
-
|
105 |
-
|
106 |
-
|
107 |
|
108 |
-
|
109 |
-
|
110 |
-
|
111 |
-
|
112 |
-
}
|
113 |
}
|
114 |
|
115 |
-
//when SSL is enabled, and not enabled by user, ask for activation.
|
116 |
-
add_action("admin_notices", array($this, 'show_notice_activate_ssl'),10);
|
117 |
|
118 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
119 |
|
120 |
-
|
121 |
-
|
122 |
-
|
123 |
-
|
124 |
|
125 |
-
|
126 |
-
|
127 |
-
|
|
|
|
|
128 |
|
129 |
-
|
130 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
131 |
|
132 |
-
|
133 |
-
|
134 |
|
135 |
-
|
136 |
-
add_action('wp_ajax_dismiss_htaccess_warning', array($this,'dismiss_htaccess_warning_callback') );
|
137 |
-
add_action('wp_ajax_dismiss_success_message', array($this,'dismiss_success_message_callback') );
|
138 |
|
139 |
-
|
140 |
-
|
141 |
-
|
|
|
142 |
|
|
|
|
|
|
|
|
|
143 |
|
144 |
-
|
|
|
145 |
|
146 |
-
|
147 |
-
|
148 |
-
$sites = ($wp_version >= 4.6 ) ? get_sites() : wp_get_sites();
|
149 |
-
return $sites;
|
150 |
-
}
|
151 |
|
152 |
-
|
153 |
-
|
|
|
154 |
|
155 |
-
|
|
|
|
|
|
|
156 |
|
157 |
-
|
|
|
|
|
|
|
|
|
158 |
|
159 |
-
|
160 |
-
|
161 |
-
switch_to_blog( $site->blog_id );
|
162 |
-
} else {
|
163 |
-
switch_to_blog( $site[ 'blog_id' ] );
|
164 |
-
}
|
165 |
-
}
|
166 |
|
|
|
|
|
|
|
|
|
167 |
|
168 |
-
|
169 |
-
|
170 |
-
|
|
|
|
|
|
|
|
|
171 |
|
172 |
-
|
173 |
-
if (!current_user_can($this->capability)) return;
|
174 |
-
//if (!isset( $_POST['rsssl_nonce'] ) || !wp_verify_nonce( $_POST['rsssl_nonce'], 'rsssl_nonce' )) return false;
|
175 |
|
176 |
-
|
177 |
-
|
178 |
-
|
179 |
-
|
|
|
180 |
|
181 |
-
|
182 |
-
|
|
|
|
|
183 |
|
|
|
|
|
|
|
184 |
|
185 |
-
|
186 |
-
|
187 |
-
*/
|
188 |
|
189 |
-
|
190 |
-
$this->ssl_enabled = true;
|
191 |
-
$this->wp_redirect = true;
|
192 |
|
193 |
-
|
194 |
-
$this->save_options();
|
195 |
-
}
|
196 |
|
197 |
-
|
198 |
-
|
199 |
-
|
200 |
-
|
|
|
|
|
|
|
|
|
201 |
|
202 |
-
$this->remove_ssl_from_siteurl();
|
203 |
-
$this->save_options();
|
204 |
-
}
|
205 |
|
|
|
|
|
|
|
|
|
206 |
|
207 |
|
208 |
-
|
209 |
-
|
210 |
-
|
211 |
-
|
212 |
-
|
|
|
|
|
213 |
}
|
214 |
|
215 |
-
return apply_filters('rsssl_wpconfig_ok_check', $result);
|
216 |
-
}
|
217 |
|
218 |
-
|
219 |
-
This message is shown when no SSL is not enabled by the user yet
|
220 |
-
*/
|
221 |
|
222 |
-
|
223 |
-
|
|
|
|
|
|
|
|
|
224 |
|
225 |
-
|
|
|
226 |
|
227 |
-
|
228 |
-
if (is_multisite() && !RSSSL()->rsssl_multisite->selected_networkwide_or_per_site) return;
|
229 |
|
230 |
-
|
231 |
-
|
232 |
|
233 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
234 |
|
235 |
-
if (!$this->wpconfig_ok()) return;
|
236 |
|
237 |
-
|
|
|
|
|
238 |
|
239 |
-
|
|
|
|
|
|
|
240 |
|
241 |
-
|
242 |
-
|
243 |
-
|
244 |
-
|
245 |
-
<p><?php _e("No SSL was detected. If you do have an SSL certificate, try to reload this page over https by clicking this link:","really-simple-ssl");?> <a href="<?php echo $current_url?>"><?php _e("reload over https.","really-simple-ssl");?></a>
|
246 |
-
<?php _e("You can check your certificate on","really-simple-ssl");?> <a target="_blank" href="https://www.ssllabs.com/ssltest/">Qualys SSL Labs</a>
|
247 |
-
</p>
|
248 |
-
</div>
|
249 |
-
<?php } ?>
|
250 |
|
251 |
-
|
252 |
-
|
253 |
-
<h1><?php _e("Almost ready to migrate to SSL!","really-simple-ssl");?></h1>
|
254 |
-
<?php } ?>
|
255 |
-
<?php _e("Some things can't be done automatically. Before you migrate, please check for: ",'really-simple-ssl');?>
|
256 |
-
<p>
|
257 |
-
<ul>
|
258 |
-
<li><?php _e('Http references in your .css and .js files: change any http:// into //','really-simple-ssl');?></li>
|
259 |
-
<li><?php _e('Images, stylesheets or scripts from a domain without an SSL certificate: remove them or move to your own server.','really-simple-ssl');?></li><?php
|
260 |
-
|
261 |
-
$backup_link = "https://really-simple-ssl.com/knowledge-base/backing-up-your-site/";
|
262 |
-
$link_open = '<a target="_blank" href="'.$backup_link.'">';
|
263 |
-
$link_close = '</a>';
|
264 |
-
|
265 |
-
?> <li> <?php printf(__("It is recommended to take a %sbackup%s of your site before activating SSL", 'really-simple-ssl'), $link_open, $link_close); ?> </li>
|
266 |
-
</ul>
|
267 |
-
</p>
|
268 |
-
<?php $this->show_pro(); ?>
|
269 |
-
|
270 |
-
<?php RSSSL()->really_simple_ssl->show_enable_ssl_button();?>
|
271 |
-
</div>
|
272 |
-
<?php }
|
273 |
-
|
274 |
-
|
275 |
-
/**
|
276 |
-
* @since 2.3
|
277 |
-
* Returns button to enable SSL.
|
278 |
-
*/
|
279 |
|
280 |
-
public function show_enable_ssl_button(){
|
281 |
-
if ($this->site_has_ssl || (defined('rsssl_force_activate') && rsssl_force_activate)) {
|
282 |
-
?>
|
283 |
-
<p>
|
284 |
-
<form action="" method="post">
|
285 |
-
<?php wp_nonce_field( 'rsssl_nonce', 'rsssl_nonce' );?>
|
286 |
-
<div>
|
287 |
-
<input type="checkbox" name="rsssl_flush_rewrite_rules" checked><label><?php _e("Flush rewrite rules on activation (deselect when you encounter errors)","really-simple-ssl")?></label>
|
288 |
-
</div>
|
289 |
-
<input type="submit" class='button button-primary' value="<?php _e("Go ahead, activate SSL!","really-simple-ssl");?>" id="rsssl_do_activate_ssl" name="rsssl_do_activate_ssl">
|
290 |
-
<br><?php _e("You may need to login in again.", "really-simple-ssl")?>
|
291 |
-
</form>
|
292 |
-
</p>
|
293 |
-
<?php
|
294 |
-
}
|
295 |
-
}
|
296 |
-
|
297 |
-
/**
|
298 |
-
* @since 2.3
|
299 |
-
* Shows option to buy pro
|
300 |
|
|
|
|
|
301 |
*/
|
302 |
|
303 |
-
|
304 |
-
|
305 |
-
|
306 |
-
|
307 |
-
<?php
|
308 |
-
}
|
309 |
-
}
|
310 |
|
|
|
|
|
|
|
311 |
|
312 |
-
public function wpconfig_is_writable() {
|
313 |
-
$wpconfig_path = $this->find_wp_config_path();
|
314 |
-
if (is_writable($wpconfig_path))
|
315 |
-
return true;
|
316 |
-
else
|
317 |
-
return false;
|
318 |
-
}
|
319 |
|
320 |
-
|
321 |
-
|
322 |
-
|
|
|
|
|
323 |
|
324 |
-
|
325 |
-
|
326 |
-
|
327 |
-
}
|
328 |
-
}
|
329 |
-
|
330 |
-
/**
|
331 |
-
* Get the options for this plugin
|
332 |
-
*
|
333 |
-
* @since 2.0
|
334 |
-
*
|
335 |
-
* @access public
|
336 |
-
*
|
337 |
-
*/
|
338 |
-
|
339 |
-
public function get_admin_options(){
|
340 |
-
|
341 |
-
$options = get_option('rlrsssl_options');
|
342 |
-
if (isset($options)) {
|
343 |
-
$this->site_has_ssl = isset($options['site_has_ssl']) ? $options['site_has_ssl'] : FALSE;
|
344 |
-
$this->hsts = isset($options['hsts']) ? $options['hsts'] : FALSE;
|
345 |
-
$this->htaccess_warning_shown = isset($options['htaccess_warning_shown']) ? $options['htaccess_warning_shown'] : FALSE;
|
346 |
-
$this->ssl_success_message_shown = isset($options['ssl_success_message_shown']) ? $options['ssl_success_message_shown'] : FALSE;
|
347 |
-
$this->plugin_db_version = isset($options['plugin_db_version']) ? $options['plugin_db_version'] : "1.0";
|
348 |
-
$this->debug = isset($options['debug']) ? $options['debug'] : FALSE;
|
349 |
-
$this->do_not_edit_htaccess = isset($options['do_not_edit_htaccess']) ? $options['do_not_edit_htaccess'] : FALSE;
|
350 |
-
$this->htaccess_redirect = isset($options['htaccess_redirect']) ? $options['htaccess_redirect'] : FALSE;
|
351 |
-
$this->switch_mixed_content_fixer_hook = isset($options['switch_mixed_content_fixer_hook']) ? $options['switch_mixed_content_fixer_hook'] : FALSE;
|
352 |
-
$this->debug_log = isset($options['debug_log']) ? $options['debug_log'] : $this->debug_log;
|
353 |
-
}
|
354 |
-
|
355 |
-
if (is_multisite()) {
|
356 |
-
$network_options = get_site_option('rlrsssl_network_options');
|
357 |
-
$network_htaccess_redirect = isset($network_options["htaccess_redirect"]) ? $network_options["htaccess_redirect"] : false;
|
358 |
-
$network_do_not_edit_htaccess = isset($network_options["do_not_edit_htaccess"]) ? $network_options["do_not_edit_htaccess"] : false;
|
359 |
-
/*
|
360 |
-
If multiste, and networkwide, only the networkwide setting counts.
|
361 |
-
if multisite, and per site, only the networkwide setting counts if it is true.
|
362 |
-
*/
|
363 |
-
$ssl_enabled_networkwide = isset($network_options["ssl_enabled_networkwide"]) ? $network_options["ssl_enabled_networkwide"] : false;
|
364 |
-
if ($ssl_enabled_networkwide) {
|
365 |
-
$this->htaccess_redirect = $network_htaccess_redirect;
|
366 |
-
$this->do_not_edit_htaccess = $network_do_not_edit_htaccess;
|
367 |
-
} else {
|
368 |
-
if ($network_do_not_edit_htaccess) $this->do_not_edit_htaccess = $network_do_not_edit_htaccess;
|
369 |
-
if ($network_htaccess_redirect) $this->htaccess_redirect = $network_htaccess_redirect;
|
370 |
-
}
|
371 |
-
}
|
372 |
-
|
373 |
-
//if the define is true, it overrides the db setting.
|
374 |
-
if (defined( 'RLRSSSL_DO_NOT_EDIT_HTACCESS')) {
|
375 |
-
$this->do_not_edit_htaccess = RLRSSSL_DO_NOT_EDIT_HTACCESS;
|
376 |
-
}
|
377 |
-
|
378 |
-
}
|
379 |
-
|
380 |
-
/**
|
381 |
-
* Creates an array of all domains where the plugin is active AND SSL is active, only used for multisite.
|
382 |
-
*
|
383 |
-
* @since 2.1
|
384 |
-
*
|
385 |
-
* @access public
|
386 |
-
*
|
387 |
-
*/
|
388 |
-
|
389 |
-
public function build_domain_list() {
|
390 |
-
if (!is_multisite()) return;
|
391 |
-
//create list of all activated sites with SSL
|
392 |
-
$this->sites = array();
|
393 |
-
$sites = $this->get_sites_bw_compatible();
|
394 |
-
if ($this->debug) $this->trace_log("building domain list for multisite...");
|
395 |
-
foreach ( $sites as $site ) {
|
396 |
-
$this->switch_to_blog_bw_compatible($site);
|
397 |
-
$options = get_option('rlrsssl_options');
|
398 |
|
399 |
-
$ssl_enabled = FALSE;
|
400 |
-
if (isset($options)) {
|
401 |
-
$site_has_ssl = isset($options['site_has_ssl']) ? $options['site_has_ssl'] : FALSE;
|
402 |
-
$ssl_enabled = isset($options['ssl_enabled']) ? $options['ssl_enabled'] : $site_has_ssl;
|
403 |
-
}
|
404 |
|
405 |
-
|
406 |
-
|
407 |
-
|
|
|
|
|
|
|
408 |
}
|
409 |
-
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
410 |
-
}
|
411 |
|
412 |
-
|
413 |
-
|
414 |
-
|
415 |
-
/**
|
416 |
-
* check if the plugin was upgraded to a new version
|
417 |
-
*
|
418 |
-
* @since 2.1
|
419 |
-
*
|
420 |
-
* @access public
|
421 |
-
*
|
422 |
-
*/
|
423 |
|
424 |
-
|
425 |
-
|
426 |
-
|
427 |
-
$this->plugin_upgraded = true;
|
428 |
-
$this->save_options();
|
429 |
-
}
|
430 |
-
$this->plugin_upgraded = false;
|
431 |
-
}
|
432 |
|
433 |
-
|
434 |
-
|
435 |
-
|
436 |
-
* @since 2.1
|
437 |
-
*
|
438 |
-
* @access public
|
439 |
-
*
|
440 |
-
*/
|
441 |
|
442 |
-
|
443 |
-
if (!$this->debug) return;
|
444 |
-
$this->debug_log = $this->debug_log."<br>".$msg;
|
445 |
-
$this->debug_log = strstr($this->debug_log,'** Detecting configuration **');
|
446 |
-
error_log($msg);
|
447 |
-
}
|
448 |
|
449 |
-
|
450 |
-
|
451 |
-
*
|
452 |
-
* @since 2.2
|
453 |
-
*
|
454 |
-
* @access public
|
455 |
-
*
|
456 |
-
*/
|
457 |
|
458 |
-
|
459 |
-
|
460 |
|
461 |
-
|
462 |
-
if (defined('RSSSL_SAFE_MODE') && RSSSL_SAFE_MODE) $safe_mode = RSSSL_SAFE_MODE;
|
463 |
|
464 |
-
|
465 |
-
$this->trace_log("** Configuring SSL **");
|
466 |
-
if ($this->site_has_ssl) {
|
467 |
-
//when one of the used server variables was found, test if the redirect works
|
468 |
|
469 |
-
if (
|
470 |
-
$this->test_htaccess_redirect();
|
471 |
|
472 |
-
|
473 |
-
|
474 |
-
|
475 |
-
|
|
|
|
|
|
|
|
|
476 |
|
477 |
-
|
478 |
-
$this->wpconfig_server_variable_fix();
|
479 |
|
480 |
-
|
481 |
-
|
482 |
-
|
483 |
|
484 |
-
|
485 |
-
|
486 |
-
|
487 |
-
|
|
|
488 |
|
489 |
-
|
490 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
491 |
|
492 |
-
|
493 |
-
|
494 |
-
|
495 |
|
496 |
-
|
497 |
-
|
|
|
|
|
|
|
498 |
|
|
|
|
|
|
|
499 |
|
500 |
-
/**
|
501 |
-
* Check to see if we are on the settings page, action hook independent
|
502 |
-
*
|
503 |
-
* @since 2.1
|
504 |
-
*
|
505 |
-
* @access public
|
506 |
-
*
|
507 |
-
*/
|
508 |
|
509 |
-
|
510 |
-
|
|
|
|
|
511 |
|
512 |
-
|
513 |
-
|
514 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
515 |
}
|
516 |
-
return false;
|
517 |
-
}
|
518 |
-
|
519 |
-
/**
|
520 |
-
* Find the path to wp-config
|
521 |
-
*
|
522 |
-
* @since 2.1
|
523 |
-
*
|
524 |
-
* @access public
|
525 |
-
*
|
526 |
-
*/
|
527 |
-
|
528 |
-
public function find_wp_config_path() {
|
529 |
-
//limit nr of iterations to 20
|
530 |
-
$i=0;
|
531 |
-
$maxiterations = 20;
|
532 |
-
$dir = dirname(__FILE__);
|
533 |
-
do {
|
534 |
-
$i++;
|
535 |
-
if( file_exists($dir."/wp-config.php") ) {
|
536 |
-
return $dir."/wp-config.php";
|
537 |
-
}
|
538 |
-
} while( ($dir = realpath("$dir/..")) && ($i<$maxiterations) );
|
539 |
-
return null;
|
540 |
-
}
|
541 |
-
|
542 |
-
/**
|
543 |
-
* remove https from defined siteurl and homeurl in the wpconfig, if present
|
544 |
-
*
|
545 |
-
* @since 2.1
|
546 |
-
*
|
547 |
-
* @access public
|
548 |
-
*
|
549 |
-
*/
|
550 |
-
|
551 |
-
public function remove_ssl_from_siteurl_in_wpconfig() {
|
552 |
-
if (!current_user_can($this->capability)) return;
|
553 |
-
|
554 |
-
$wpconfig_path = $this->find_wp_config_path();
|
555 |
-
if (!empty($wpconfig_path)) {
|
556 |
-
$wpconfig = file_get_contents($wpconfig_path);
|
557 |
|
558 |
-
|
559 |
-
|
|
|
|
|
560 |
|
561 |
-
|
562 |
-
|
563 |
-
|
564 |
-
|
565 |
-
|
566 |
-
|
567 |
-
|
568 |
-
|
569 |
-
|
570 |
-
}
|
571 |
}
|
572 |
-
|
573 |
-
}
|
574 |
-
}
|
575 |
|
576 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
577 |
|
578 |
-
|
579 |
-
*
|
580 |
-
* Checks if the wp config contains any defined siteurl and homeurl
|
581 |
-
*
|
582 |
-
*
|
583 |
*/
|
584 |
|
585 |
-
|
|
|
|
|
|
|
|
|
|
|
586 |
|
587 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
588 |
|
589 |
-
|
|
|
590 |
|
591 |
-
|
592 |
-
|
593 |
-
|
594 |
-
|
595 |
-
|
596 |
-
|
597 |
-
|
598 |
-
|
599 |
-
|
600 |
-
|
|
|
|
|
|
|
601 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
602 |
|
603 |
-
|
604 |
-
|
605 |
-
|
606 |
-
*
|
607 |
-
* @since 2.1
|
608 |
-
*
|
609 |
-
* @access public
|
610 |
-
*
|
611 |
-
*/
|
612 |
-
|
613 |
-
private function fix_siteurl_defines_in_wpconfig() {
|
614 |
-
$wpconfig_path = $this->find_wp_config_path();
|
615 |
-
|
616 |
-
if (empty($wpconfig_path)) return;
|
617 |
-
|
618 |
-
$wpconfig = file_get_contents($wpconfig_path);
|
619 |
-
$homeurl_pattern = '/(define\(\s*\'WP_HOME\'\s*,\s*\'http\:\/\/)/';
|
620 |
-
$siteurl_pattern = '/(define\(\s*\'WP_SITEURL\'\s*,\s*\'http\:\/\/)/';
|
621 |
-
|
622 |
-
if (preg_match($homeurl_pattern, $wpconfig) || preg_match($siteurl_pattern, $wpconfig) ) {
|
623 |
-
if (is_writable($wpconfig_path)) {
|
624 |
-
$this->trace_log("wp config siteurl/homeurl edited.");
|
625 |
-
$wpconfig = preg_replace($homeurl_pattern, "define('WP_HOME','https://", $wpconfig);
|
626 |
-
$wpconfig = preg_replace($siteurl_pattern, "define('WP_SITEURL','https://", $wpconfig);
|
627 |
-
file_put_contents($wpconfig_path, $wpconfig);
|
628 |
-
}
|
629 |
-
else {
|
630 |
-
if ($this->debug) {$this->trace_log("not able to fix wpconfig siteurl/homeurl.");}
|
631 |
-
//only when siteurl or homeurl is defined in wpconfig, and wpconfig is not writable is there a possible issue because we cannot edit the defined urls.
|
632 |
-
$this->wpconfig_siteurl_not_fixed = TRUE;
|
633 |
-
}
|
634 |
-
} else {
|
635 |
-
if ($this->debug) {$this->trace_log("no siteurl/homeurl defines in wpconfig");}
|
636 |
-
}
|
637 |
-
}
|
638 |
-
|
639 |
-
|
640 |
-
/**
|
641 |
-
* Check if the wpconfig is already fixed
|
642 |
-
*
|
643 |
-
* @since 2.2
|
644 |
-
*
|
645 |
-
* @access public
|
646 |
-
*
|
647 |
-
*/
|
648 |
-
|
649 |
-
public function wpconfig_has_fixes() {
|
650 |
-
$wpconfig_path = $this->find_wp_config_path();
|
651 |
-
if (empty($wpconfig_path)) return false;
|
652 |
-
$wpconfig = file_get_contents($wpconfig_path);
|
653 |
-
|
654 |
-
//only one of two fixes possible.
|
655 |
-
if (strpos($wpconfig, "//Begin Really Simple SSL Load balancing fix")!==FALSE ) {
|
656 |
-
return true;
|
657 |
-
}
|
658 |
-
|
659 |
-
if (strpos($wpconfig, "//Begin Really Simple SSL Server variable fix")!==FALSE ) {
|
660 |
-
return true;
|
661 |
-
}
|
662 |
-
|
663 |
-
return false;
|
664 |
-
}
|
665 |
-
|
666 |
-
|
667 |
-
/**
|
668 |
-
* In case of load balancer without server https on, add fix in wp-config
|
669 |
-
*
|
670 |
-
* @since 2.1
|
671 |
-
*
|
672 |
-
* @access public
|
673 |
-
*
|
674 |
-
*/
|
675 |
-
|
676 |
-
|
677 |
-
public function wpconfig_loadbalancer_fix() {
|
678 |
-
if (!current_user_can($this->capability)) return;
|
679 |
-
|
680 |
-
$wpconfig_path = $this->find_wp_config_path();
|
681 |
-
if (empty($wpconfig_path)) return;
|
682 |
-
$wpconfig = file_get_contents($wpconfig_path);
|
683 |
-
$this->wpconfig_loadbalancer_fix_failed = FALSE;
|
684 |
-
//only if loadbalancer AND NOT SERVER-HTTPS-ON should the following be added. (is_ssl = false)
|
685 |
-
if (strpos($wpconfig, "//Begin Really Simple SSL Load balancing fix")===FALSE ) {
|
686 |
-
if (is_writable($wpconfig_path)) {
|
687 |
-
$rule = "\n"."//Begin Really Simple SSL Load balancing fix"."\n";
|
688 |
-
$rule .= '$server_opts = array("HTTP_CLOUDFRONT_FORWARDED_PROTO" => "https", "HTTP_CF_VISITOR"=>"https", "HTTP_X_FORWARDED_PROTO"=>"https", "HTTP_X_FORWARDED_SSL"=>"on", "HTTP_X_FORWARDED_SSL"=>"1");'."\n";
|
689 |
-
$rule .= 'foreach( $server_opts as $option => $value ) {'."\n";
|
690 |
-
$rule .= 'if ( (isset($_ENV["HTTPS"]) && ( "on" == $_ENV["HTTPS"] )) || (isset( $_SERVER[ $option ] ) && ( strpos( $_SERVER[ $option ], $value ) !== false )) ) {'."\n";
|
691 |
-
$rule .= '$_SERVER[ "HTTPS" ] = "on";'."\n";
|
692 |
-
$rule .= 'break;'."\n";
|
693 |
-
$rule .= '}'."\n";
|
694 |
-
$rule .= '}'."\n";
|
695 |
-
$rule .= "//END Really Simple SSL"."\n";
|
696 |
-
|
697 |
-
$insert_after = "<?php";
|
698 |
-
$pos = strpos($wpconfig, $insert_after);
|
699 |
-
if ($pos !== false) {
|
700 |
-
$wpconfig = substr_replace($wpconfig,$rule,$pos+1+strlen($insert_after),0);
|
701 |
-
}
|
702 |
-
|
703 |
-
file_put_contents($wpconfig_path, $wpconfig);
|
704 |
-
if ($this->debug) {$this->trace_log("wp config loadbalancer fix inserted");}
|
705 |
-
} else {
|
706 |
-
if ($this->debug) {$this->trace_log("wp config loadbalancer fix FAILED");}
|
707 |
-
$this->wpconfig_loadbalancer_fix_failed = TRUE;
|
708 |
}
|
709 |
-
} else {
|
710 |
-
if ($this->debug) {$this->trace_log("wp config loadbalancer fix already in place, great!");}
|
711 |
-
}
|
712 |
-
$this->save_options();
|
713 |
|
714 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
715 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
716 |
|
|
|
|
|
717 |
|
718 |
/**
|
719 |
-
*
|
720 |
*
|
721 |
* @since 2.1
|
722 |
*
|
@@ -724,1747 +552,2320 @@ defined('ABSPATH') or die("you do not have access to this page!");
|
|
724 |
*
|
725 |
*/
|
726 |
|
727 |
-
public function
|
728 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
729 |
|
730 |
-
|
731 |
-
|
732 |
-
|
|
|
|
|
|
|
|
|
|
|
733 |
|
734 |
-
|
735 |
-
|
736 |
-
if (
|
737 |
-
|
738 |
-
|
|
|
|
|
739 |
|
740 |
-
|
741 |
-
|
742 |
-
|
743 |
-
|
744 |
-
|
745 |
-
|
746 |
-
|
747 |
-
|
748 |
-
|
749 |
-
//check if the fix is already there
|
750 |
-
if (strpos($wpconfig, "//Begin Really Simple SSL Server variable fix")!==FALSE ) {
|
751 |
-
if ($this->debug) {$this->trace_log("wp config server variable fix already in place, great!");}
|
752 |
-
return;
|
753 |
-
}
|
754 |
-
|
755 |
-
if ($this->debug) {$this->trace_log("Adding server variable to wpconfig");}
|
756 |
-
$rule = $this->get_server_variable_fix_code();
|
757 |
-
|
758 |
-
$insert_after = "<?php";
|
759 |
-
$pos = strpos($wpconfig, $insert_after);
|
760 |
-
if ($pos !== false) {
|
761 |
-
$wpconfig = substr_replace($wpconfig,$rule,$pos+1+strlen($insert_after),0);
|
762 |
-
}
|
763 |
-
file_put_contents($wpconfig_path, $wpconfig);
|
764 |
-
if ($this->debug) $this->trace_log("wp config server variable fix inserted");
|
765 |
|
766 |
-
|
767 |
-
|
768 |
-
|
769 |
-
|
770 |
-
protected function get_server_variable_fix_code(){
|
771 |
-
if (is_multisite() && !RSSSL()->rsssl_multisite->ssl_enabled_networkwide && RSSSL()->rsssl_multisite->is_multisite_subfolder_install()) {
|
772 |
-
if ($this->debug) $this->trace_log("per site activation on subfolder install, wp config server variable fix skipped");
|
773 |
-
return "";
|
774 |
-
}
|
775 |
-
|
776 |
-
if (is_multisite() && !RSSSL()->rsssl_multisite->ssl_enabled_networkwide && count($this->sites)==0) {
|
777 |
-
if ($this->debug) $this->trace_log("no sites left with SSL, wp config server variable fix skipped");
|
778 |
-
return "";
|
779 |
-
}
|
780 |
-
|
781 |
-
if (is_multisite() && !RSSSL()->rsssl_multisite->ssl_enabled_networkwide) {
|
782 |
-
$rule = "\n"."//Begin Really Simple SSL Server variable fix"."\n";
|
783 |
-
foreach ($this->sites as $domain ) {
|
784 |
-
//remove http or https.
|
785 |
-
if ($this->debug) {$this->trace_log("getting server variable rule for:".$domain);}
|
786 |
-
$domain = preg_replace("/(http:\/\/|https:\/\/)/","",$domain);
|
787 |
-
|
788 |
-
//we excluded subfolders, so treat as domain
|
789 |
-
//check only for domain without www, as the www variant is found as well with the no www search.
|
790 |
-
$domain_no_www = str_replace ( "www." , "" , $domain);
|
791 |
-
|
792 |
-
$rule .= 'if ( strpos($_SERVER["HTTP_HOST"], "'.$domain_no_www.'")!==FALSE ) {'."\n";
|
793 |
-
$rule .= ' $_SERVER["HTTPS"] = "on";'."\n";
|
794 |
-
$rule .= '}'."\n";
|
795 |
-
}
|
796 |
-
$rule .= "//END Really Simple SSL"."\n";
|
797 |
-
} else {
|
798 |
-
$rule = "\n"."//Begin Really Simple SSL Server variable fix"."\n";
|
799 |
-
$rule .= '$_SERVER["HTTPS"] = "on";'."\n";
|
800 |
-
$rule .= "//END Really Simple SSL"."\n";
|
801 |
-
}
|
802 |
-
|
803 |
-
return $rule;
|
804 |
-
}
|
805 |
-
|
806 |
-
/**
|
807 |
-
* Removing changes made to the wpconfig
|
808 |
-
*
|
809 |
-
* @since 2.1
|
810 |
-
*
|
811 |
-
* @access public
|
812 |
-
*
|
813 |
-
*/
|
814 |
-
|
815 |
-
public function remove_wpconfig_edit() {
|
816 |
-
|
817 |
-
$wpconfig_path = $this->find_wp_config_path();
|
818 |
-
if (empty($wpconfig_path)) return;
|
819 |
-
$wpconfig = file_get_contents($wpconfig_path);
|
820 |
-
|
821 |
-
//check for permissions
|
822 |
-
if (!is_writable($wpconfig_path)) {
|
823 |
-
if ($this->debug) $this->trace_log("could not remove wpconfig edits, wp-config.php not writable");
|
824 |
-
$this->errors['wpconfig not writable'] = TRUE;
|
825 |
-
return;
|
826 |
-
}
|
827 |
-
|
828 |
-
//remove edits
|
829 |
-
$wpconfig = preg_replace("/\/\/Begin\s?Really\s?Simple\s?SSL.*?\/\/END\s?Really\s?Simple\s?SSL/s", "", $wpconfig);
|
830 |
-
$wpconfig = preg_replace("/\n+/","\n", $wpconfig);
|
831 |
-
file_put_contents($wpconfig_path, $wpconfig);
|
832 |
-
|
833 |
-
//in multisite environment, with per site activation, re-add
|
834 |
-
if (is_multisite() && ! RSSSL()->rsssl_multisite->ssl_enabled_networkwide) {
|
835 |
-
if ($this->do_wpconfig_loadbalancer_fix)
|
836 |
-
$this->wpconfig_loadbalancer_fix();
|
837 |
-
|
838 |
-
if ($this->no_server_variable)
|
839 |
-
$this->wpconfig_server_variable_fix();
|
840 |
-
}
|
841 |
-
|
842 |
-
}
|
843 |
-
|
844 |
-
/**
|
845 |
-
* Changes the siteurl and homeurl to https
|
846 |
-
*
|
847 |
-
* @since 2.0
|
848 |
-
*
|
849 |
-
* @access public
|
850 |
-
*
|
851 |
-
*/
|
852 |
-
|
853 |
-
public function set_siteurl_to_ssl() {
|
854 |
-
if (!current_user_can($this->capability)) return;
|
855 |
-
|
856 |
-
$this->trace_log("converting siteurl and homeurl to https");
|
857 |
-
|
858 |
-
$siteurl_ssl = str_replace ( "http://" , "https://" , get_option('siteurl'));
|
859 |
-
$homeurl_ssl = str_replace ( "http://" , "https://" , get_option('home'));
|
860 |
-
update_option('siteurl',$siteurl_ssl);
|
861 |
-
update_option('home',$homeurl_ssl);
|
862 |
-
}
|
863 |
-
|
864 |
-
|
865 |
-
|
866 |
-
/**
|
867 |
-
* On de-activation, siteurl and homeurl are reset to http
|
868 |
-
*
|
869 |
-
* @since 2.0
|
870 |
-
*
|
871 |
-
* @access public
|
872 |
-
*
|
873 |
-
*/
|
874 |
-
|
875 |
-
public function remove_ssl_from_siteurl() {
|
876 |
-
$siteurl_no_ssl = str_replace ( "https://" , "http://" , get_option('siteurl'));
|
877 |
-
$homeurl_no_ssl = str_replace ( "https://" , "http://" , get_option('home'));
|
878 |
-
update_option('siteurl',$siteurl_no_ssl);
|
879 |
-
update_option('home',$homeurl_no_ssl);
|
880 |
-
}
|
881 |
-
|
882 |
-
/**
|
883 |
-
* Save the plugin options
|
884 |
-
*
|
885 |
-
* @since 2.0
|
886 |
-
*
|
887 |
-
* @access public
|
888 |
-
*
|
889 |
-
*/
|
890 |
-
|
891 |
-
public function save_options() {
|
892 |
-
if (!current_user_can($this->capability)) return;
|
893 |
-
|
894 |
-
//any options added here should also be added to function options_validate()
|
895 |
-
$options = array(
|
896 |
-
'site_has_ssl' => $this->site_has_ssl,
|
897 |
-
'hsts' => $this->hsts,
|
898 |
-
'htaccess_warning_shown' => $this->htaccess_warning_shown,
|
899 |
-
'ssl_success_message_shown' => $this->ssl_success_message_shown,
|
900 |
-
'autoreplace_insecure_links' => $this->autoreplace_insecure_links,
|
901 |
-
'plugin_db_version' => $this->plugin_db_version,
|
902 |
-
'debug' => $this->debug,
|
903 |
-
'do_not_edit_htaccess' => $this->do_not_edit_htaccess,
|
904 |
-
'htaccess_redirect' => $this->htaccess_redirect,
|
905 |
-
'ssl_enabled' => $this->ssl_enabled,
|
906 |
-
'javascript_redirect' => $this->javascript_redirect,
|
907 |
-
'wp_redirect' => $this->wp_redirect,
|
908 |
-
'switch_mixed_content_fixer_hook' => $this->switch_mixed_content_fixer_hook,
|
909 |
-
);
|
910 |
-
|
911 |
-
update_option('rlrsssl_options',$options);
|
912 |
-
}
|
913 |
-
|
914 |
-
/**
|
915 |
-
* Load the translation files
|
916 |
-
*
|
917 |
-
* @since 1.0
|
918 |
-
*
|
919 |
-
* @access public
|
920 |
-
*
|
921 |
-
*/
|
922 |
-
|
923 |
-
public function load_translation()
|
924 |
-
{
|
925 |
-
load_plugin_textdomain('really-simple-ssl', FALSE, dirname(plugin_basename(__FILE__)).'/languages/');
|
926 |
-
}
|
927 |
-
|
928 |
-
/**
|
929 |
-
* Handles deactivation of this plugin
|
930 |
-
*
|
931 |
-
* @since 2.0
|
932 |
-
*
|
933 |
-
* @access public
|
934 |
-
*
|
935 |
-
*/
|
936 |
-
|
937 |
-
public function deactivate($networkwide) {
|
938 |
-
$this->remove_ssl_from_siteurl();
|
939 |
-
$this->remove_ssl_from_siteurl_in_wpconfig();
|
940 |
-
|
941 |
-
$this->site_has_ssl = FALSE;
|
942 |
-
$this->hsts = FALSE;
|
943 |
-
$this->htaccess_warning_shown = FALSE;
|
944 |
-
$this->ssl_success_message_shown = FALSE;
|
945 |
-
$this->autoreplace_insecure_links = TRUE;
|
946 |
-
$this->do_not_edit_htaccess = FALSE;
|
947 |
-
$this->htaccess_redirect = FALSE;
|
948 |
-
$this->javascript_redirect = FALSE;
|
949 |
-
$this->wp_redirect = FALSE;
|
950 |
-
$this->ssl_enabled = FALSE;
|
951 |
-
$this->switch_mixed_content_fixer_hook = FALSE;
|
952 |
-
|
953 |
-
$this->save_options();
|
954 |
-
|
955 |
-
//when on multisite, per site activation, recreate domain list for htaccess and wpconfig rewrite actions
|
956 |
-
if (is_multisite()) {
|
957 |
-
RSSSL()->rsssl_multisite->deactivate();
|
958 |
-
if (!RSSSL()->rsssl_multisite->ssl_enabled_networkwide) $this->build_domain_list();
|
959 |
-
}
|
960 |
-
|
961 |
-
$this->remove_wpconfig_edit();
|
962 |
-
$this->removeHtaccessEdit();
|
963 |
-
}
|
964 |
-
|
965 |
-
|
966 |
-
/**
|
967 |
-
* Checks if we are currently on SSL protocol, but extends standard wp with loadbalancer check.
|
968 |
-
*
|
969 |
-
* @since 2.0
|
970 |
-
*
|
971 |
-
* @access public
|
972 |
-
*
|
973 |
-
*/
|
974 |
-
|
975 |
-
public function is_ssl_extended(){
|
976 |
-
$server_var = FALSE;
|
977 |
-
$server_opts = array(
|
978 |
-
'HTTP_X_FORWARDED_PROTO'=>'https',
|
979 |
-
'HTTP_CLOUDFRONT_FORWARDED_PROTO' => 'https',
|
980 |
-
'HTTP_CF_VISITOR'=>'https',
|
981 |
-
'HTTP_X_FORWARDED_SSL'=>'on',
|
982 |
-
'HTTP_X_FORWARDED_SSL'=>'1'
|
983 |
-
);
|
984 |
-
|
985 |
-
foreach( $server_opts as $option => $value ) {
|
986 |
-
if ( (isset($_ENV['HTTPS']) && ( 'on' == $_ENV['HTTPS'] ))
|
987 |
-
|| (isset( $_SERVER[ $option ] ) && ( strpos( $_SERVER[ $option ], $value ) !== false ) )) {
|
988 |
-
$server_var = TRUE;
|
989 |
-
break;
|
990 |
-
}
|
991 |
-
}
|
992 |
-
|
993 |
-
if (is_ssl() || $server_var){
|
994 |
-
return true;
|
995 |
-
} else {
|
996 |
-
return false;
|
997 |
-
}
|
998 |
-
}
|
999 |
-
|
1000 |
-
/**
|
1001 |
-
* Checks for SSL by opening a test page in the plugin directory
|
1002 |
-
*
|
1003 |
-
* @since 2.0
|
1004 |
-
*
|
1005 |
-
* @access public
|
1006 |
-
*
|
1007 |
-
*/
|
1008 |
-
|
1009 |
-
public function detect_configuration() {
|
1010 |
-
$this->trace_log("** Detecting configuration **");
|
1011 |
-
$this->trace_log("plugin version: ".rsssl_version);
|
1012 |
-
$old_ssl_setting = $this->site_has_ssl;
|
1013 |
-
$filecontents = "";
|
1014 |
-
//if current page is on SSL, we can assume SSL is available, even when an errormsg was returned
|
1015 |
-
if($this->is_ssl_extended()){
|
1016 |
-
$this->trace_log("Already on SSL, start detecting configuration");
|
1017 |
-
$this->site_has_ssl = TRUE;
|
1018 |
-
} else {
|
1019 |
-
//we're not on SSL, or no server vars were returned, so test with the test-page.
|
1020 |
-
//plugin url: domain.com/wp-content/etc
|
1021 |
-
$testpage_url = trailingslashit($this->test_url())."ssl-test-page.php";
|
1022 |
-
$this->trace_log("Opening testpage to check for SSL: ".$testpage_url);
|
1023 |
-
|
1024 |
-
$response = wp_remote_get( $testpage_url );
|
1025 |
-
|
1026 |
-
if( is_array($response) ) {
|
1027 |
-
$status = wp_remote_retrieve_response_code( $response );
|
1028 |
-
$filecontents = wp_remote_retrieve_body($response);
|
1029 |
-
}
|
1030 |
-
|
1031 |
-
$this->trace_log("test page url, enter in browser to check manually: ".$testpage_url);
|
1032 |
-
|
1033 |
-
if(!is_wp_error( $response ) && (strpos($filecontents, "#SSL TEST PAGE#") !== false)) {
|
1034 |
-
$this->site_has_ssl = TRUE;
|
1035 |
-
$this->trace_log("SSL test page loaded successfully");
|
1036 |
-
} else {
|
1037 |
-
$this->site_has_ssl = FALSE;
|
1038 |
-
$error = "";
|
1039 |
-
if (is_wp_error( $response ) ) $error = $response->get_error_message();
|
1040 |
-
$this->trace_log("No SSL detected. No certificate, or the testpage is blocked by security settings. The SSL testpage returned the error: ".$error);
|
1041 |
-
}
|
1042 |
-
}
|
1043 |
-
|
1044 |
-
if ($this->site_has_ssl) {
|
1045 |
-
//check the type of SSL, either by parsing the returned string, or by reading the server vars.
|
1046 |
-
if ((strpos($filecontents, "#CLOUDFRONT#") !== false) || (isset($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO']) && ($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO'] == 'https'))) {
|
1047 |
-
$this->ssl_type = "CLOUDFRONT";
|
1048 |
-
} elseif ((strpos($filecontents, "#CLOUDFLARE#") !== false) || (isset($_SERVER['HTTP_CF_VISITOR']) && ($_SERVER['HTTP_CF_VISITOR'] == 'https'))) {
|
1049 |
-
$this->ssl_type = "CLOUDFLARE";
|
1050 |
-
} elseif ((strpos($filecontents, "#LOADBALANCER#") !== false) || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'))) {
|
1051 |
-
$this->ssl_type = "LOADBALANCER";
|
1052 |
-
} elseif ((strpos($filecontents, "#CDN#") !== false) || (isset($_SERVER['HTTP_X_FORWARDED_SSL']) && ($_SERVER['HTTP_X_FORWARDED_SSL'] == 'on' || $_SERVER['HTTP_X_FORWARDED_SSL'] == '1'))) {
|
1053 |
-
$this->ssl_type = "CDN";
|
1054 |
-
} elseif ((strpos($filecontents, "#SERVER-HTTPS-ON#") !== false) || (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on')) {
|
1055 |
-
$this->ssl_type = "SERVER-HTTPS-ON";
|
1056 |
-
} elseif ((strpos($filecontents, "#SERVER-HTTPS-1#") !== false) || (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == '1')) {
|
1057 |
-
$this->ssl_type = "SERVER-HTTPS-1";
|
1058 |
-
} elseif ((strpos($filecontents, "#SERVERPORT443#") !== false) || (isset($_SERVER['SERVER_PORT']) && ( '443' == $_SERVER['SERVER_PORT'] ))) {
|
1059 |
-
$this->ssl_type = "SERVERPORT443";
|
1060 |
-
} elseif ((strpos($filecontents, "#ENVHTTPS#") !== false) || (isset($_ENV['HTTPS']) && ( 'on' == $_ENV['HTTPS'] ))) {
|
1061 |
-
$this->ssl_type = "ENVHTTPS";
|
1062 |
-
} elseif ((strpos($filecontents, "#NO KNOWN SSL CONFIGURATION DETECTED#") !== false)) {
|
1063 |
-
//if we are here, SSL was detected, but without any known server variables set.
|
1064 |
-
//So we can use this info to set a server variable ourselfes.
|
1065 |
-
if (!$this->wpconfig_has_fixes()) {
|
1066 |
-
$this->no_server_variable = TRUE;
|
1067 |
-
}
|
1068 |
-
$this->trace_log("No server variable detected ");
|
1069 |
-
$this->ssl_type = "NA";
|
1070 |
-
} else {
|
1071 |
-
//no valid response, so set to NA
|
1072 |
-
$this->ssl_type = "NA";
|
1073 |
-
}
|
1074 |
-
|
1075 |
-
//check for is_ssl()
|
1076 |
-
if ( (!$this->is_ssl_extended() &&
|
1077 |
-
(strpos($filecontents, "#SERVER-HTTPS-ON#") === false) &&
|
1078 |
-
(strpos($filecontents, "#SERVER-HTTPS-1#") === false) &&
|
1079 |
-
(strpos($filecontents, "#SERVERPORT443#") === false)) || (!is_ssl() && $this->is_ssl_extended())) {
|
1080 |
-
//when is_ssl would return false, we should add some code to wp-config.php
|
1081 |
-
if (!$this->wpconfig_has_fixes()) {
|
1082 |
-
$this->trace_log("is_ssl() will return false: wp-config fix needed");
|
1083 |
-
$this->do_wpconfig_loadbalancer_fix = TRUE;
|
1084 |
-
}
|
1085 |
-
}
|
1086 |
-
|
1087 |
-
$this->trace_log("SSL type: ".$this->ssl_type);
|
1088 |
-
}
|
1089 |
-
$this->check_for_siteurl_in_wpconfig();
|
1090 |
-
|
1091 |
-
$this->save_options();
|
1092 |
-
}
|
1093 |
-
|
1094 |
-
|
1095 |
-
/**
|
1096 |
-
* Test if the htaccess redirect will work
|
1097 |
-
* This way, no redirect loops should occur.
|
1098 |
-
*
|
1099 |
-
* @since 2.1
|
1100 |
-
*
|
1101 |
-
* @access public
|
1102 |
-
*
|
1103 |
-
*/
|
1104 |
-
|
1105 |
-
public function test_htaccess_redirect() {
|
1106 |
-
if (!current_user_can($this->capability)) return;
|
1107 |
-
if ($this->debug) {$this->trace_log("testing htaccess rules...");}
|
1108 |
-
$filecontents = "";
|
1109 |
-
$testpage_url = trailingslashit($this->test_url())."testssl/";
|
1110 |
-
switch ($this->ssl_type) {
|
1111 |
-
case "CLOUDFRONT":
|
1112 |
-
$testpage_url .= "cloudfront";
|
1113 |
-
break;
|
1114 |
-
case "CLOUDFLARE":
|
1115 |
-
$testpage_url .= "cloudflare";
|
1116 |
-
break;
|
1117 |
-
case "LOADBALANCER":
|
1118 |
-
$testpage_url .= "loadbalancer";
|
1119 |
-
break;
|
1120 |
-
case "CDN":
|
1121 |
-
$testpage_url .= "cdn";
|
1122 |
-
break;
|
1123 |
-
case "SERVER-HTTPS-ON":
|
1124 |
-
$testpage_url .= "serverhttpson";
|
1125 |
-
break;
|
1126 |
-
case "SERVER-HTTPS-1":
|
1127 |
-
$testpage_url .= "serverhttps1";
|
1128 |
-
break;
|
1129 |
-
case "SERVERPORT443":
|
1130 |
-
$testpage_url .= "serverport443";
|
1131 |
-
break;
|
1132 |
-
case "ENVHTTPS":
|
1133 |
-
$testpage_url .= "envhttps";
|
1134 |
-
break;
|
1135 |
-
}
|
1136 |
-
|
1137 |
-
$testpage_url .= ("/ssl-test-page.html");
|
1138 |
-
|
1139 |
-
$response = wp_remote_get( $testpage_url );
|
1140 |
-
if( is_array($response) ) {
|
1141 |
-
$status = wp_remote_retrieve_response_code( $response );
|
1142 |
-
$filecontents = wp_remote_retrieve_body($response);
|
1143 |
-
}
|
1144 |
-
|
1145 |
-
$this->trace_log("test page url, enter in browser to check manually: ".$testpage_url);
|
1146 |
-
|
1147 |
-
if (!is_wp_error( $response ) && (strpos($filecontents, "#SSL TEST PAGE#") !== false)) {
|
1148 |
-
$this->htaccess_test_success = TRUE;
|
1149 |
-
$this->trace_log("htaccess rules tested successfully.");
|
1150 |
-
} else {
|
1151 |
-
//.htaccess rewrite rule seems to be giving problems.
|
1152 |
-
$this->htaccess_test_success = FALSE;
|
1153 |
-
if (is_wp_error( $response )) {
|
1154 |
-
$this->trace_log("htaccess rules test failed with error: ".$response->get_error_message());
|
1155 |
-
} else {
|
1156 |
-
$this->trace_log("htaccess test rules failed. Set WordPress redirect in settings/SSL");
|
1157 |
-
}
|
1158 |
-
}
|
1159 |
-
}
|
1160 |
-
|
1161 |
-
|
1162 |
-
/**
|
1163 |
-
* Get an url with which we can test the SSL connection and htaccess redirect rules.
|
1164 |
-
*
|
1165 |
-
* @since 2.0
|
1166 |
-
*
|
1167 |
-
* @access public
|
1168 |
-
*
|
1169 |
-
*/
|
1170 |
-
|
1171 |
-
public function test_url(){
|
1172 |
-
$plugin_url = str_replace("http://", "https://", trailingslashit(rsssl_url) );;
|
1173 |
-
$https_home_url = str_replace("http://", "https://", home_url());
|
1174 |
-
|
1175 |
-
//in some case we get a relative url here, so we check that.
|
1176 |
-
//we compare to urls replaced to https, in case one of them is still on http.
|
1177 |
-
if ( (strpos($plugin_url, "https://")===FALSE ) &&
|
1178 |
-
(strpos($plugin_url, $https_home_url)===FALSE)
|
1179 |
-
) {
|
1180 |
-
//make sure we do not have a slash at the start
|
1181 |
-
$plugin_url = ltrim($plugin_url,"/");
|
1182 |
-
$plugin_url = trailingslashit(home_url()).$plugin_url;
|
1183 |
-
}
|
1184 |
|
1185 |
-
|
1186 |
-
|
1187 |
-
$mainsiteurl = trailingslashit(str_replace("http://","https://",network_site_url()));
|
1188 |
|
1189 |
-
|
1190 |
-
|
|
|
|
|
1191 |
|
1192 |
-
|
1193 |
-
|
1194 |
-
}
|
1195 |
|
1196 |
-
|
1197 |
-
|
|
|
|
|
1198 |
|
|
|
|
|
1199 |
|
1200 |
-
|
1201 |
-
|
1202 |
-
|
1203 |
-
* @since 2.0
|
1204 |
-
*
|
1205 |
-
* @access public
|
1206 |
-
*
|
1207 |
-
*/
|
1208 |
|
1209 |
-
|
1210 |
-
|
1211 |
-
|
|
|
1212 |
|
|
|
|
|
1213 |
|
1214 |
-
|
1215 |
-
|
1216 |
-
|
1217 |
-
//remove http or https.
|
1218 |
-
$domain = preg_replace("/(http:\/\/|https:\/\/)/","",home_url());
|
1219 |
-
$pattern = "/#wpmu\srewritecond\s?".preg_quote($domain, "/")."\n.*?#end\swpmu\srewritecond\s?".preg_quote($domain, "/")."\n/s";
|
1220 |
|
1221 |
-
|
1222 |
-
|
1223 |
-
//now replace any remaining "or" on the last condition.
|
1224 |
-
$pattern = "/(\[OR\])(?!.*(\[OR\]|#start).*?RewriteRule)/s";
|
1225 |
-
$htaccess = preg_replace($pattern, "", $htaccess,1);
|
1226 |
|
1227 |
-
} else {
|
1228 |
-
// remove everything
|
1229 |
-
$pattern = "/#\s?BEGIN\s?rlrssslReallySimpleSSL.*?#\s?END\s?rlrssslReallySimpleSSL/s";
|
1230 |
-
//only remove if the pattern is there at all
|
1231 |
-
if (preg_match($pattern, $htaccess)) $htaccess = preg_replace($pattern, "", $htaccess);
|
1232 |
|
1233 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1234 |
|
1235 |
-
|
1236 |
-
|
1237 |
-
$
|
1238 |
-
} else {
|
1239 |
-
$this->errors['HTACCESS_NOT_WRITABLE'] = TRUE;
|
1240 |
-
if ($this->debug) $this->trace_log("could not remove rules from htaccess, file not writable");
|
1241 |
-
}
|
1242 |
-
}
|
1243 |
|
1244 |
-
|
1245 |
-
|
|
|
|
|
|
|
|
|
1246 |
|
1247 |
-
|
1248 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
1249 |
|
1250 |
-
|
1251 |
-
|
1252 |
-
|
1253 |
-
|
1254 |
-
|
1255 |
-
|
1256 |
-
|
1257 |
-
|
|
|
|
|
|
|
|
|
|
|
1258 |
}
|
1259 |
-
}
|
1260 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1261 |
|
1262 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1263 |
|
1264 |
-
|
1265 |
-
if (is_multisite() && RSSSL()->rsssl_multisite->is_per_site_activated_multisite_subfolder_install()) {
|
1266 |
-
return false;
|
1267 |
-
} else {
|
1268 |
-
return true;
|
1269 |
}
|
1270 |
-
}
|
1271 |
|
1272 |
|
1273 |
-
|
1274 |
-
|
1275 |
-
|
|
|
|
|
|
|
1276 |
|
1277 |
-
|
|
|
1278 |
|
1279 |
-
|
1280 |
-
return false;
|
1281 |
-
}
|
1282 |
|
1283 |
-
|
1284 |
|
1285 |
-
|
1286 |
-
|
1287 |
-
|
1288 |
-
} else {
|
1289 |
-
$this->trace_log(".htaccess does not contain default Really Simple SSL redirect");
|
1290 |
-
return false;
|
1291 |
-
}
|
1292 |
|
1293 |
-
|
|
|
|
|
|
|
|
|
|
|
1294 |
|
1295 |
|
1296 |
-
|
1297 |
-
|
1298 |
-
|
1299 |
-
|
|
|
|
|
|
|
|
|
|
|
1300 |
|
1301 |
-
|
1302 |
-
|
1303 |
-
|
1304 |
-
}
|
1305 |
|
1306 |
-
|
1307 |
|
1308 |
-
|
1309 |
-
|
1310 |
-
|
1311 |
-
|
1312 |
-
|
1313 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1314 |
}
|
1315 |
-
}
|
1316 |
|
1317 |
-
/*
|
1318 |
-
* Checks if a 301 redirect is set
|
1319 |
-
* this is the case if either the wp_redirect is set, or the htaccess redirect is set.
|
1320 |
-
*
|
1321 |
-
*/
|
1322 |
|
1323 |
-
|
1324 |
-
|
1325 |
-
|
1326 |
-
|
1327 |
-
|
1328 |
-
|
1329 |
-
|
1330 |
-
|
1331 |
-
}
|
1332 |
-
|
1333 |
-
/**
|
1334 |
-
* Checks if the HSTS rule is already in the htaccess file
|
1335 |
-
* Set the hsts variable in the db accordingly. applies to preload version as well.
|
1336 |
-
*
|
1337 |
-
* @since 2.1
|
1338 |
-
*
|
1339 |
-
* @access public
|
1340 |
-
*
|
1341 |
-
*/
|
1342 |
-
|
1343 |
-
public function contains_hsts() {
|
1344 |
-
if (!file_exists($this->ABSpath.".htaccess")) {
|
1345 |
-
$this->trace_log(".htaccess not found in ".$this->ABSpath);
|
1346 |
-
$result = $this->hsts; //just return the setting.
|
1347 |
-
} else {
|
1348 |
-
$htaccess = file_get_contents($this->ABSpath.".htaccess");
|
1349 |
-
|
1350 |
-
preg_match("/Strict-Transport-Security/", $htaccess, $check);
|
1351 |
-
if(count($check) === 0){
|
1352 |
-
$result = false;
|
1353 |
-
} else {
|
1354 |
-
$result = true;
|
1355 |
-
}
|
1356 |
-
}
|
1357 |
-
|
1358 |
-
return $result;
|
1359 |
-
}
|
1360 |
-
|
1361 |
-
|
1362 |
-
/**
|
1363 |
-
* Adds redirect to https rules to the .htaccess file.
|
1364 |
-
*
|
1365 |
-
* @since 2.0
|
1366 |
-
*
|
1367 |
-
* @access public
|
1368 |
-
*
|
1369 |
-
*/
|
1370 |
-
|
1371 |
-
public function editHtaccess(){
|
1372 |
-
if (!current_user_can($this->capability)) return;
|
1373 |
-
|
1374 |
-
//check if htacces exists and if htaccess is writable
|
1375 |
-
//update htaccess to redirect to ssl
|
1376 |
-
|
1377 |
-
$this->trace_log("checking if .htaccess can or should be edited...");
|
1378 |
-
|
1379 |
-
//does it exist?
|
1380 |
-
if (!file_exists($this->ABSpath.".htaccess")) {
|
1381 |
-
$this->trace_log(".htaccess not found.");
|
1382 |
-
return;
|
1383 |
-
}
|
1384 |
-
|
1385 |
-
//check if editing is blocked.
|
1386 |
-
if ($this->do_not_edit_htaccess) {
|
1387 |
-
$this->trace_log("Edit of .htaccess blocked by setting or define 'do not edit htaccess' in Really Simple SSL.");
|
1388 |
-
return;
|
1389 |
-
}
|
1390 |
-
|
1391 |
-
$htaccess = file_get_contents($this->ABSpath.".htaccess");
|
1392 |
-
if(!$this->htaccess_contains_redirect_rules()){
|
1393 |
-
|
1394 |
-
if (!is_writable($this->ABSpath.".htaccess")) {
|
1395 |
-
//set the wp redirect as fallback, because .htaccess couldn't be edited.
|
1396 |
-
if ($this->clicked_activate_ssl()) $this->wp_redirect = true;
|
1397 |
-
if (is_multisite()) {
|
1398 |
-
RSSSL()->rsssl_multisite->wp_redirect = true;
|
1399 |
-
RSSSL()->rsssl_multisite->save_options();
|
1400 |
-
}
|
1401 |
-
$this->save_options();
|
1402 |
-
$this->trace_log(".htaccess not writable.");
|
1403 |
-
return;
|
1404 |
-
}
|
1405 |
|
1406 |
-
|
|
|
|
|
|
|
|
|
1407 |
|
1408 |
-
//
|
1409 |
-
if (
|
1410 |
-
|
1411 |
-
|
1412 |
-
$htaccess = str_replace($wptag, $rules.$wptag, $htaccess);
|
1413 |
-
} else {
|
1414 |
-
$htaccess = $htaccess.$rules;
|
1415 |
-
}
|
1416 |
|
1417 |
-
|
|
|
1418 |
}
|
1419 |
|
1420 |
-
|
|
|
1421 |
|
1422 |
-
if ($this->debug) {$this->trace_log("settings page, or network admin, updating htaccess...");}
|
1423 |
|
1424 |
-
|
1425 |
-
|
1426 |
-
|
1427 |
-
|
|
|
|
|
|
|
|
|
1428 |
|
1429 |
-
$htaccess = preg_replace("/#\s?BEGIN\s?rlrssslReallySimpleSSL.*?#\s?END\s?rlrssslReallySimpleSSL/s", "", $htaccess);
|
1430 |
-
$htaccess = preg_replace("/\n+/","\n", $htaccess);
|
1431 |
|
1432 |
-
|
|
|
|
|
1433 |
|
1434 |
-
|
1435 |
-
$
|
1436 |
-
|
1437 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1438 |
} else {
|
1439 |
-
$
|
|
|
|
|
1440 |
}
|
1441 |
-
|
1442 |
-
|
1443 |
-
}
|
1444 |
-
}
|
1445 |
-
|
1446 |
-
/**
|
1447 |
-
*
|
1448 |
-
* @since 2.2
|
1449 |
-
* Check if the mixed content fixer is functioning on the front end, by scanning the source of the homepage for the fixer comment.
|
1450 |
-
*
|
1451 |
-
*/
|
1452 |
|
1453 |
-
|
1454 |
-
|
1455 |
-
$status = 0;
|
1456 |
-
$web_source = "";
|
1457 |
-
//check if the mixed content fixer is active
|
1458 |
-
$response = wp_remote_get( home_url() );
|
1459 |
-
|
1460 |
-
if( is_array($response) ) {
|
1461 |
-
$status = wp_remote_retrieve_response_code( $response );
|
1462 |
-
$web_source = wp_remote_retrieve_body($response);
|
1463 |
-
}
|
1464 |
-
|
1465 |
-
if ($status!=200 || (strpos($web_source, "data-rsssl=") === false)) {
|
1466 |
-
$this->trace_log("Check for Mixed Content detection failed, http statuscode ".$status);
|
1467 |
-
return false;
|
1468 |
-
} else {
|
1469 |
-
$this->trace_log("Mixed content fixer was successfully detected on the front end.");
|
1470 |
-
return true;
|
1471 |
-
}
|
1472 |
-
}
|
1473 |
-
|
1474 |
-
/**
|
1475 |
-
* Create redirect rules for the .htaccess.
|
1476 |
-
*
|
1477 |
-
* @since 2.1
|
1478 |
-
*
|
1479 |
-
* @access public
|
1480 |
-
*
|
1481 |
-
*/
|
1482 |
-
|
1483 |
-
public function get_redirect_rules($manual=false) {
|
1484 |
-
if (!current_user_can($this->capability)) return;
|
1485 |
-
$this->trace_log("retrieving redirect rules");
|
1486 |
-
//only add the redirect rules when a known type of SSL was detected. Otherwise, we use https.
|
1487 |
-
$rule = "";
|
1488 |
-
|
1489 |
-
//if the htaccess test was successfull, and we know the redirectype, edit
|
1490 |
-
if ($this->htaccess_redirect && ($manual || $this->htaccess_test_success) && $this->ssl_type!="NA") {
|
1491 |
-
$this->trace_log("starting insertion of .htaccess redirects.");
|
1492 |
-
$rule .= "<IfModule mod_rewrite.c>"."\n";
|
1493 |
-
$rule .= "RewriteEngine on"."\n";
|
1494 |
-
|
1495 |
-
// Fetch last array key
|
1496 |
-
//$types = array_keys($this->ssl_type);
|
1497 |
-
|
1498 |
-
//$last_type = array_pop($types);
|
1499 |
-
// reset($this->ssl_type);
|
1500 |
-
// $type = key($this->ssl_type);
|
1501 |
-
//select rewrite condition based on detected type of SSL
|
1502 |
-
//foreach($this->ssl_type as $type => $value) {
|
1503 |
-
$or = "";
|
1504 |
-
//if ($last_type != $type) $or = " [OR] ";
|
1505 |
-
if ($this->ssl_type == "SERVER-HTTPS-ON") {
|
1506 |
-
$rule .= "RewriteCond %{HTTPS} !=on [NC]"."\n";
|
1507 |
-
} elseif ($this->ssl_type == "SERVER-HTTPS-1") {
|
1508 |
-
$rule .= "RewriteCond %{HTTPS} !=1"."\n";
|
1509 |
-
} elseif ($this->ssl_type == "LOADBALANCER") {
|
1510 |
-
$rule .="RewriteCond %{HTTP:X-Forwarded-Proto} !https"."\n";
|
1511 |
-
} elseif ($this->ssl_type == "CLOUDFLARE") {
|
1512 |
-
$rule .= "RewriteCond %{HTTP:CF-Visitor} '".'"scheme":"http"'."'"."\n";//some concatenation to get the quotes right.
|
1513 |
-
} elseif ($this->ssl_type == "SERVERPORT443") {
|
1514 |
-
$rule .= "RewriteCond %{SERVER_PORT} !443"."\n";
|
1515 |
-
} elseif ($this->ssl_type == "CLOUDFRONT") {
|
1516 |
-
$rule .="RewriteCond %{HTTP:CloudFront-Forwarded-Proto} !https"."\n";
|
1517 |
-
} elseif ($this->ssl_type == "CDN") {
|
1518 |
-
$rule .= "RewriteCond %{HTTP:X-Forwarded-SSL} !on"."\n";
|
1519 |
-
} elseif ($type == "ENVHTTPS") {
|
1520 |
-
$rule .= "RewriteCond %{ENV:HTTPS} !=on"."\n";
|
1521 |
-
}
|
1522 |
-
//}
|
1523 |
-
|
1524 |
-
//if multisite, and NOT subfolder install (checked for in the detec_config function)
|
1525 |
-
//, add a condition so it only applies to sites where plugin is activated
|
1526 |
-
if (is_multisite() && !RSSSL()->rsssl_multisite->ssl_enabled_networkwide) {
|
1527 |
-
$this->trace_log("multisite, per site activation");
|
1528 |
|
1529 |
-
foreach ($this->sites as $domain ) {
|
1530 |
-
$this->trace_log("adding condition for:".$domain);
|
1531 |
|
1532 |
-
|
1533 |
-
|
1534 |
-
|
|
|
|
|
|
|
|
|
|
|
1535 |
|
1536 |
-
|
1537 |
-
|
|
|
1538 |
|
1539 |
-
|
1540 |
-
|
1541 |
-
|
1542 |
-
$rule .= "#end wpmu rewritecond ".$domain."\n";
|
1543 |
-
}
|
1544 |
|
1545 |
-
|
1546 |
-
|
1547 |
-
|
1548 |
-
|
1549 |
-
} else {
|
1550 |
-
if ($this->debug) {$this->trace_log("single site or networkwide activation");}
|
1551 |
}
|
1552 |
|
1553 |
-
//
|
1554 |
-
if(
|
1555 |
-
|
|
|
|
|
1556 |
}
|
1557 |
|
1558 |
-
|
1559 |
|
1560 |
-
|
1561 |
-
|
|
|
|
|
|
|
|
|
|
|
1562 |
|
1563 |
-
|
1564 |
-
|
1565 |
-
|
|
|
1566 |
|
1567 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
1568 |
|
1569 |
-
|
1570 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1571 |
}
|
1572 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1573 |
|
|
|
|
|
|
|
|
|
|
|
1574 |
|
1575 |
-
|
1576 |
-
|
1577 |
-
|
1578 |
-
* @since 2.2
|
1579 |
-
*
|
1580 |
-
*/
|
1581 |
|
1582 |
-
|
1583 |
-
|
1584 |
-
|
|
|
1585 |
|
1586 |
-
|
1587 |
-
|
1588 |
-
<?php echo __("A definition of a siteurl or homeurl was detected in your wp-config.php, but the file is not writable.","really-simple-ssl");?>
|
1589 |
-
</p>
|
1590 |
-
<p><?php echo __("Set your wp-config.php to writable and reload this page.", "really-simple-ssl");?></p>
|
1591 |
-
<?php }
|
1592 |
-
if ($this->do_wpconfig_loadbalancer_fix) { ?>
|
1593 |
-
<p><?php echo __("Your wp-config.php has to be edited, but is not writable.","really-simple-ssl");?></p>
|
1594 |
-
<p><?php echo __("Because your site is behind a loadbalancer and is_ssl() returns false, you should add the following line of code to your wp-config.php.","really-simple-ssl");?>
|
1595 |
|
1596 |
-
|
1597 |
-
|
1598 |
-
|
1599 |
-
|
1600 |
-
|
1601 |
-
$_SERVER[ "HTTPS" ] = "on";<br>
|
1602 |
-
break;<br>
|
1603 |
-
}<br>
|
1604 |
-
}<br>
|
1605 |
-
//END Really Simple SSL
|
1606 |
-
</code><br>
|
1607 |
-
</p>
|
1608 |
-
<p><?php echo __("Or set your wp-config.php to writable and reload this page.", "really-simple-ssl");?></p>
|
1609 |
-
<?php
|
1610 |
-
}
|
1611 |
|
1612 |
-
|
1613 |
-
?>
|
1614 |
-
<p><?php echo __('Because your server does not pass a variable with which WordPress can detect SSL, WordPress may create redirect loops on SSL.','really-simple-ssl');?></p>
|
1615 |
-
<p><?php echo __("Set your wp-config.php to writable and reload this page.", "really-simple-ssl");?></p>
|
1616 |
-
<?php
|
1617 |
-
}
|
1618 |
-
?>
|
1619 |
|
1620 |
-
|
1621 |
-
<?php
|
1622 |
-
}
|
1623 |
|
1624 |
|
1625 |
-
|
1626 |
-
* Show notices
|
1627 |
-
*
|
1628 |
-
* @since 2.0
|
1629 |
-
*
|
1630 |
-
* @access public
|
1631 |
-
*
|
1632 |
-
*/
|
1633 |
|
1634 |
-
|
1635 |
-
|
1636 |
-
|
1637 |
-
|
1638 |
-
|
|
|
|
|
|
|
1639 |
|
1640 |
-
|
1641 |
-
|
1642 |
?>
|
1643 |
-
<
|
1644 |
-
<p>
|
1645 |
-
<?php echo __("You do not have a 301 redirect to https active in the settings. For SEO purposes it is advised to use 301 redirects. You can enable a 301 redirect in the settings.","really-simple-ssl");?>
|
1646 |
-
<a href="options-general.php?page=rlrsssl_really_simple_ssl"><?php echo __("View settings page","really-simple-ssl");?></a>
|
1647 |
-
</p>
|
1648 |
-
</div>
|
1649 |
<?php
|
1650 |
-
|
1651 |
-
|
1652 |
-
if (isset($this->errors["DEACTIVATE_FILE_NOT_RENAMED"])) {
|
1653 |
-
?>
|
1654 |
-
<div id="message" class="error fade notice is-dismissible rlrsssl-fail">
|
1655 |
-
<h1>
|
1656 |
-
<?php _e("Major security issue!","really-simple-ssl");?>
|
1657 |
-
</h1>
|
1658 |
-
<p>
|
1659 |
-
<?php _e("The 'force-deactivate.php' file has to be renamed to .txt. Otherwise your ssl can be deactived by anyone on the internet.","really-simple-ssl");?>
|
1660 |
-
</p>
|
1661 |
-
<a href="options-general.php?page=rlrsssl_really_simple_ssl"><?php echo __("Check again","really-simple-ssl");?></a>
|
1662 |
-
</div>
|
1663 |
-
<?php
|
1664 |
-
}
|
1665 |
-
|
1666 |
-
if (is_multisite() && !is_main_site(get_current_blog_id())) return;
|
1667 |
-
/*
|
1668 |
-
SSL success message
|
1669 |
-
*/
|
1670 |
|
1671 |
-
|
1672 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
1673 |
|
1674 |
-
|
1675 |
-
|
1676 |
-
|
1677 |
-
|
1678 |
-
|
1679 |
-
|
1680 |
-
|
1681 |
-
|
1682 |
-
|
1683 |
-
|
1684 |
-
|
1685 |
-
|
1686 |
-
|
1687 |
-
|
1688 |
-
|
1689 |
-
|
1690 |
-
if (isset($this->plugin_conflict["WOOCOMMERCE_FORCEHTTP"]) && $this->plugin_conflict["WOOCOMMERCE_FORCEHTTP"] && isset($this->plugin_conflict["WOOCOMMERCE_FORCESSL"]) && $this->plugin_conflict["WOOCOMMERCE_FORCESSL"]) {
|
1691 |
-
?>
|
1692 |
-
<div id="message" class="error fade notice"><p>
|
1693 |
-
<?php _e("Really Simple SSL has a conflict with another plugin.","really-simple-ssl");?><br>
|
1694 |
-
<?php _e("The force http after leaving checkout in WooCommerce will create a redirect loop.","really-simple-ssl");?><br>
|
1695 |
-
<a href="admin.php?page=wc-settings&tab=checkout"><?php _e("Show me this setting","really-simple-ssl");?></a>
|
1696 |
-
</p></div>
|
1697 |
-
<?php
|
1698 |
-
}
|
1699 |
-
}
|
1700 |
-
}
|
1701 |
-
}
|
1702 |
-
|
1703 |
-
/**
|
1704 |
-
* Insert some ajax script to dismiss the SSL success message, and stop nagging about it
|
1705 |
-
*
|
1706 |
-
* @since 2.0
|
1707 |
-
*
|
1708 |
-
* @access public
|
1709 |
-
*
|
1710 |
-
*/
|
1711 |
-
|
1712 |
-
public function insert_dismiss_success() {
|
1713 |
-
$ajax_nonce = wp_create_nonce( "really-simple-ssl-dismiss" );
|
1714 |
-
?>
|
1715 |
-
<script type='text/javascript'>
|
1716 |
-
jQuery(document).ready(function($) {
|
1717 |
-
$(".rlrsssl-success.notice.is-dismissible").on("click", ".notice-dismiss", function(event){
|
1718 |
-
var data = {
|
1719 |
-
'action': 'dismiss_success_message',
|
1720 |
-
'security': '<?php echo $ajax_nonce; ?>'
|
1721 |
-
};
|
1722 |
-
|
1723 |
-
$.post(ajaxurl, data, function(response) {
|
1724 |
|
1725 |
-
|
1726 |
-
|
1727 |
-
|
1728 |
-
|
1729 |
-
|
1730 |
-
}
|
1731 |
-
/**
|
1732 |
-
* Insert some ajax script to dismis the htaccess failed fail message, and stop nagging about it
|
1733 |
-
*
|
1734 |
-
* @since 2.0
|
1735 |
-
*
|
1736 |
-
* @access public
|
1737 |
-
*
|
1738 |
-
*/
|
1739 |
-
|
1740 |
-
public function insert_dismiss_htaccess() {
|
1741 |
-
$ajax_nonce = wp_create_nonce( "really-simple-ssl" );
|
1742 |
-
?>
|
1743 |
-
<script type='text/javascript'>
|
1744 |
-
jQuery(document).ready(function($) {
|
1745 |
-
$(".rlrsssl-htaccess.notice.is-dismissible").on("click", ".notice-dismiss", function(event){
|
1746 |
-
var data = {
|
1747 |
-
'action': 'dismiss_htaccess_warning',
|
1748 |
-
'security': '<?php echo $ajax_nonce; ?>'
|
1749 |
-
};
|
1750 |
-
$.post(ajaxurl, data, function(response) {
|
1751 |
-
|
1752 |
-
});
|
1753 |
-
});
|
1754 |
-
});
|
1755 |
-
</script>
|
1756 |
-
<?php
|
1757 |
-
}
|
1758 |
-
|
1759 |
-
/**
|
1760 |
-
* Process the ajax dismissal of the success message.
|
1761 |
-
*
|
1762 |
-
* @since 2.0
|
1763 |
-
*
|
1764 |
-
* @access public
|
1765 |
-
*
|
1766 |
-
*/
|
1767 |
-
|
1768 |
-
public function dismiss_success_message_callback() {
|
1769 |
-
//nonce check fails if url is changed to SSL.
|
1770 |
-
//check_ajax_referer( 'really-simple-ssl-dismiss', 'security' );
|
1771 |
-
$this->ssl_success_message_shown = TRUE;
|
1772 |
-
$this->save_options();
|
1773 |
-
wp_die();
|
1774 |
-
}
|
1775 |
-
|
1776 |
-
/**
|
1777 |
-
* Process the ajax dismissal of the htaccess message.
|
1778 |
-
*
|
1779 |
-
* @since 2.1
|
1780 |
-
*
|
1781 |
-
* @access public
|
1782 |
-
*
|
1783 |
-
*/
|
1784 |
-
|
1785 |
-
public function dismiss_htaccess_warning_callback() {
|
1786 |
-
check_ajax_referer( 'really-simple-ssl', 'security' );
|
1787 |
-
$this->htaccess_warning_shown = TRUE;
|
1788 |
-
$this->save_options();
|
1789 |
-
wp_die(); // this is required to terminate immediately and return a proper response
|
1790 |
-
}
|
1791 |
-
|
1792 |
-
|
1793 |
-
/**
|
1794 |
-
* Adds the admin options page
|
1795 |
-
*
|
1796 |
-
* @since 2.0
|
1797 |
-
*
|
1798 |
-
* @access public
|
1799 |
-
*
|
1800 |
-
*/
|
1801 |
-
|
1802 |
-
public function add_settings_page() {
|
1803 |
-
if (!current_user_can($this->capability)) return;
|
1804 |
-
//hides the settings page if the hide menu for subsites setting is enabled
|
1805 |
-
if(is_multisite() && rsssl_multisite::this()->hide_menu_for_subsites) return;
|
1806 |
-
|
1807 |
-
global $rsssl_admin_page;
|
1808 |
-
$rsssl_admin_page = add_options_page(
|
1809 |
-
__("SSL settings","really-simple-ssl"), //link title
|
1810 |
-
__("SSL","really-simple-ssl"), //page title
|
1811 |
-
$this->capability, //capability
|
1812 |
-
'rlrsssl_really_simple_ssl', //url
|
1813 |
-
array($this,'settings_page')); //function
|
1814 |
-
|
1815 |
-
// Adds my_help_tab when my_admin_page loads
|
1816 |
-
add_action('load-'.$rsssl_admin_page, array($this,'admin_add_help_tab'));
|
1817 |
-
|
1818 |
-
}
|
1819 |
-
|
1820 |
-
/**
|
1821 |
-
* Admin help tab
|
1822 |
-
*
|
1823 |
-
* @since 2.0
|
1824 |
-
*
|
1825 |
-
* @access public
|
1826 |
-
*
|
1827 |
-
*/
|
1828 |
-
|
1829 |
-
public function admin_add_help_tab() {
|
1830 |
-
$screen = get_current_screen();
|
1831 |
-
// Add my_help_tab if current screen is My Admin Page
|
1832 |
-
$screen->add_help_tab( array(
|
1833 |
-
'id' => "really-simple-ssl-documentation",
|
1834 |
-
'title' => __("Documentation","really-simple-ssl"),
|
1835 |
-
'content' => '<p>' . __("On <a href='https://really-simple-ssl.com'>really-simple-ssl.com</a> you can find a lot of articles and documentation about installing this plugin, and installing SSL in general.","really-simple-ssl") . '</p>',
|
1836 |
-
) );
|
1837 |
-
}
|
1838 |
-
|
1839 |
-
/**
|
1840 |
-
* Create tabs on the settings page
|
1841 |
-
*
|
1842 |
-
* @since 2.1
|
1843 |
-
*
|
1844 |
-
* @access public
|
1845 |
-
*
|
1846 |
-
*/
|
1847 |
-
|
1848 |
-
public function admin_tabs( $current = 'homepage' ) {
|
1849 |
-
$tabs = array(
|
1850 |
-
'configuration' => __("Configuration","really-simple-ssl"),
|
1851 |
-
'settings'=>__("Settings","really-simple-ssl"),
|
1852 |
-
'debug' => __("Debug","really-simple-ssl")
|
1853 |
-
);
|
1854 |
-
|
1855 |
-
$tabs = apply_filters("rsssl_tabs", $tabs);
|
1856 |
-
|
1857 |
-
echo '<h2 class="nav-tab-wrapper">';
|
1858 |
-
|
1859 |
-
foreach( $tabs as $tab => $name ){
|
1860 |
-
$class = ( $tab == $current ) ? ' nav-tab-active' : '';
|
1861 |
-
echo "<a class='nav-tab$class' href='?page=rlrsssl_really_simple_ssl&tab=$tab'>$name</a>";
|
1862 |
-
}
|
1863 |
-
echo '</h2>';
|
1864 |
-
}
|
1865 |
-
|
1866 |
-
/**
|
1867 |
-
* Build the settings page
|
1868 |
-
*
|
1869 |
-
* @since 2.0
|
1870 |
-
*
|
1871 |
-
* @access public
|
1872 |
-
*
|
1873 |
-
*/
|
1874 |
-
|
1875 |
-
public function settings_page() {
|
1876 |
-
if (!current_user_can($this->capability)) return;
|
1877 |
-
|
1878 |
-
if ( isset ( $_GET['tab'] ) ) $this->admin_tabs($_GET['tab']); else $this->admin_tabs('configuration');
|
1879 |
-
if ( isset ( $_GET['tab'] ) ) $tab = $_GET['tab']; else $tab = 'configuration';
|
1880 |
-
|
1881 |
-
?><div class="rsssl-container"><div class="rsssl-main"><?php
|
1882 |
-
|
1883 |
-
switch ( $tab ){
|
1884 |
-
case 'configuration' :
|
1885 |
-
/*
|
1886 |
-
First tab, configuration
|
1887 |
-
*/
|
1888 |
-
?>
|
1889 |
-
<h2><?php echo __("Detected setup","really-simple-ssl");?></h2>
|
1890 |
-
<table class="really-simple-ssl-table">
|
1891 |
-
|
1892 |
-
<?php if ($this->site_has_ssl) { ?>
|
1893 |
-
<tr>
|
1894 |
-
<td><?php echo $this->ssl_enabled ? $this->img("success") : $this->img("error");?></td>
|
1895 |
-
<td><?php
|
1896 |
-
if ($this->ssl_enabled) {
|
1897 |
-
_e("SSL is enabled on your site.","really-simple-ssl")." ";
|
1898 |
-
} else {
|
1899 |
-
_e("SSL is not enabled yet","really-simple-ssl")." ";
|
1900 |
-
$this->show_enable_ssl_button();
|
1901 |
-
}
|
1902 |
-
?>
|
1903 |
-
</td><td></td>
|
1904 |
-
</tr>
|
1905 |
-
<?php }
|
1906 |
|
1907 |
-
|
1908 |
-
|
1909 |
-
|
1910 |
-
|
1911 |
-
|
1912 |
-
<td><?php echo $mixed_content_fixer_detected ? $this->img("success") : $this->img("error");?></td>
|
1913 |
-
<td><?php
|
1914 |
-
if ($mixed_content_fixer_detected) {
|
1915 |
-
_e("Mixed content fixer was successfully detected on the front-end","really-simple-ssl")." ";
|
1916 |
-
} else {
|
1917 |
-
_e('The mixed content fixer is active, but was not detected on the frontpage. Please follow these steps to check if the mixed content fixer is working.',"really-simple-ssl").": ";
|
1918 |
-
echo ' <a target="_blank" href="https://www.really-simple-ssl.com/knowledge-base/how-to-check-if-the-mixed-content-fixer-is-active/">';
|
1919 |
-
_e('Instructions', 'really-simple-ssl');
|
1920 |
-
echo '</a>';
|
1921 |
-
}
|
1922 |
-
?>
|
1923 |
-
</td><td></td>
|
1924 |
-
</tr>
|
1925 |
-
<?php } ?>
|
1926 |
-
<tr>
|
1927 |
-
<td><?php echo ($this->site_has_ssl && $this->wpconfig_ok()) ? $this->img("success") : $this->img("error");?></td>
|
1928 |
-
<td><?php
|
1929 |
-
if ( !$this->wpconfig_ok()) {
|
1930 |
-
_e("Failed activating SSL","really-simple-ssl")." ";
|
1931 |
-
} elseif (!$this->site_has_ssl) {
|
1932 |
-
_e("No SSL detected.","really-simple-ssl")." ";
|
1933 |
-
} else {
|
1934 |
-
_e("An SSL certificate was detected on your site. ","really-simple-ssl");
|
1935 |
-
}
|
1936 |
-
?>
|
1937 |
-
</td><td></td>
|
1938 |
-
</tr>
|
1939 |
-
<?php if($this->ssl_enabled) { ?>
|
1940 |
-
<tr>
|
1941 |
-
<td>
|
1942 |
-
<?php echo ($this->has_301_redirect()) ? $this->img("success") :$this->img("warning");?>
|
1943 |
-
</td>
|
1944 |
-
<td>
|
1945 |
-
<?php
|
1946 |
|
1947 |
-
|
1948 |
-
|
1949 |
-
|
1950 |
-
|
1951 |
-
|
1952 |
-
if (RSSSL()->rsssl_server->uses_htaccess() && $this->htaccess_contains_redirect_rules() && $this->wp_redirect)
|
1953 |
-
echo " " . __("and", "really-simple-ssl") . " ";
|
1954 |
-
|
1955 |
-
if ($this->wp_redirect)
|
1956 |
-
_e("WordPress redirect","really-simple-ssl");
|
1957 |
-
|
1958 |
-
} elseif (RSSSL()->rsssl_server->uses_htaccess() && (!is_multisite() || !RSSSL()->rsssl_multisite->is_per_site_activated_multisite_subfolder_install())) {
|
1959 |
-
if (is_writable($this->ABSpath.".htaccess")) {
|
1960 |
-
_e("Enable a .htaccess redirect or WordPress redirect in the settings to create a 301 redirect.","really-simple-ssl");
|
1961 |
-
} elseif (!is_writable($this->ABSpath.".htaccess")) {
|
1962 |
-
_e(".htaccess is not writable. Set 301 WordPress redirect, or set the .htaccess manually if you want to redirect in .htaccess.","really-simple-ssl");
|
1963 |
-
} else {
|
1964 |
-
_e("Https redirect cannot be set in the .htaccess. Set the .htaccess redirect manually or enable WordPress redirect in the settings.","really-simple-ssl");
|
1965 |
-
}
|
1966 |
-
} else {
|
1967 |
-
_e("No 301 redirect is set. Enable the WordPress 301 redirect in the settings to get a 301 permanent redirect.","really-simple-ssl");
|
1968 |
-
}
|
1969 |
-
?>
|
1970 |
-
</td><td></td>
|
1971 |
-
</tr>
|
1972 |
|
1973 |
-
|
1974 |
-
|
1975 |
-
|
|
|
|
|
|
|
1976 |
|
1977 |
-
|
1978 |
-
|
1979 |
-
|
1980 |
-
|
1981 |
-
|
1982 |
-
/*
|
1983 |
-
Second tab, Settings
|
1984 |
-
*/
|
1985 |
|
1986 |
-
|
1987 |
-
|
1988 |
-
|
1989 |
-
|
1990 |
-
|
1991 |
-
|
|
|
|
|
|
|
|
|
|
|
1992 |
|
1993 |
-
|
1994 |
-
|
1995 |
-
<?php
|
1996 |
-
break;
|
1997 |
|
1998 |
-
|
1999 |
-
|
2000 |
-
|
2001 |
-
|
2002 |
-
|
2003 |
-
|
2004 |
-
|
2005 |
-
|
2006 |
-
|
2007 |
-
|
2008 |
-
|
2009 |
-
|
2010 |
-
echo "
|
2011 |
-
|
2012 |
-
|
2013 |
-
|
2014 |
-
|
2015 |
-
|
2016 |
-
|
2017 |
-
|
2018 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2019 |
}
|
2020 |
|
2021 |
-
echo
|
2022 |
-
|
2023 |
-
echo
|
2024 |
-
//$this->debug_log.="<br><b>-----------------------</b>";
|
2025 |
-
$this->debug_log="";
|
2026 |
-
$this->save_options();
|
2027 |
-
}
|
2028 |
-
else {
|
2029 |
-
echo "<br>";
|
2030 |
-
_e("To view results here, enable the debug option in the settings tab.","really-simple-ssl");
|
2031 |
-
}
|
2032 |
-
|
2033 |
-
?>
|
2034 |
-
</div>
|
2035 |
-
<?php
|
2036 |
-
break;
|
2037 |
-
}
|
2038 |
-
//possibility to hook into the tabs.
|
2039 |
-
do_action("show_tab_{$tab}");
|
2040 |
-
?>
|
2041 |
-
</div><!-- end main-->
|
2042 |
-
<div class="rsssl-sidebar">
|
2043 |
-
<div class="rsssl-wrapper">
|
2044 |
-
|
2045 |
-
</div>
|
2046 |
-
</div>
|
2047 |
-
</div><!-- end container -->
|
2048 |
-
<?php
|
2049 |
-
}
|
2050 |
-
|
2051 |
-
/**
|
2052 |
-
* Returns a success, error or warning image for the settings page
|
2053 |
-
*
|
2054 |
-
* @since 2.0
|
2055 |
-
*
|
2056 |
-
* @access public
|
2057 |
-
*
|
2058 |
-
* @param string $type the type of image
|
2059 |
-
*
|
2060 |
-
* @return html string
|
2061 |
-
*/
|
2062 |
-
|
2063 |
-
public function img($type) {
|
2064 |
-
if ($type=='success') {
|
2065 |
-
return "<img class='rsssl-icons' src='" . trailingslashit(rsssl_url) . "img/check-icon.png' alt='success'>";
|
2066 |
-
} elseif ($type=="error") {
|
2067 |
-
return "<img class='rsssl-icons' src='". trailingslashit(rsssl_url) . "img/cross-icon.png' alt='error'>";
|
2068 |
-
} else {
|
2069 |
-
return "<img class='rsssl-icons' src='". trailingslashit(rsssl_url) ."img/warning-icon.png' alt='warning'>";
|
2070 |
-
}
|
2071 |
-
}
|
2072 |
-
|
2073 |
-
/**
|
2074 |
-
* Add some css for the settings page
|
2075 |
-
*
|
2076 |
-
* @since 2.0
|
2077 |
-
*
|
2078 |
-
* @access public
|
2079 |
-
*
|
2080 |
-
*/
|
2081 |
-
|
2082 |
-
public function enqueue_assets($hook){
|
2083 |
-
global $rsssl_admin_page;
|
2084 |
-
//prevent from loading on other pages than settings page.
|
2085 |
-
if( (!is_network_admin() && ($hook != $rsssl_admin_page)) && $this->ssl_enabled )
|
2086 |
-
return;
|
2087 |
-
|
2088 |
-
wp_register_style( 'rlrsssl-css', trailingslashit(rsssl_url) . 'css/main.css', "", rsssl_version);
|
2089 |
-
wp_enqueue_style( 'rlrsssl-css');
|
2090 |
-
}
|
2091 |
-
|
2092 |
-
|
2093 |
-
|
2094 |
-
/*
|
2095 |
|
2096 |
-
|
2097 |
|
2098 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2099 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2100 |
|
2101 |
-
public function configuration_page_more(){
|
2102 |
-
?>
|
2103 |
-
<table>
|
2104 |
-
<tr>
|
2105 |
-
<td>
|
2106 |
-
<?php echo $this->contains_hsts() ? $this->img("success") :$this->img("warning");?>
|
2107 |
-
</td>
|
2108 |
-
<td>
|
2109 |
-
<?php
|
2110 |
-
if($this->contains_hsts()) {
|
2111 |
-
_e("HTTP Strict Transport Security was enabled","really-simple-ssl");
|
2112 |
-
} else {
|
2113 |
-
|
2114 |
-
$wiki_open = '<a href="https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security" target="_blank">';
|
2115 |
-
$link_open = '<a target="_blank" href="'.$this->pro_url.'">';
|
2116 |
-
$link_close = '</a>';
|
2117 |
-
|
2118 |
-
printf( __('%sHTTP Strict Transport Security%s is not enabled.',"really-simple-ssl"), $wiki_open, $link_close);
|
2119 |
-
echo " ";
|
2120 |
-
printf(__("To enable, %sget Premium%s ","really-simple-ssl"), $link_open, $link_close);
|
2121 |
-
}
|
2122 |
-
?>
|
2123 |
-
</td><td></td>
|
2124 |
-
</tr>
|
2125 |
-
<tr>
|
2126 |
-
|
2127 |
-
<td><?php echo ($this->contains_secure_cookie_settings()) ? $this->img("success") : $this->img("warning");?></td>
|
2128 |
-
<td><?php
|
2129 |
-
if ($this->contains_secure_cookie_settings()) {
|
2130 |
-
_e("Secure cookies set","really-simple-ssl")." ";
|
2131 |
-
} else {
|
2132 |
-
|
2133 |
-
$link_open = '<a target="_blank" href="'.$this->pro_url.'">';
|
2134 |
-
$link_close = '</a>';
|
2135 |
-
|
2136 |
-
_e('Secure cookie settings not enabled.',"really-simple-ssl");
|
2137 |
-
echo " ";
|
2138 |
-
printf(__("To enable, %sget Premium%s ","really-simple-ssl"), $link_open, $link_close);
|
2139 |
-
}
|
2140 |
?>
|
2141 |
-
|
2142 |
-
|
2143 |
-
|
2144 |
-
|
2145 |
-
|
2146 |
-
|
2147 |
-
|
2148 |
-
|
2149 |
-
|
2150 |
-
|
2151 |
-
|
2152 |
-
|
2153 |
-
|
2154 |
-
|
2155 |
-
|
2156 |
-
|
2157 |
-
|
2158 |
-
|
2159 |
-
|
2160 |
-
|
2161 |
-
|
2162 |
-
|
2163 |
-
* Create the settings page form
|
2164 |
-
*
|
2165 |
-
* @since 2.0
|
2166 |
-
*
|
2167 |
-
* @access public
|
2168 |
-
*
|
2169 |
-
*/
|
2170 |
-
|
2171 |
-
public function create_form(){
|
2172 |
-
register_setting( 'rlrsssl_options', 'rlrsssl_options', array($this,'options_validate') );
|
2173 |
-
add_settings_section('rlrsssl_settings', __("Settings","really-simple-ssl"), array($this,'section_text'), 'rlrsssl');
|
2174 |
-
add_settings_field('id_autoreplace_insecure_links', __("Auto replace mixed content","really-simple-ssl"), array($this,'get_option_autoreplace_insecure_links'), 'rlrsssl', 'rlrsssl_settings');
|
2175 |
-
|
2176 |
-
//only show option to enable or disable mixed content and redirect when SSL is detected
|
2177 |
-
if($this->ssl_enabled) {
|
2178 |
-
add_settings_field('id_wp_redirect', __("Enable WordPress 301 redirection to SSL","really-simple-ssl"), array($this,'get_option_wp_redirect'), 'rlrsssl', 'rlrsssl_settings');
|
2179 |
-
|
2180 |
-
//when enabled networkwide, it's handled on the network settings page
|
2181 |
-
if (RSSSL()->rsssl_server->uses_htaccess() && (!is_multisite() || !RSSSL()->rsssl_multisite->ssl_enabled_networkwide)) {
|
2182 |
-
add_settings_field('id_htaccess_redirect', __("Enable 301 .htaccess redirect","really-simple-ssl"), array($this,'get_option_htaccess_redirect'), 'rlrsssl', 'rlrsssl_settings');
|
2183 |
-
}
|
2184 |
-
|
2185 |
-
add_settings_field('id_javascript_redirect', __("Enable Javascript redirection to SSL","really-simple-ssl"), array($this,'get_option_javascript_redirect'), 'rlrsssl', 'rlrsssl_settings');
|
2186 |
-
}
|
2187 |
-
|
2188 |
-
add_settings_field('id_debug', __("Debug","really-simple-ssl"), array($this,'get_option_debug'), 'rlrsssl', 'rlrsssl_settings');
|
2189 |
-
//on multisite this setting can only be set networkwide
|
2190 |
-
if (RSSSL()->rsssl_server->uses_htaccess() && !is_multisite()) {
|
2191 |
-
add_settings_field('id_do_not_edit_htaccess', __("Stop editing the .htaccess file","really-simple-ssl"), array($this,'get_option_do_not_edit_htaccess'), 'rlrsssl', 'rlrsssl_settings');
|
2192 |
-
}
|
2193 |
-
|
2194 |
-
add_settings_field('id_switch_mixed_content_fixer_hook', __("Switch mixed content fixer hook","really-simple-ssl"), array($this,'get_option_switch_mixed_content_fixer_hook'), 'rlrsssl', 'rlrsssl_settings');
|
2195 |
-
|
2196 |
-
}
|
2197 |
-
/**
|
2198 |
-
* Insert some explanation above the form
|
2199 |
-
*
|
2200 |
-
* @since 2.0
|
2201 |
-
*
|
2202 |
-
* @access public
|
2203 |
-
*
|
2204 |
-
*/
|
2205 |
-
|
2206 |
-
public function section_text() {
|
2207 |
-
?>
|
2208 |
-
<p><?php _e('Settings to optimize your SSL configuration','really-simple-ssl');?></p>
|
2209 |
-
<?php
|
2210 |
-
}
|
2211 |
-
|
2212 |
-
/**
|
2213 |
-
* Check the posted values in the settings page for validity
|
2214 |
-
*
|
2215 |
-
* @since 2.0
|
2216 |
-
*
|
2217 |
-
* @access public
|
2218 |
-
*
|
2219 |
-
*/
|
2220 |
-
|
2221 |
-
public function options_validate($input) {
|
2222 |
-
//fill array with current values, so we don't lose any
|
2223 |
-
$newinput = array();
|
2224 |
-
$newinput['site_has_ssl'] = $this->site_has_ssl;
|
2225 |
-
$newinput['ssl_success_message_shown'] = $this->ssl_success_message_shown;
|
2226 |
-
$newinput['htaccess_warning_shown'] = $this->htaccess_warning_shown;
|
2227 |
-
$newinput['plugin_db_version'] = $this->plugin_db_version;
|
2228 |
-
$newinput['ssl_enabled'] = $this->ssl_enabled;
|
2229 |
-
$newinput['debug_log'] = $this->debug_log;
|
2230 |
-
|
2231 |
-
if (!empty($input['hsts']) && $input['hsts']=='1') {
|
2232 |
-
$newinput['hsts'] = TRUE;
|
2233 |
-
} else {
|
2234 |
-
$newinput['hsts'] = FALSE;
|
2235 |
-
}
|
2236 |
-
|
2237 |
-
if (!empty($input['javascript_redirect']) && $input['javascript_redirect']=='1') {
|
2238 |
-
$newinput['javascript_redirect'] = TRUE;
|
2239 |
-
} else {
|
2240 |
-
$newinput['javascript_redirect'] = FALSE;
|
2241 |
-
}
|
2242 |
-
|
2243 |
-
if (!empty($input['wp_redirect']) && $input['wp_redirect']=='1') {
|
2244 |
-
$newinput['wp_redirect'] = TRUE;
|
2245 |
-
} else {
|
2246 |
-
$newinput['wp_redirect'] = FALSE;
|
2247 |
-
}
|
2248 |
-
|
2249 |
-
if (!empty($input['autoreplace_insecure_links']) && $input['autoreplace_insecure_links']=='1') {
|
2250 |
-
$newinput['autoreplace_insecure_links'] = TRUE;
|
2251 |
-
} else {
|
2252 |
-
$newinput['autoreplace_insecure_links'] = FALSE;
|
2253 |
-
}
|
2254 |
-
|
2255 |
-
if (!empty($input['debug']) && $input['debug']=='1') {
|
2256 |
-
$newinput['debug'] = TRUE;
|
2257 |
-
} else {
|
2258 |
-
$newinput['debug'] = FALSE;
|
2259 |
-
$this->debug_log = "";
|
2260 |
-
}
|
2261 |
-
|
2262 |
-
if (!empty($input['do_not_edit_htaccess']) && $input['do_not_edit_htaccess']=='1') {
|
2263 |
-
$newinput['do_not_edit_htaccess'] = TRUE;
|
2264 |
-
} else {
|
2265 |
-
$newinput['do_not_edit_htaccess'] = FALSE;
|
2266 |
-
}
|
2267 |
-
|
2268 |
-
if (!empty($input['switch_mixed_content_fixer_hook']) && $input['switch_mixed_content_fixer_hook']=='1') {
|
2269 |
-
$newinput['switch_mixed_content_fixer_hook'] = TRUE;
|
2270 |
-
} else {
|
2271 |
-
$newinput['switch_mixed_content_fixer_hook'] = FALSE;
|
2272 |
-
}
|
2273 |
-
|
2274 |
-
if (!empty($input['htaccess_redirect']) && $input['htaccess_redirect']=='1') {
|
2275 |
-
$newinput['htaccess_redirect'] = TRUE;
|
2276 |
-
} else {
|
2277 |
-
$newinput['htaccess_redirect'] = FALSE;
|
2278 |
-
}
|
2279 |
-
|
2280 |
-
return $newinput;
|
2281 |
-
}
|
2282 |
-
|
2283 |
-
/**
|
2284 |
-
* Insert option into settings form
|
2285 |
-
* deprecated
|
2286 |
-
* @since 2.0
|
2287 |
-
*
|
2288 |
-
* @access public
|
2289 |
-
*
|
2290 |
-
*/
|
2291 |
-
|
2292 |
-
public function get_option_debug() {
|
2293 |
-
$options = get_option('rlrsssl_options');
|
2294 |
-
echo '<input id="rlrsssl_options" name="rlrsssl_options[debug]" size="40" type="checkbox" value="1"' . checked( 1, $this->debug, false ) ." />";
|
2295 |
-
RSSSL()->rsssl_help->get_help_tip(__("Enable this option to get debug info in the debug tab.", "really-simple-ssl"));
|
2296 |
-
|
2297 |
-
}
|
2298 |
-
|
2299 |
-
/**
|
2300 |
-
* Insert option into settings form
|
2301 |
-
* @since 2.2
|
2302 |
-
*
|
2303 |
-
* @access public
|
2304 |
-
*
|
2305 |
-
*/
|
2306 |
-
|
2307 |
-
public function get_option_javascript_redirect() {
|
2308 |
-
$javascript_redirect = $this->javascript_redirect;
|
2309 |
-
$disabled = "";
|
2310 |
-
$comment = "";
|
2311 |
-
|
2312 |
-
if (is_multisite() && rsssl_multisite::this()->javascript_redirect) {
|
2313 |
-
$disabled = "disabled";
|
2314 |
-
$javascript_redirect = TRUE;
|
2315 |
-
$comment = __( "This option is enabled on the network menu.", "really-simple-ssl" );
|
2316 |
-
}
|
2317 |
-
|
2318 |
-
echo '<input '.$disabled.' id="rlrsssl_options" name="rlrsssl_options[javascript_redirect]" size="40" type="checkbox" value="1"' . checked( 1, $javascript_redirect, false ) ." />";
|
2319 |
-
RSSSL()->rsssl_help->get_help_tip(__("This is a fallback you should only use if other redirection methods do not work.", "really-simple-ssl"));
|
2320 |
-
echo $comment;
|
2321 |
-
|
2322 |
-
}
|
2323 |
-
|
2324 |
-
/**
|
2325 |
-
* Insert option into settings form
|
2326 |
-
* @since 2.5.0
|
2327 |
-
*
|
2328 |
-
* @access public
|
2329 |
-
*
|
2330 |
-
*/
|
2331 |
-
|
2332 |
-
public function get_option_wp_redirect() {
|
2333 |
-
$wp_redirect = $this->wp_redirect;
|
2334 |
-
$disabled = "";
|
2335 |
-
$comment = "";
|
2336 |
-
|
2337 |
-
if (is_multisite() && rsssl_multisite::this()->wp_redirect) {
|
2338 |
-
$disabled = "disabled";
|
2339 |
-
$wp_redirect = TRUE;
|
2340 |
-
$comment = __( "This option is enabled on the network menu.", "really-simple-ssl" );
|
2341 |
-
}
|
2342 |
-
|
2343 |
-
echo '<input '.$disabled.' id="rlrsssl_options" name="rlrsssl_options[wp_redirect]" size="40" type="checkbox" value="1"' . checked( 1, $wp_redirect, false ) ." />";
|
2344 |
-
RSSSL()->rsssl_help->get_help_tip(__("Enable this if you want to use the internal WordPress 301 redirect. Needed on NGINX servers, or if the .htaccess redirect cannot be used.", "really-simple-ssl"));
|
2345 |
-
echo $comment;
|
2346 |
-
|
2347 |
-
}
|
2348 |
-
|
2349 |
-
|
2350 |
-
|
2351 |
-
/**
|
2352 |
-
* Insert option into settings form
|
2353 |
-
* The .htaccess redirect is not shown for multisite sites that are enabled network wide.
|
2354 |
-
*
|
2355 |
-
* @since 2.5.8
|
2356 |
-
*
|
2357 |
-
* @access public
|
2358 |
-
*
|
2359 |
-
*/
|
2360 |
-
|
2361 |
-
public function get_option_htaccess_redirect() {
|
2362 |
-
$options = get_option('rlrsssl_options');
|
2363 |
-
|
2364 |
-
$htaccess_redirect = $this->htaccess_redirect;
|
2365 |
-
$disabled = "";
|
2366 |
-
$comment = "";
|
2367 |
-
|
2368 |
-
//networkwide is not shown, so this only applies to per site activated sites.
|
2369 |
-
if (is_multisite() && RSSSL()->rsssl_multisite->htaccess_redirect) {
|
2370 |
-
$disabled = "disabled";
|
2371 |
-
$htaccess_redirect = TRUE;
|
2372 |
-
$comment = __( "This option is enabled on the network menu.", "really-simple-ssl" );
|
2373 |
-
} else {
|
2374 |
-
$disabled = ($this->do_not_edit_htaccess) ? "disabled" : "";
|
2375 |
-
}
|
2376 |
-
|
2377 |
-
echo '<input '.$disabled.' id="rlrsssl_options" name="rlrsssl_options[htaccess_redirect]" size="40" type="checkbox" value="1"' . checked( 1, $this->htaccess_redirect, false ) ." />";
|
2378 |
-
RSSSL()->rsssl_help->get_help_tip(__("A .htaccess redirect is faster. Really Simple SSL detects the redirect code that is most likely to work (99% of websites), but this is not 100%. Make sure you know how to regain access to your site if anything goes wrong!", "really-simple-ssl"));
|
2379 |
-
echo $comment;
|
2380 |
-
|
2381 |
-
if ($this->htaccess_redirect && (!is_writable($this->ABSpath.".htaccess") || !$this->htaccess_test_success)) {
|
2382 |
-
echo "<br><br>";
|
2383 |
-
if (!is_writable($this->ABSpath.".htaccess")) _e("The .htaccess file is not writable. Add these lines to your .htaccess manually, or set 644 writing permissions", "really-simple-ssl");
|
2384 |
-
if (!$this->htaccess_test_success) _e("The .htaccess redirect rules that were selected by this plugin failed in the test. The following redirect rules were tested:", "really-simple-ssl");
|
2385 |
-
echo "<br><br>";
|
2386 |
-
if ($this->ssl_type!="NA") {
|
2387 |
-
$manual = true;
|
2388 |
-
$rules = $this->get_redirect_rules($manual);
|
2389 |
-
|
2390 |
-
$arr_search = array("<",">","\n");
|
2391 |
-
$arr_replace = array("<",">","<br>");
|
2392 |
-
$rules = str_replace($arr_search, $arr_replace, $rules);
|
2393 |
|
2394 |
?>
|
2395 |
-
|
2396 |
-
<?php echo $
|
2397 |
-
|
2398 |
-
|
2399 |
-
|
2400 |
-
|
2401 |
-
|
2402 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2403 |
|
2404 |
-
//on multisite, the .htaccess do not edit option is not available
|
2405 |
-
if (!is_multisite()) {
|
2406 |
-
if ($this->do_not_edit_htaccess) {
|
2407 |
-
_e("If the setting 'do not edit htaccess' is enabled, you can't change this setting.","really-simple-ssl");
|
2408 |
-
} elseif (!$this->htaccess_redirect) {
|
2409 |
-
$link_start = '<a target="_blank" href="https://really-simple-ssl.com/knowledge-base/remove-htaccess-redirect-site-lockout/">';
|
2410 |
-
$link_end = '</a>';
|
2411 |
-
printf(
|
2412 |
-
__( 'Before you enable this, make sure you know how to %1$sregain access%2$s to your site in case of a redirect loop.', 'really-simple-ssl' ),
|
2413 |
-
$link_start,
|
2414 |
-
$link_end
|
2415 |
-
);
|
2416 |
-
}
|
2417 |
-
}
|
2418 |
-
|
2419 |
-
}
|
2420 |
-
|
2421 |
-
/**
|
2422 |
-
* Insert option into settings form
|
2423 |
-
*
|
2424 |
-
* @since 2.0
|
2425 |
-
*
|
2426 |
-
* @access public
|
2427 |
-
*
|
2428 |
-
*/
|
2429 |
-
|
2430 |
-
public function get_option_do_not_edit_htaccess() {
|
2431 |
-
$options = get_option('rlrsssl_options');
|
2432 |
-
echo '<input id="rlrsssl_options" name="rlrsssl_options[do_not_edit_htaccess]" size="40" type="checkbox" value="1"' . checked( 1, $this->do_not_edit_htaccess, false ) ." />";
|
2433 |
-
|
2434 |
-
RSSSL()->rsssl_help->get_help_tip(__("If you want to customize the Really Simple SSL .htaccess, you need to prevent Really Simple SSL from rewriting it. Enabling this option will do that.", "really-simple-ssl"));
|
2435 |
-
if (!$this->do_not_edit_htaccess && !is_writable($this->ABSpath.".htaccess")) _e(".htaccess is currently not writable.","really-simple-ssl");
|
2436 |
-
}
|
2437 |
-
|
2438 |
-
/**
|
2439 |
-
* Insert option into settings form
|
2440 |
-
*
|
2441 |
-
* @since 2.1
|
2442 |
-
*
|
2443 |
-
* @access public
|
2444 |
-
*
|
2445 |
-
*/
|
2446 |
-
|
2447 |
-
public function get_option_switch_mixed_content_fixer_hook() {
|
2448 |
-
$options = get_option('rslrsssl_options');
|
2449 |
-
echo '<input id="rlrsssl_options" name="rlrsssl_options[switch_mixed_content_fixer_hook]" size="40" type="checkbox" value="1"' . checked( 1, $this->switch_mixed_content_fixer_hook, false ) ." />";
|
2450 |
-
RSSSL()->rsssl_help->get_help_tip(__("If this option is set to true, the mixed content fixer will fire on the init hook instead of the template_redirect hook. Only use this option when you experience problems with the mixed content fixer.", "really-simple-ssl"));
|
2451 |
-
}
|
2452 |
-
|
2453 |
-
public function get_option_autoreplace_insecure_links() {
|
2454 |
-
//$options = get_option('rlrsssl_options');
|
2455 |
-
$autoreplace_mixed_content = $this->autoreplace_insecure_links;
|
2456 |
-
$disabled = "";
|
2457 |
-
$comment = "";
|
2458 |
-
|
2459 |
-
if (is_multisite() && rsssl_multisite::this()->autoreplace_mixed_content) {
|
2460 |
-
$disabled = "disabled";
|
2461 |
-
$autoreplace_mixed_content = TRUE;
|
2462 |
-
$comment = __( "This option is enabled on the network menu.", "really-simple-ssl" );
|
2463 |
-
}
|
2464 |
-
echo '<input '.$disabled.' id="rlrsssl_options" name="rlrsssl_options[autoreplace_insecure_links]" size="40" type="checkbox" value="1"' . checked( 1, $autoreplace_mixed_content, false ) .' />';
|
2465 |
-
RSSSL()->rsssl_help->get_help_tip(__("In most cases you need to leave this enabled, to prevent mixed content issues on your site.", "really-simple-ssl"));
|
2466 |
-
echo $comment;
|
2467 |
-
}
|
2468 |
/**
|
2469 |
* Add settings link on plugins overview page
|
2470 |
*
|
@@ -2474,109 +2875,156 @@ public function get_option_wp_redirect() {
|
|
2474 |
*
|
2475 |
*/
|
2476 |
|
2477 |
-
public function plugin_settings_link($links) {
|
2478 |
-
$settings_link = '<a href="options-general.php?page=rlrsssl_really_simple_ssl">'.__("Settings","really-simple-ssl").'</a>';
|
2479 |
-
array_unshift($links, $settings_link);
|
2480 |
-
|
2481 |
-
$faq_link = '<a target="_blank" href="https://really-simple-ssl.com/knowledge-base/">' . __( 'Docs', 'really-simple-ssl' ) . '</a>';
|
2482 |
-
array_unshift( $links, $faq_link );
|
2483 |
-
|
2484 |
-
if ( defined("rsssl_pro_version") ) {
|
2485 |
-
if (class_exists('RSSSL_PRO')) {
|
2486 |
-
if(RSSSL_PRO()->rsssl_licensing->license_is_valid()) return $links;
|
2487 |
-
}
|
2488 |
-
}
|
2489 |
-
if ( !defined("rsssl_pro_version") ) {
|
2490 |
-
if (!class_exists('RSSSL_PRO')) {
|
2491 |
-
$premium_link = '<a target="_blank" href="https://really-simple-ssl.com/premium-support">' . __( 'Premium Support', 'really-simple-ssl' ) . '</a>';
|
2492 |
-
array_unshift( $links, $premium_link );
|
2493 |
-
}
|
2494 |
-
}
|
2495 |
-
return $links;
|
2496 |
-
}
|
2497 |
-
|
2498 |
-
/**
|
2499 |
-
* Check for possible plugin conflicts
|
2500 |
-
*
|
2501 |
-
* @since 2.0
|
2502 |
-
*
|
2503 |
-
* @access public
|
2504 |
-
* @return none
|
2505 |
-
*
|
2506 |
-
*/
|
2507 |
-
|
2508 |
-
public function check_plugin_conflicts() {
|
2509 |
-
// $this->plugin_conflict["WOOCOMMERCE_FORCESSL"] = TRUE;
|
2510 |
-
}
|
2511 |
-
|
2512 |
-
/**
|
2513 |
-
* Check if wpconfig contains httponly cooky settings
|
2514 |
-
*
|
2515 |
-
* @since 2.5
|
2516 |
-
*
|
2517 |
-
* @access public
|
2518 |
-
* @return boolean
|
2519 |
-
*
|
2520 |
-
*/
|
2521 |
-
|
2522 |
-
public function contains_secure_cookie_settings() {
|
2523 |
-
$wpconfig_path = $this->find_wp_config_path();
|
2524 |
-
|
2525 |
-
if (!$wpconfig_path) return false;
|
2526 |
-
|
2527 |
-
$wpconfig = file_get_contents($wpconfig_path);
|
2528 |
-
if ( (strpos($wpconfig, "//Begin Really Simple SSL session cookie settings")===FALSE) && (strpos($wpconfig, "cookie_httponly")===FALSE) ) {
|
2529 |
-
return false;
|
2530 |
-
}
|
2531 |
-
|
2532 |
-
return true;
|
2533 |
-
}
|
2534 |
-
|
2535 |
-
|
2536 |
-
|
2537 |
-
/**
|
2538 |
-
* Get the absolute path the the www directory of this site, where .htaccess lives.
|
2539 |
-
*
|
2540 |
-
* @since 2.0
|
2541 |
-
*
|
2542 |
-
* @access public
|
2543 |
-
*
|
2544 |
-
*/
|
2545 |
-
|
2546 |
-
public function getABSPATH(){
|
2547 |
-
$path = ABSPATH;
|
2548 |
-
if($this->is_subdirectory_install()){
|
2549 |
-
$siteUrl = site_url();
|
2550 |
-
$homeUrl = home_url();
|
2551 |
-
$diff = str_replace($homeUrl, "", $siteUrl);
|
2552 |
-
$diff = trim($diff,"/");
|
2553 |
-
$pos = strrpos($path, $diff);
|
2554 |
-
if($pos !== false){
|
2555 |
-
$path = substr_replace($path, "", $pos, strlen($diff));
|
2556 |
-
$path = trim($path,"/");
|
2557 |
-
$path = "/".$path."/";
|
2558 |
-
}
|
2559 |
-
}
|
2560 |
-
|
2561 |
-
return $path;
|
2562 |
-
}
|
2563 |
-
|
2564 |
-
/**
|
2565 |
-
* Find if this WordPress installation is installed in a subdirectory
|
2566 |
-
*
|
2567 |
-
* @since 2.0
|
2568 |
-
*
|
2569 |
-
* @access protected
|
2570 |
-
*
|
2571 |
-
*/
|
2572 |
|
2573 |
-
|
2574 |
-
|
2575 |
-
|
2576 |
-
|
2577 |
-
|
2578 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2579 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2580 |
|
2581 |
|
2582 |
} //class closure
|
1 |
<?php
|
2 |
defined('ABSPATH') or die("you do not have access to this page!");
|
3 |
|
4 |
+
class rsssl_admin extends rsssl_front_end
|
5 |
+
{
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
6 |
|
7 |
+
private static $_this;
|
|
|
|
|
8 |
|
9 |
+
public $wpconfig_siteurl_not_fixed = FALSE;
|
10 |
+
public $no_server_variable = FALSE;
|
11 |
+
public $errors = Array();
|
12 |
|
13 |
+
public $do_wpconfig_loadbalancer_fix = FALSE;
|
14 |
+
public $site_has_ssl = FALSE;
|
15 |
+
public $ssl_enabled = FALSE;
|
|
|
|
|
|
|
|
|
16 |
|
17 |
+
//multisite variables
|
18 |
+
public $sites = Array(); //for multisite, list of all activated sites.
|
|
|
|
|
|
|
19 |
|
20 |
+
//general settings
|
21 |
+
public $capability = 'activate_plugins';
|
22 |
|
23 |
+
public $ssl_test_page_error;
|
24 |
+
public $htaccess_test_success = FALSE;
|
25 |
+
public $plugin_version = rsssl_version; //deprecated, but used in pro plugin until 1.0.25
|
26 |
|
27 |
+
public $plugin_dir = "really-simple-ssl";
|
28 |
+
public $plugin_filename = "rlrsssl-really-simple-ssl.php";
|
29 |
+
public $ABSpath;
|
30 |
|
31 |
+
public $do_not_edit_htaccess = FALSE;
|
32 |
+
public $javascript_redirect = FALSE;
|
33 |
+
public $htaccess_redirect = FALSE;
|
34 |
+
public $htaccess_warning_shown = FALSE;
|
35 |
+
public $ssl_success_message_shown = FALSE;
|
36 |
+
public $hsts = FALSE;
|
37 |
+
public $debug = TRUE;
|
38 |
+
public $debug_log;
|
39 |
|
40 |
+
public $plugin_conflict = ARRAY();
|
41 |
+
public $plugin_db_version;
|
42 |
+
public $plugin_upgraded;
|
43 |
+
public $mixed_content_fixer_status = "OK";
|
44 |
+
public $ssl_type = "NA";
|
45 |
|
46 |
+
private $pro_url = "https://www.really-simple-ssl.com/pro";
|
47 |
|
48 |
+
function __construct()
|
49 |
+
{
|
50 |
+
if (isset(self::$_this))
|
51 |
+
wp_die(sprintf(__('%s is a singleton class and you cannot create a second instance.', 'really-simple-ssl'), get_class($this)));
|
52 |
|
53 |
+
self::$_this = $this;
|
54 |
|
55 |
+
$this->ABSpath = $this->getABSPATH();
|
56 |
+
$this->get_options();
|
57 |
+
$this->get_admin_options();
|
58 |
|
59 |
+
$this->get_plugin_upgraded(); //call always, otherwise db version will not match anymore.
|
60 |
|
61 |
+
register_deactivation_hook(dirname(__FILE__) . "/" . $this->plugin_filename, array($this, 'deactivate'));
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
62 |
|
63 |
+
add_action('admin_init', array($this, 'add_privacy_info'));
|
|
|
|
|
64 |
|
|
|
|
|
|
|
|
|
|
|
|
|
65 |
|
66 |
+
}
|
|
|
67 |
|
68 |
+
static function this()
|
69 |
+
{
|
70 |
+
return self::$_this;
|
71 |
+
}
|
72 |
|
73 |
+
public function add_privacy_info()
|
74 |
+
{
|
75 |
+
if (!function_exists('wp_add_privacy_policy_content')) {
|
76 |
+
return;
|
|
|
77 |
}
|
|
|
|
|
78 |
|
79 |
+
$content = sprintf(
|
80 |
+
__('Really Simple SSL and Really Simple SSL add-ons do not process any personal identifiable information, so the GDPR does not apply to these plugins or usage of these plugins on your website. You can find our privacy policy <a href="%s" target="_blank">here</a>.', 'really-simple-ssl'),
|
81 |
+
'https://really-simple-ssl.com/privacy-statement/'
|
82 |
+
);
|
83 |
|
84 |
+
wp_add_privacy_policy_content(
|
85 |
+
'Really Simple SSL',
|
86 |
+
wp_kses_post(wpautop($content, false))
|
87 |
+
);
|
|
|
88 |
}
|
89 |
|
|
|
|
|
90 |
|
91 |
+
/**
|
92 |
+
* Initializes the admin class
|
93 |
+
*
|
94 |
+
* @since 2.2
|
95 |
+
*
|
96 |
+
* @access public
|
97 |
+
*
|
98 |
+
*/
|
99 |
|
100 |
+
public function init()
|
101 |
+
{
|
102 |
+
if (!current_user_can($this->capability)) return;
|
103 |
+
$is_on_settings_page = $this->is_settings_page();
|
104 |
|
105 |
+
if (defined("RSSSL_FORCE_ACTIVATE") && RSSSL_FORCE_ACTIVATE) {
|
106 |
+
$options = get_option('rlrsssl_options');
|
107 |
+
$options['ssl_enabled'] = true;
|
108 |
+
update_option('rlrsssl_options', $options);
|
109 |
+
}
|
110 |
|
111 |
+
/*
|
112 |
+
Detect configuration when:
|
113 |
+
- SSL activation just confirmed.
|
114 |
+
- on settings page
|
115 |
+
- No SSL detected
|
116 |
+
*/
|
117 |
+
|
118 |
+
//when configuration should run again
|
119 |
+
if ($this->clicked_activate_ssl() || !$this->ssl_enabled || !$this->site_has_ssl || $is_on_settings_page || is_network_admin()) {
|
120 |
+
|
121 |
+
if (is_multisite()) $this->build_domain_list();//has to come after clicked_activate_ssl, otherwise this domain won't get counted.
|
122 |
+
$this->detect_configuration();
|
123 |
+
|
124 |
+
//flush caches when just activated ssl
|
125 |
+
//flush the permalinks
|
126 |
+
if ($this->clicked_activate_ssl()) {
|
127 |
+
if (isset($_POST["rsssl_flush_rewrite_rules"])) {
|
128 |
+
add_action('shutdown', 'flush_rewrite_rules');
|
129 |
+
}
|
130 |
+
add_action('admin_init', array(RSSSL()->rsssl_cache, 'flush'), 40);
|
131 |
+
}
|
132 |
+
|
133 |
+
if (!$this->wpconfig_ok()) {
|
134 |
+
//if we were to activate ssl, this could result in a redirect loop. So warn first.
|
135 |
+
add_action("admin_notices", array($this, 'show_notice_wpconfig_needs_fixes'));
|
136 |
+
if (is_multisite()) add_action('network_admin_notices', array($this, 'show_notice_wpconfig_needs_fixes'), 10);
|
137 |
+
|
138 |
+
$this->ssl_enabled = false;
|
139 |
+
$this->save_options();
|
140 |
+
} elseif ($this->ssl_enabled) {
|
141 |
+
add_action('init', array($this, 'configure_ssl'), 20);
|
142 |
+
}
|
143 |
+
}
|
144 |
|
145 |
+
//when SSL is enabled, and not enabled by user, ask for activation.
|
146 |
+
add_action("admin_notices", array($this, 'show_notice_activate_ssl'), 10);
|
147 |
|
148 |
+
add_action('plugins_loaded', array($this, 'check_plugin_conflicts'), 30);
|
|
|
|
|
149 |
|
150 |
+
//add the settings page for the plugin
|
151 |
+
add_action('admin_enqueue_scripts', array($this, 'enqueue_assets'));
|
152 |
+
add_action('admin_init', array($this, 'load_translation'), 20);
|
153 |
+
add_action('rsssl_configuration_page', array($this, 'configuration_page_more'), 10);
|
154 |
|
155 |
+
//settings page, form and settings link in the plugins page
|
156 |
+
add_action('admin_menu', array($this, 'add_settings_page'), 40);
|
157 |
+
add_action('admin_init', array($this, 'create_form'), 40);
|
158 |
+
add_action('admin_init', array($this, 'listen_for_deactivation'), 40);
|
159 |
|
160 |
+
$plugin = rsssl_plugin;
|
161 |
+
add_filter("plugin_action_links_$plugin", array($this, 'plugin_settings_link'));
|
162 |
|
163 |
+
//check if the uninstallfile is safely renamed to php.
|
164 |
+
$this->check_for_uninstall_file();
|
|
|
|
|
|
|
165 |
|
166 |
+
//callbacks for the ajax dismiss buttons
|
167 |
+
add_action('wp_ajax_dismiss_htaccess_warning', array($this, 'dismiss_htaccess_warning_callback'));
|
168 |
+
add_action('wp_ajax_dismiss_success_message', array($this, 'dismiss_success_message_callback'));
|
169 |
|
170 |
+
//handle notices
|
171 |
+
add_action('admin_notices', array($this, 'show_notices'));
|
172 |
+
add_action("update_option_rlrsssl_options", array($this, "update_htaccess_after_settings_save"), 20, 3);
|
173 |
+
}
|
174 |
|
175 |
+
/*
|
176 |
+
* Deactivate the plugin while keeping SSL
|
177 |
+
* Activated when the 'uninstall_keep_ssl' button is clicked in the settings tab
|
178 |
+
*
|
179 |
+
*/
|
180 |
|
181 |
+
public function listen_for_deactivation()
|
182 |
+
{
|
|
|
|
|
|
|
|
|
|
|
183 |
|
184 |
+
//check if we are on ssl settings page
|
185 |
+
if (!$this->is_settings_page()) return;
|
186 |
+
//check user role
|
187 |
+
if (!current_user_can($this->capability)) return;
|
188 |
|
189 |
+
//check nonce
|
190 |
+
if (!isset($_GET['token']) || (!wp_verify_nonce($_GET['token'], 'rsssl_deactivate_plugin'))) return;
|
191 |
+
//check for action
|
192 |
+
if (isset($_GET["action"]) && $_GET["action"] == 'uninstall_keep_ssl') {
|
193 |
+
//deactivate plugin, but don't revert to http.
|
194 |
+
$plugin = $this->plugin_dir . "/" . $this->plugin_filename;
|
195 |
+
$plugin = plugin_basename(trim($plugin));
|
196 |
|
197 |
+
if (is_multisite()) {
|
|
|
|
|
198 |
|
199 |
+
$network_current = get_site_option('active_sitewide_plugins', array());
|
200 |
+
if (is_plugin_active_for_network($plugin)) {
|
201 |
+
unset($network_current[$plugin]);
|
202 |
+
}
|
203 |
+
update_site_option('active_sitewide_plugins', $network_current);
|
204 |
|
205 |
+
//remove plugin one by one on each site
|
206 |
+
$sites = get_sites();
|
207 |
+
foreach ($sites as $site) {
|
208 |
+
switch_to_blog($site['blog_id']);
|
209 |
|
210 |
+
$current = get_option('active_plugins', array());
|
211 |
+
$current = $this->remove_plugin_from_array($plugin, $current);
|
212 |
+
update_option('active_plugins', $current);
|
213 |
|
214 |
+
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
215 |
+
}
|
|
|
216 |
|
217 |
+
} else {
|
|
|
|
|
218 |
|
219 |
+
error_log("remove from active plugins");
|
|
|
|
|
220 |
|
221 |
+
$current = get_option('active_plugins', array());
|
222 |
+
$current = $this->remove_plugin_from_array($plugin, $current);
|
223 |
+
update_option('active_plugins', $current);
|
224 |
+
}
|
225 |
+
wp_redirect(admin_url('plugins.php'));
|
226 |
+
exit;
|
227 |
+
}
|
228 |
+
}
|
229 |
|
|
|
|
|
|
|
230 |
|
231 |
+
/*
|
232 |
+
* Remove the plugin from the active plugins array when called from listen_for_deactivation
|
233 |
+
*
|
234 |
+
* */
|
235 |
|
236 |
|
237 |
+
public function remove_plugin_from_array($plugin, $current)
|
238 |
+
{
|
239 |
+
$key = array_search($plugin, $current);
|
240 |
+
if (false !== $key) {
|
241 |
+
unset($current[$key]);
|
242 |
+
}
|
243 |
+
return $current;
|
244 |
}
|
245 |
|
|
|
|
|
246 |
|
247 |
+
//change deprecated function depending on version.
|
|
|
|
|
248 |
|
249 |
+
public function get_sites_bw_compatible()
|
250 |
+
{
|
251 |
+
global $wp_version;
|
252 |
+
$sites = ($wp_version >= 4.6) ? get_sites() : wp_get_sites();
|
253 |
+
return $sites;
|
254 |
+
}
|
255 |
|
256 |
+
/*
|
257 |
+
The new get_sites function returns an object.
|
258 |
|
259 |
+
*/
|
|
|
260 |
|
261 |
+
public function switch_to_blog_bw_compatible($site)
|
262 |
+
{
|
263 |
|
264 |
+
global $wp_version;
|
265 |
+
if ($wp_version >= 4.6) {
|
266 |
+
switch_to_blog($site->blog_id);
|
267 |
+
} else {
|
268 |
+
switch_to_blog($site['blog_id']);
|
269 |
+
}
|
270 |
+
}
|
271 |
|
|
|
272 |
|
273 |
+
/*
|
274 |
+
checks if the user just clicked the "activate SSL" button.
|
275 |
+
*/
|
276 |
|
277 |
+
private function clicked_activate_ssl()
|
278 |
+
{
|
279 |
+
if (!current_user_can($this->capability)) return;
|
280 |
+
//if (!isset( $_POST['rsssl_nonce'] ) || !wp_verify_nonce( $_POST['rsssl_nonce'], 'rsssl_nonce' )) return false;
|
281 |
|
282 |
+
if (isset($_POST['rsssl_do_activate_ssl'])) {
|
283 |
+
$this->activate_ssl();
|
284 |
+
return true;
|
285 |
+
}
|
|
|
|
|
|
|
|
|
|
|
286 |
|
287 |
+
return false;
|
288 |
+
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
289 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
290 |
|
291 |
+
/*
|
292 |
+
Activate the SSL for this site
|
293 |
*/
|
294 |
|
295 |
+
public function activate_ssl()
|
296 |
+
{
|
297 |
+
$this->ssl_enabled = true;
|
298 |
+
$this->wp_redirect = true;
|
|
|
|
|
|
|
299 |
|
300 |
+
$this->set_siteurl_to_ssl();
|
301 |
+
$this->save_options();
|
302 |
+
}
|
303 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
304 |
|
305 |
+
public function deactivate_ssl()
|
306 |
+
{
|
307 |
+
$this->ssl_enabled = false;
|
308 |
+
$this->wp_redirect = false;
|
309 |
+
$this->htaccess_redirect = false;
|
310 |
|
311 |
+
$this->remove_ssl_from_siteurl();
|
312 |
+
$this->save_options();
|
313 |
+
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
314 |
|
|
|
|
|
|
|
|
|
|
|
315 |
|
316 |
+
public function wpconfig_ok()
|
317 |
+
{
|
318 |
+
if (($this->do_wpconfig_loadbalancer_fix || $this->no_server_variable || $this->wpconfig_siteurl_not_fixed) && !$this->wpconfig_is_writable()) {
|
319 |
+
$result = false;
|
320 |
+
} else {
|
321 |
+
$result = true;
|
322 |
}
|
|
|
|
|
323 |
|
324 |
+
return apply_filters('rsssl_wpconfig_ok_check', $result);
|
325 |
+
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
326 |
|
327 |
+
/*
|
328 |
+
This message is shown when no SSL is not enabled by the user yet
|
329 |
+
*/
|
|
|
|
|
|
|
|
|
|
|
330 |
|
331 |
+
public function show_notice_activate_ssl()
|
332 |
+
{
|
333 |
+
if ($this->ssl_enabled) return;
|
|
|
|
|
|
|
|
|
|
|
334 |
|
335 |
+
if (defined("RSSSL_DISMISS_ACTIVATE_SSL_NOTICE") && RSSSL_DISMISS_ACTIVATE_SSL_NOTICE) return;
|
|
|
|
|
|
|
|
|
|
|
336 |
|
337 |
+
//for multisite, show only activate when a choice has been made to activate networkwide or per site.
|
338 |
+
if (is_multisite() && !RSSSL()->rsssl_multisite->selected_networkwide_or_per_site) return;
|
|
|
|
|
|
|
|
|
|
|
|
|
339 |
|
340 |
+
//on multistie, only show this message on the network admin. Per site activated sites have to go to the settings page.
|
341 |
+
//otherwise sites that do not need SSL possibly get to see this message.
|
342 |
|
343 |
+
if (is_multisite() && !is_network_admin()) return;
|
|
|
344 |
|
345 |
+
if (!$this->wpconfig_ok()) return;
|
|
|
|
|
|
|
346 |
|
347 |
+
if (!current_user_can($this->capability)) return; ?>
|
|
|
348 |
|
349 |
+
<?php if (!$this->site_has_ssl) { ?>
|
350 |
+
<div id="message" class="error fade notice rsssl-notice-certificate">
|
351 |
+
<h1><?php echo __("Detected possible certificate issues", "really-simple-ssl"); ?></h1>
|
352 |
+
<p>
|
353 |
+
<?php
|
354 |
+
$reload_https_url = "https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"];
|
355 |
+
$link_open = '<p><a class="button" target="_blank" href="' . $reload_https_url . '">';
|
356 |
+
$link_close = '</a></p>';
|
357 |
|
358 |
+
printf(__("Really Simple SSL failed to detect a valid SSL certificate. If you do have an SSL certificate, try to reload this page over https by clicking this button: %sReload over https%s ", "really-simple-ssl"), $link_open, $link_close);
|
|
|
359 |
|
360 |
+
$ssl_test_url = "https://www.ssllabs.com/ssltest/";
|
361 |
+
$link_open = '<a target="_blank" href="' . $ssl_test_url . '">';
|
362 |
+
$link_close = '</a>';
|
363 |
|
364 |
+
printf(__("Really Simple SSL requires a valid SSL certificate. You can check your certificate on %sQualys SSL Labs%s.", "really-simple-ssl"), $link_open, $link_close);
|
365 |
+
?>
|
366 |
+
</p>
|
367 |
+
</div>
|
368 |
+
<?php } ?>
|
369 |
|
370 |
+
<div id="message" class="updated fade notice activate-ssl">
|
371 |
+
<?php if ($this->site_has_ssl) { ?>
|
372 |
+
<h1><?php _e("Almost ready to migrate to SSL!", "really-simple-ssl"); ?></h1>
|
373 |
+
<?php } ?>
|
374 |
+
<?php _e("Some things can't be done automatically. Before you migrate, please check for: ", 'really-simple-ssl'); ?>
|
375 |
+
<p>
|
376 |
+
<ul>
|
377 |
+
<li><?php _e('Http references in your .css and .js files: change any http:// into //', 'really-simple-ssl'); ?></li>
|
378 |
+
<li><?php _e('Images, stylesheets or scripts from a domain without an SSL certificate: remove them or move to your own server.', 'really-simple-ssl'); ?></li><?php
|
379 |
|
380 |
+
$backup_link = "https://really-simple-ssl.com/knowledge-base/backing-up-your-site/";
|
381 |
+
$link_open = '<a target="_blank" href="' . $backup_link . '">';
|
382 |
+
$link_close = '</a>';
|
383 |
|
384 |
+
?>
|
385 |
+
<li> <?php printf(__("It is recommended to take a %sbackup%s of your site before activating SSL", 'really-simple-ssl'), $link_open, $link_close); ?> </li>
|
386 |
+
</ul>
|
387 |
+
</p>
|
388 |
+
<?php $this->show_pro(); ?>
|
389 |
|
390 |
+
<?php RSSSL()->really_simple_ssl->show_enable_ssl_button(); ?>
|
391 |
+
</div>
|
392 |
+
<?php }
|
393 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
394 |
|
395 |
+
/**
|
396 |
+
* @since 2.3
|
397 |
+
* Returns button to enable SSL.
|
398 |
+
*/
|
399 |
|
400 |
+
public function show_enable_ssl_button()
|
401 |
+
{
|
402 |
+
if ($this->site_has_ssl || (defined('rsssl_force_activate') && rsssl_force_activate)) {
|
403 |
+
?>
|
404 |
+
<p>
|
405 |
+
<form action="" method="post">
|
406 |
+
<?php wp_nonce_field('rsssl_nonce', 'rsssl_nonce'); ?>
|
407 |
+
<div>
|
408 |
+
<input type="checkbox" name="rsssl_flush_rewrite_rules"
|
409 |
+
checked><label><?php _e("Flush rewrite rules on activation (deselect when you encounter errors)", "really-simple-ssl") ?></label>
|
410 |
+
</div>
|
411 |
+
<input type="submit" class='button button-primary'
|
412 |
+
value="<?php _e("Go ahead, activate SSL!", "really-simple-ssl"); ?>" id="rsssl_do_activate_ssl"
|
413 |
+
name="rsssl_do_activate_ssl">
|
414 |
+
<br><?php _e("You may need to login in again.", "really-simple-ssl") ?>
|
415 |
+
</form>
|
416 |
+
</p>
|
417 |
+
<?php
|
418 |
+
}
|
419 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
420 |
|
421 |
+
/**
|
422 |
+
* @since 2.3
|
423 |
+
* Shows option to buy pro
|
424 |
+
*/
|
425 |
|
426 |
+
public function show_pro()
|
427 |
+
{
|
428 |
+
if (!defined("rsssl_pro_version")) {
|
429 |
+
?>
|
430 |
+
<p><?php _e('You can also let the automatic scan of the pro version handle this for you, and get premium support, increased security with HSTS and more!', 'really-simple-ssl'); ?>
|
431 |
+
<a target="_blank"
|
432 |
+
href="<?php echo $this->pro_url; ?>"><?php _e("Check out Really Simple SSL Premium", "really-simple-ssl"); ?></a>
|
433 |
+
</p>
|
434 |
+
<?php
|
|
|
435 |
}
|
436 |
+
}
|
|
|
|
|
437 |
|
438 |
|
439 |
+
public function wpconfig_is_writable()
|
440 |
+
{
|
441 |
+
$wpconfig_path = $this->find_wp_config_path();
|
442 |
+
if (is_writable($wpconfig_path))
|
443 |
+
return true;
|
444 |
+
else
|
445 |
+
return false;
|
446 |
+
}
|
447 |
|
448 |
+
/*
|
449 |
+
* Check if the uninstall file is renamed to .php
|
|
|
|
|
|
|
450 |
*/
|
451 |
|
452 |
+
protected function check_for_uninstall_file()
|
453 |
+
{
|
454 |
+
if (file_exists(dirname(__FILE__) . '/force-deactivate.php')) {
|
455 |
+
$this->errors["DEACTIVATE_FILE_NOT_RENAMED"] = true;
|
456 |
+
}
|
457 |
+
}
|
458 |
|
459 |
+
/**
|
460 |
+
* Get the options for this plugin
|
461 |
+
*
|
462 |
+
* @since 2.0
|
463 |
+
*
|
464 |
+
* @access public
|
465 |
+
*
|
466 |
+
*/
|
467 |
|
468 |
+
public function get_admin_options()
|
469 |
+
{
|
470 |
|
471 |
+
$options = get_option('rlrsssl_options');
|
472 |
+
if (isset($options)) {
|
473 |
+
$this->site_has_ssl = isset($options['site_has_ssl']) ? $options['site_has_ssl'] : FALSE;
|
474 |
+
$this->hsts = isset($options['hsts']) ? $options['hsts'] : FALSE;
|
475 |
+
$this->htaccess_warning_shown = isset($options['htaccess_warning_shown']) ? $options['htaccess_warning_shown'] : FALSE;
|
476 |
+
$this->ssl_success_message_shown = isset($options['ssl_success_message_shown']) ? $options['ssl_success_message_shown'] : FALSE;
|
477 |
+
$this->plugin_db_version = isset($options['plugin_db_version']) ? $options['plugin_db_version'] : "1.0";
|
478 |
+
$this->debug = isset($options['debug']) ? $options['debug'] : FALSE;
|
479 |
+
$this->do_not_edit_htaccess = isset($options['do_not_edit_htaccess']) ? $options['do_not_edit_htaccess'] : FALSE;
|
480 |
+
$this->htaccess_redirect = isset($options['htaccess_redirect']) ? $options['htaccess_redirect'] : FALSE;
|
481 |
+
$this->switch_mixed_content_fixer_hook = isset($options['switch_mixed_content_fixer_hook']) ? $options['switch_mixed_content_fixer_hook'] : FALSE;
|
482 |
+
$this->debug_log = isset($options['debug_log']) ? $options['debug_log'] : $this->debug_log;
|
483 |
+
}
|
484 |
|
485 |
+
if (is_multisite()) {
|
486 |
+
$network_options = get_site_option('rlrsssl_network_options');
|
487 |
+
$network_htaccess_redirect = isset($network_options["htaccess_redirect"]) ? $network_options["htaccess_redirect"] : false;
|
488 |
+
$network_do_not_edit_htaccess = isset($network_options["do_not_edit_htaccess"]) ? $network_options["do_not_edit_htaccess"] : false;
|
489 |
+
/*
|
490 |
+
If multiste, and networkwide, only the networkwide setting counts.
|
491 |
+
if multisite, and per site, only the networkwide setting counts if it is true.
|
492 |
+
*/
|
493 |
+
$ssl_enabled_networkwide = isset($network_options["ssl_enabled_networkwide"]) ? $network_options["ssl_enabled_networkwide"] : false;
|
494 |
+
if ($ssl_enabled_networkwide) {
|
495 |
+
$this->htaccess_redirect = $network_htaccess_redirect;
|
496 |
+
$this->do_not_edit_htaccess = $network_do_not_edit_htaccess;
|
497 |
+
} else {
|
498 |
+
if ($network_do_not_edit_htaccess) $this->do_not_edit_htaccess = $network_do_not_edit_htaccess;
|
499 |
+
if ($network_htaccess_redirect) $this->htaccess_redirect = $network_htaccess_redirect;
|
500 |
+
}
|
501 |
+
}
|
502 |
|
503 |
+
//if the define is true, it overrides the db setting.
|
504 |
+
if (defined('RLRSSSL_DO_NOT_EDIT_HTACCESS')) {
|
505 |
+
$this->do_not_edit_htaccess = RLRSSSL_DO_NOT_EDIT_HTACCESS;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
506 |
}
|
|
|
|
|
|
|
|
|
507 |
|
508 |
+
}
|
509 |
+
|
510 |
+
/**
|
511 |
+
* Creates an array of all domains where the plugin is active AND SSL is active, only used for multisite.
|
512 |
+
*
|
513 |
+
* @since 2.1
|
514 |
+
*
|
515 |
+
* @access public
|
516 |
+
*
|
517 |
+
*/
|
518 |
|
519 |
+
public function build_domain_list()
|
520 |
+
{
|
521 |
+
if (!is_multisite()) return;
|
522 |
+
//create list of all activated sites with SSL
|
523 |
+
$this->sites = array();
|
524 |
+
$sites = $this->get_sites_bw_compatible();
|
525 |
+
if ($this->debug) $this->trace_log("building domain list for multisite...");
|
526 |
+
foreach ($sites as $site) {
|
527 |
+
$this->switch_to_blog_bw_compatible($site);
|
528 |
+
$options = get_option('rlrsssl_options');
|
529 |
+
|
530 |
+
$ssl_enabled = FALSE;
|
531 |
+
if (isset($options)) {
|
532 |
+
$site_has_ssl = isset($options['site_has_ssl']) ? $options['site_has_ssl'] : FALSE;
|
533 |
+
$ssl_enabled = isset($options['ssl_enabled']) ? $options['ssl_enabled'] : $site_has_ssl;
|
534 |
+
}
|
535 |
+
|
536 |
+
if (is_plugin_active(rsssl_plugin) && $ssl_enabled) {
|
537 |
+
if ($this->debug) $this->trace_log("adding: " . home_url());
|
538 |
+
$this->sites[] = home_url();
|
539 |
+
}
|
540 |
+
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
541 |
+
}
|
542 |
|
543 |
+
$this->save_options();
|
544 |
+
}
|
545 |
|
546 |
/**
|
547 |
+
* check if the plugin was upgraded to a new version
|
548 |
*
|
549 |
* @since 2.1
|
550 |
*
|
552 |
*
|
553 |
*/
|
554 |
|
555 |
+
public function get_plugin_upgraded()
|
556 |
+
{
|
557 |
+
if ($this->plugin_db_version != rsssl_version) {
|
558 |
+
$this->plugin_db_version = rsssl_version;
|
559 |
+
$this->plugin_upgraded = true;
|
560 |
+
$this->save_options();
|
561 |
+
}
|
562 |
+
$this->plugin_upgraded = false;
|
563 |
+
}
|
564 |
|
565 |
+
/**
|
566 |
+
* Log events during plugin execution
|
567 |
+
*
|
568 |
+
* @since 2.1
|
569 |
+
*
|
570 |
+
* @access public
|
571 |
+
*
|
572 |
+
*/
|
573 |
|
574 |
+
public function trace_log($msg)
|
575 |
+
{
|
576 |
+
if (!$this->debug) return;
|
577 |
+
$this->debug_log = $this->debug_log . "<br>" . $msg;
|
578 |
+
$this->debug_log = strstr($this->debug_log, '** Detecting configuration **');
|
579 |
+
error_log($msg);
|
580 |
+
}
|
581 |
|
582 |
+
/**
|
583 |
+
* Configures the site for SSL
|
584 |
+
*
|
585 |
+
* @since 2.2
|
586 |
+
*
|
587 |
+
* @access public
|
588 |
+
*
|
589 |
+
*/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
590 |
|
591 |
+
public function configure_ssl()
|
592 |
+
{
|
593 |
+
if (!current_user_can($this->capability)) return;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
594 |
|
595 |
+
$safe_mode = FALSE;
|
596 |
+
if (defined('RSSSL_SAFE_MODE') && RSSSL_SAFE_MODE) $safe_mode = RSSSL_SAFE_MODE;
|
|
|
597 |
|
598 |
+
if (!current_user_can($this->capability)) return;
|
599 |
+
$this->trace_log("** Configuring SSL **");
|
600 |
+
if ($this->site_has_ssl) {
|
601 |
+
//when one of the used server variables was found, test if the redirect works
|
602 |
|
603 |
+
if (RSSSL()->rsssl_server->uses_htaccess() && $this->ssl_type != "NA")
|
604 |
+
$this->test_htaccess_redirect();
|
|
|
605 |
|
606 |
+
//in a configuration reverse proxy without a set server variable https, add code to wpconfig
|
607 |
+
if ($this->do_wpconfig_loadbalancer_fix) {
|
608 |
+
$this->wpconfig_loadbalancer_fix();
|
609 |
+
}
|
610 |
|
611 |
+
if ($this->no_server_variable)
|
612 |
+
$this->wpconfig_server_variable_fix();
|
613 |
|
614 |
+
if (!$safe_mode) {
|
615 |
+
$this->editHtaccess();
|
616 |
+
}
|
|
|
|
|
|
|
|
|
|
|
617 |
|
618 |
+
if (!$safe_mode && $this->clicked_activate_ssl()) {
|
619 |
+
$this->wp_redirect = TRUE;
|
620 |
+
$this->save_options();
|
621 |
+
}
|
622 |
|
623 |
+
if (!$safe_mode && $this->wpconfig_siteurl_not_fixed)
|
624 |
+
$this->fix_siteurl_defines_in_wpconfig();
|
625 |
|
626 |
+
if (!$safe_mode) {
|
627 |
+
$this->set_siteurl_to_ssl();
|
628 |
+
}
|
|
|
|
|
|
|
629 |
|
630 |
+
}
|
631 |
+
}
|
|
|
|
|
|
|
632 |
|
|
|
|
|
|
|
|
|
|
|
633 |
|
634 |
+
/**
|
635 |
+
* Check to see if we are on the settings page, action hook independent
|
636 |
+
*
|
637 |
+
* @since 2.1
|
638 |
+
*
|
639 |
+
* @access public
|
640 |
+
*
|
641 |
+
*/
|
642 |
|
643 |
+
public function is_settings_page()
|
644 |
+
{
|
645 |
+
if (!isset($_SERVER['QUERY_STRING'])) return false;
|
|
|
|
|
|
|
|
|
|
|
646 |
|
647 |
+
parse_str($_SERVER['QUERY_STRING'], $params);
|
648 |
+
if (array_key_exists("page", $params) && ($params["page"] == "rlrsssl_really_simple_ssl")) {
|
649 |
+
return true;
|
650 |
+
}
|
651 |
+
return false;
|
652 |
+
}
|
653 |
|
654 |
+
/**
|
655 |
+
* Find the path to wp-config
|
656 |
+
*
|
657 |
+
* @since 2.1
|
658 |
+
*
|
659 |
+
* @access public
|
660 |
+
*
|
661 |
+
*/
|
662 |
|
663 |
+
public function find_wp_config_path()
|
664 |
+
{
|
665 |
+
//limit nr of iterations to 20
|
666 |
+
$i = 0;
|
667 |
+
$maxiterations = 20;
|
668 |
+
$dir = dirname(__FILE__);
|
669 |
+
do {
|
670 |
+
$i++;
|
671 |
+
if (file_exists($dir . "/wp-config.php")) {
|
672 |
+
return $dir . "/wp-config.php";
|
673 |
+
}
|
674 |
+
} while (($dir = realpath("$dir/..")) && ($i < $maxiterations));
|
675 |
+
return null;
|
676 |
}
|
|
|
677 |
|
678 |
+
/**
|
679 |
+
* remove https from defined siteurl and homeurl in the wpconfig, if present
|
680 |
+
*
|
681 |
+
* @since 2.1
|
682 |
+
*
|
683 |
+
* @access public
|
684 |
+
*
|
685 |
+
*/
|
686 |
|
687 |
+
public function remove_ssl_from_siteurl_in_wpconfig()
|
688 |
+
{
|
689 |
+
if (!current_user_can($this->capability)) return;
|
690 |
+
|
691 |
+
$wpconfig_path = $this->find_wp_config_path();
|
692 |
+
if (!empty($wpconfig_path)) {
|
693 |
+
$wpconfig = file_get_contents($wpconfig_path);
|
694 |
+
|
695 |
+
$homeurl_pos = strpos($wpconfig, "define('WP_HOME','https://");
|
696 |
+
$siteurl_pos = strpos($wpconfig, "define('WP_SITEURL','https://");
|
697 |
+
|
698 |
+
if (($homeurl_pos !== false) || ($siteurl_pos !== false)) {
|
699 |
+
if (is_writable($wpconfig_path)) {
|
700 |
+
$search_array = array("define('WP_HOME','https://", "define('WP_SITEURL','https://");
|
701 |
+
$ssl_array = array("define('WP_HOME','http://", "define('WP_SITEURL','http://");
|
702 |
+
//now replace these urls
|
703 |
+
$wpconfig = str_replace($search_array, $ssl_array, $wpconfig);
|
704 |
+
file_put_contents($wpconfig_path, $wpconfig);
|
705 |
+
} else {
|
706 |
+
$this->errors['wpconfig not writable'] = TRUE;
|
707 |
+
}
|
708 |
+
}
|
709 |
|
710 |
+
}
|
|
|
|
|
|
|
|
|
711 |
}
|
|
|
712 |
|
713 |
|
714 |
+
/**
|
715 |
+
*
|
716 |
+
* Checks if the wp config contains any defined siteurl and homeurl
|
717 |
+
*
|
718 |
+
*
|
719 |
+
*/
|
720 |
|
721 |
+
private function check_for_siteurl_in_wpconfig()
|
722 |
+
{
|
723 |
|
724 |
+
$wpconfig_path = $this->find_wp_config_path();
|
|
|
|
|
725 |
|
726 |
+
if (empty($wpconfig_path)) return;
|
727 |
|
728 |
+
$wpconfig = file_get_contents($wpconfig_path);
|
729 |
+
$homeurl_pattern = '/(define\(\s*\'WP_HOME\'\s*,\s*\'http\:\/\/)/';
|
730 |
+
$siteurl_pattern = '/(define\(\s*\'WP_SITEURL\'\s*,\s*\'http\:\/\/)/';
|
|
|
|
|
|
|
|
|
731 |
|
732 |
+
$this->wpconfig_siteurl_not_fixed = FALSE;
|
733 |
+
if (preg_match($homeurl_pattern, $wpconfig) || preg_match($siteurl_pattern, $wpconfig)) {
|
734 |
+
$this->wpconfig_siteurl_not_fixed = TRUE;
|
735 |
+
$this->trace_log("siteurl or home url defines found in wpconfig");
|
736 |
+
}
|
737 |
+
}
|
738 |
|
739 |
|
740 |
+
/**
|
741 |
+
* Runs only when siteurl or homeurl define was found in the wpconfig, with the check_for_siteurl_in_wpconfig function
|
742 |
+
* and only when wpconfig is writable.
|
743 |
+
*
|
744 |
+
* @since 2.1
|
745 |
+
*
|
746 |
+
* @access public
|
747 |
+
*
|
748 |
+
*/
|
749 |
|
750 |
+
private function fix_siteurl_defines_in_wpconfig()
|
751 |
+
{
|
752 |
+
$wpconfig_path = $this->find_wp_config_path();
|
|
|
753 |
|
754 |
+
if (empty($wpconfig_path)) return;
|
755 |
|
756 |
+
$wpconfig = file_get_contents($wpconfig_path);
|
757 |
+
$homeurl_pattern = '/(define\(\s*\'WP_HOME\'\s*,\s*\'http\:\/\/)/';
|
758 |
+
$siteurl_pattern = '/(define\(\s*\'WP_SITEURL\'\s*,\s*\'http\:\/\/)/';
|
759 |
+
|
760 |
+
if (preg_match($homeurl_pattern, $wpconfig) || preg_match($siteurl_pattern, $wpconfig)) {
|
761 |
+
if (is_writable($wpconfig_path)) {
|
762 |
+
$this->trace_log("wp config siteurl/homeurl edited.");
|
763 |
+
$wpconfig = preg_replace($homeurl_pattern, "define('WP_HOME','https://", $wpconfig);
|
764 |
+
$wpconfig = preg_replace($siteurl_pattern, "define('WP_SITEURL','https://", $wpconfig);
|
765 |
+
file_put_contents($wpconfig_path, $wpconfig);
|
766 |
+
} else {
|
767 |
+
if ($this->debug) {
|
768 |
+
$this->trace_log("not able to fix wpconfig siteurl/homeurl.");
|
769 |
+
}
|
770 |
+
//only when siteurl or homeurl is defined in wpconfig, and wpconfig is not writable is there a possible issue because we cannot edit the defined urls.
|
771 |
+
$this->wpconfig_siteurl_not_fixed = TRUE;
|
772 |
+
}
|
773 |
+
} else {
|
774 |
+
if ($this->debug) {
|
775 |
+
$this->trace_log("no siteurl/homeurl defines in wpconfig");
|
776 |
+
}
|
777 |
+
}
|
778 |
}
|
|
|
779 |
|
|
|
|
|
|
|
|
|
|
|
780 |
|
781 |
+
/**
|
782 |
+
* Check if the wpconfig is already fixed
|
783 |
+
*
|
784 |
+
* @since 2.2
|
785 |
+
*
|
786 |
+
* @access public
|
787 |
+
*
|
788 |
+
*/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
789 |
|
790 |
+
public function wpconfig_has_fixes()
|
791 |
+
{
|
792 |
+
$wpconfig_path = $this->find_wp_config_path();
|
793 |
+
if (empty($wpconfig_path)) return false;
|
794 |
+
$wpconfig = file_get_contents($wpconfig_path);
|
795 |
|
796 |
+
//only one of two fixes possible.
|
797 |
+
if (strpos($wpconfig, "//Begin Really Simple SSL Load balancing fix") !== FALSE) {
|
798 |
+
return true;
|
799 |
+
}
|
|
|
|
|
|
|
|
|
800 |
|
801 |
+
if (strpos($wpconfig, "//Begin Really Simple SSL Server variable fix") !== FALSE) {
|
802 |
+
return true;
|
803 |
}
|
804 |
|
805 |
+
return false;
|
806 |
+
}
|
807 |
|
|
|
808 |
|
809 |
+
/**
|
810 |
+
* In case of load balancer without server https on, add fix in wp-config
|
811 |
+
*
|
812 |
+
* @since 2.1
|
813 |
+
*
|
814 |
+
* @access public
|
815 |
+
*
|
816 |
+
*/
|
817 |
|
|
|
|
|
818 |
|
819 |
+
public function wpconfig_loadbalancer_fix()
|
820 |
+
{
|
821 |
+
if (!current_user_can($this->capability)) return;
|
822 |
|
823 |
+
$wpconfig_path = $this->find_wp_config_path();
|
824 |
+
if (empty($wpconfig_path)) return;
|
825 |
+
$wpconfig = file_get_contents($wpconfig_path);
|
826 |
+
$this->wpconfig_loadbalancer_fix_failed = FALSE;
|
827 |
+
//only if loadbalancer AND NOT SERVER-HTTPS-ON should the following be added. (is_ssl = false)
|
828 |
+
if (strpos($wpconfig, "//Begin Really Simple SSL Load balancing fix") === FALSE) {
|
829 |
+
if (is_writable($wpconfig_path)) {
|
830 |
+
$rule = "\n" . "//Begin Really Simple SSL Load balancing fix" . "\n";
|
831 |
+
$rule .= 'if ((isset($_ENV["HTTPS"]) && ("on" == $_ENV["HTTPS"]))' . "\n";
|
832 |
+
$rule .= '|| (isset($_SERVER["HTTP_X_FORWARDED_SSL"]) && (strpos($_SERVER["HTTP_X_FORWARDED_SSL"], "1") !== false))' . "\n";
|
833 |
+
$rule .= '|| (isset($_SERVER["HTTP_X_FORWARDED_SSL"]) && (strpos($_SERVER["HTTP_X_FORWARDED_SSL"], "on") !== false))' . "\n";
|
834 |
+
$rule .= '|| (isset($_SERVER["HTTP_CF_VISITOR"]) && (strpos($_SERVER["HTTP_CF_VISITOR"], "https") !== false))' . "\n";
|
835 |
+
$rule .= '|| (isset($_SERVER["HTTP_CLOUDFRONT_FORWARDED_PROTO"]) && (strpos($_SERVER["HTTP_CLOUDFRONT_FORWARDED_PROTO"], "https") !== false))' . "\n";
|
836 |
+
$rule .= '|| (isset($_SERVER["HTTP_X_FORWARDED_PROTO"]) && (strpos($_SERVER["HTTP_X_FORWARDED_PROTO"], "https") !== false))' . "\n";
|
837 |
+
$rule .= ') {' . "\n";
|
838 |
+
$rule .= '$_SERVER["HTTPS"] = "on";' . "\n";
|
839 |
+
$rule .= '}' . "\n";
|
840 |
+
$rule .= "//END Really Simple SSL" . "\n";
|
841 |
+
|
842 |
+
$insert_after = "<?php";
|
843 |
+
$pos = strpos($wpconfig, $insert_after);
|
844 |
+
if ($pos !== false) {
|
845 |
+
$wpconfig = substr_replace($wpconfig, $rule, $pos + 1 + strlen($insert_after), 0);
|
846 |
+
}
|
847 |
+
|
848 |
+
file_put_contents($wpconfig_path, $wpconfig);
|
849 |
+
if ($this->debug) {
|
850 |
+
$this->trace_log("wp config loadbalancer fix inserted");
|
851 |
+
}
|
852 |
+
} else {
|
853 |
+
if ($this->debug) {
|
854 |
+
$this->trace_log("wp config loadbalancer fix FAILED");
|
855 |
+
}
|
856 |
+
$this->wpconfig_loadbalancer_fix_failed = TRUE;
|
857 |
+
}
|
858 |
} else {
|
859 |
+
if ($this->debug) {
|
860 |
+
$this->trace_log("wp config loadbalancer fix already in place, great!");
|
861 |
+
}
|
862 |
}
|
863 |
+
$this->save_options();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
864 |
|
865 |
+
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
866 |
|
|
|
|
|
867 |
|
868 |
+
/**
|
869 |
+
* Getting WordPress to recognize setup as being SSL when no https server variable is available
|
870 |
+
*
|
871 |
+
* @since 2.1
|
872 |
+
*
|
873 |
+
* @access public
|
874 |
+
*
|
875 |
+
*/
|
876 |
|
877 |
+
public function wpconfig_server_variable_fix()
|
878 |
+
{
|
879 |
+
if (!current_user_can($this->capability)) return;
|
880 |
|
881 |
+
$wpconfig_path = $this->find_wp_config_path();
|
882 |
+
if (empty($wpconfig_path)) return;
|
883 |
+
$wpconfig = file_get_contents($wpconfig_path);
|
|
|
|
|
884 |
|
885 |
+
//check permissions
|
886 |
+
if (!is_writable($wpconfig_path)) {
|
887 |
+
if ($this->debug) $this->trace_log("wp-config.php not writable");
|
888 |
+
return;
|
|
|
|
|
889 |
}
|
890 |
|
891 |
+
//when more than one blog, first remove what we have
|
892 |
+
if (is_multisite() && !RSSSL()->rsssl_multisite->is_multisite_subfolder_install() && !RSSSL()->rsssl_multisite->ssl_enabled_networkwide && count($this->sites) > 1) {
|
893 |
+
$wpconfig = preg_replace("/\/\/Begin\s?Really\s?Simple\s?SSL.*?\/\/END\s?Really\s?Simple\s?SSL/s", "", $wpconfig);
|
894 |
+
$wpconfig = preg_replace("/\n+/", "\n", $wpconfig);
|
895 |
+
file_put_contents($wpconfig_path, $wpconfig);
|
896 |
}
|
897 |
|
898 |
+
//now create new
|
899 |
|
900 |
+
//check if the fix is already there
|
901 |
+
if (strpos($wpconfig, "//Begin Really Simple SSL Server variable fix") !== FALSE) {
|
902 |
+
if ($this->debug) {
|
903 |
+
$this->trace_log("wp config server variable fix already in place, great!");
|
904 |
+
}
|
905 |
+
return;
|
906 |
+
}
|
907 |
|
908 |
+
if ($this->debug) {
|
909 |
+
$this->trace_log("Adding server variable to wpconfig");
|
910 |
+
}
|
911 |
+
$rule = $this->get_server_variable_fix_code();
|
912 |
|
913 |
+
$insert_after = "<?php";
|
914 |
+
$pos = strpos($wpconfig, $insert_after);
|
915 |
+
if ($pos !== false) {
|
916 |
+
$wpconfig = substr_replace($wpconfig, $rule, $pos + 1 + strlen($insert_after), 0);
|
917 |
+
}
|
918 |
+
file_put_contents($wpconfig_path, $wpconfig);
|
919 |
+
if ($this->debug) $this->trace_log("wp config server variable fix inserted");
|
920 |
|
921 |
+
$this->save_options();
|
922 |
+
}
|
923 |
+
|
924 |
+
|
925 |
+
protected function get_server_variable_fix_code()
|
926 |
+
{
|
927 |
+
if (is_multisite() && !RSSSL()->rsssl_multisite->ssl_enabled_networkwide && RSSSL()->rsssl_multisite->is_multisite_subfolder_install()) {
|
928 |
+
if ($this->debug) $this->trace_log("per site activation on subfolder install, wp config server variable fix skipped");
|
929 |
+
return "";
|
930 |
+
}
|
931 |
+
|
932 |
+
if (is_multisite() && !RSSSL()->rsssl_multisite->ssl_enabled_networkwide && count($this->sites) == 0) {
|
933 |
+
if ($this->debug) $this->trace_log("no sites left with SSL, wp config server variable fix skipped");
|
934 |
+
return "";
|
935 |
+
}
|
936 |
+
|
937 |
+
if (is_multisite() && !RSSSL()->rsssl_multisite->ssl_enabled_networkwide) {
|
938 |
+
$rule = "\n" . "//Begin Really Simple SSL Server variable fix" . "\n";
|
939 |
+
foreach ($this->sites as $domain) {
|
940 |
+
//remove http or https.
|
941 |
+
if ($this->debug) {
|
942 |
+
$this->trace_log("getting server variable rule for:" . $domain);
|
943 |
+
}
|
944 |
+
$domain = preg_replace("/(http:\/\/|https:\/\/)/", "", $domain);
|
945 |
+
|
946 |
+
//we excluded subfolders, so treat as domain
|
947 |
+
//check only for domain without www, as the www variant is found as well with the no www search.
|
948 |
+
$domain_no_www = str_replace("www.", "", $domain);
|
949 |
+
|
950 |
+
$rule .= 'if ( strpos($_SERVER["HTTP_HOST"], "' . $domain_no_www . '")!==FALSE ) {' . "\n";
|
951 |
+
$rule .= ' $_SERVER["HTTPS"] = "on";' . "\n";
|
952 |
+
$rule .= '}' . "\n";
|
953 |
+
}
|
954 |
+
$rule .= "//END Really Simple SSL" . "\n";
|
955 |
+
} else {
|
956 |
+
$rule = "\n" . "//Begin Really Simple SSL Server variable fix" . "\n";
|
957 |
+
$rule .= '$_SERVER["HTTPS"] = "on";' . "\n";
|
958 |
+
$rule .= "//END Really Simple SSL" . "\n";
|
959 |
+
}
|
960 |
+
|
961 |
+
return $rule;
|
962 |
+
}
|
963 |
+
|
964 |
+
/**
|
965 |
+
* Removing changes made to the wpconfig
|
966 |
+
*
|
967 |
+
* @since 2.1
|
968 |
+
*
|
969 |
+
* @access public
|
970 |
+
*
|
971 |
+
*/
|
972 |
+
|
973 |
+
public function remove_wpconfig_edit()
|
974 |
+
{
|
975 |
+
|
976 |
+
$wpconfig_path = $this->find_wp_config_path();
|
977 |
+
if (empty($wpconfig_path)) return;
|
978 |
+
$wpconfig = file_get_contents($wpconfig_path);
|
979 |
+
|
980 |
+
//check for permissions
|
981 |
+
if (!is_writable($wpconfig_path)) {
|
982 |
+
if ($this->debug) $this->trace_log("could not remove wpconfig edits, wp-config.php not writable");
|
983 |
+
$this->errors['wpconfig not writable'] = TRUE;
|
984 |
+
return;
|
985 |
+
}
|
986 |
+
|
987 |
+
//remove edits
|
988 |
+
$wpconfig = preg_replace("/\/\/Begin\s?Really\s?Simple\s?SSL.*?\/\/END\s?Really\s?Simple\s?SSL/s", "", $wpconfig);
|
989 |
+
$wpconfig = preg_replace("/\n+/", "\n", $wpconfig);
|
990 |
+
file_put_contents($wpconfig_path, $wpconfig);
|
991 |
+
|
992 |
+
//in multisite environment, with per site activation, re-add
|
993 |
+
if (is_multisite() && !RSSSL()->rsssl_multisite->ssl_enabled_networkwide) {
|
994 |
+
if ($this->do_wpconfig_loadbalancer_fix)
|
995 |
+
$this->wpconfig_loadbalancer_fix();
|
996 |
+
|
997 |
+
if ($this->no_server_variable)
|
998 |
+
$this->wpconfig_server_variable_fix();
|
999 |
+
}
|
1000 |
+
|
1001 |
+
}
|
1002 |
+
|
1003 |
+
/**
|
1004 |
+
* Changes the siteurl and homeurl to https
|
1005 |
+
*
|
1006 |
+
* @since 2.0
|
1007 |
+
*
|
1008 |
+
* @access public
|
1009 |
+
*
|
1010 |
+
*/
|
1011 |
+
|
1012 |
+
public function set_siteurl_to_ssl()
|
1013 |
+
{
|
1014 |
+
if (!current_user_can($this->capability)) return;
|
1015 |
+
|
1016 |
+
$this->trace_log("converting siteurl and homeurl to https");
|
1017 |
+
|
1018 |
+
$siteurl_ssl = str_replace("http://", "https://", get_option('siteurl'));
|
1019 |
+
$homeurl_ssl = str_replace("http://", "https://", get_option('home'));
|
1020 |
+
update_option('siteurl', $siteurl_ssl);
|
1021 |
+
update_option('home', $homeurl_ssl);
|
1022 |
+
}
|
1023 |
+
|
1024 |
+
|
1025 |
+
/**
|
1026 |
+
* On de-activation, siteurl and homeurl are reset to http
|
1027 |
+
*
|
1028 |
+
* @since 2.0
|
1029 |
+
*
|
1030 |
+
* @access public
|
1031 |
+
*
|
1032 |
+
*/
|
1033 |
+
|
1034 |
+
public function remove_ssl_from_siteurl()
|
1035 |
+
{
|
1036 |
+
$siteurl_no_ssl = str_replace("https://", "http://", get_option('siteurl'));
|
1037 |
+
$homeurl_no_ssl = str_replace("https://", "http://", get_option('home'));
|
1038 |
+
update_option('siteurl', $siteurl_no_ssl);
|
1039 |
+
update_option('home', $homeurl_no_ssl);
|
1040 |
+
}
|
1041 |
+
|
1042 |
+
/**
|
1043 |
+
* Save the plugin options
|
1044 |
+
*
|
1045 |
+
* @since 2.0
|
1046 |
+
*
|
1047 |
+
* @access public
|
1048 |
+
*
|
1049 |
+
*/
|
1050 |
+
|
1051 |
+
public function save_options()
|
1052 |
+
{
|
1053 |
+
if (!current_user_can($this->capability)) return;
|
1054 |
+
|
1055 |
+
//any options added here should also be added to function options_validate()
|
1056 |
+
$options = array(
|
1057 |
+
'site_has_ssl' => $this->site_has_ssl,
|
1058 |
+
'hsts' => $this->hsts,
|
1059 |
+
'htaccess_warning_shown' => $this->htaccess_warning_shown,
|
1060 |
+
'ssl_success_message_shown' => $this->ssl_success_message_shown,
|
1061 |
+
'autoreplace_insecure_links' => $this->autoreplace_insecure_links,
|
1062 |
+
'plugin_db_version' => $this->plugin_db_version,
|
1063 |
+
'debug' => $this->debug,
|
1064 |
+
'do_not_edit_htaccess' => $this->do_not_edit_htaccess,
|
1065 |
+
'htaccess_redirect' => $this->htaccess_redirect,
|
1066 |
+
'ssl_enabled' => $this->ssl_enabled,
|
1067 |
+
'javascript_redirect' => $this->javascript_redirect,
|
1068 |
+
'wp_redirect' => $this->wp_redirect,
|
1069 |
+
'switch_mixed_content_fixer_hook' => $this->switch_mixed_content_fixer_hook,
|
1070 |
+
);
|
1071 |
+
|
1072 |
+
update_option('rlrsssl_options', $options);
|
1073 |
+
}
|
1074 |
+
|
1075 |
+
/**
|
1076 |
+
* Load the translation files
|
1077 |
+
*
|
1078 |
+
* @since 1.0
|
1079 |
+
*
|
1080 |
+
* @access public
|
1081 |
+
*
|
1082 |
+
*/
|
1083 |
+
|
1084 |
+
public function load_translation()
|
1085 |
+
{
|
1086 |
+
load_plugin_textdomain('really-simple-ssl', FALSE, dirname(plugin_basename(__FILE__)) . '/languages/');
|
1087 |
+
}
|
1088 |
+
|
1089 |
+
/**
|
1090 |
+
* Handles deactivation of this plugin
|
1091 |
+
*
|
1092 |
+
* @since 2.0
|
1093 |
+
*
|
1094 |
+
* @access public
|
1095 |
+
*
|
1096 |
+
*/
|
1097 |
+
|
1098 |
+
public function deactivate($networkwide)
|
1099 |
+
{
|
1100 |
+
$this->remove_ssl_from_siteurl();
|
1101 |
+
$this->remove_ssl_from_siteurl_in_wpconfig();
|
1102 |
+
|
1103 |
+
$this->site_has_ssl = FALSE;
|
1104 |
+
$this->hsts = FALSE;
|
1105 |
+
$this->htaccess_warning_shown = FALSE;
|
1106 |
+
$this->ssl_success_message_shown = FALSE;
|
1107 |
+
$this->autoreplace_insecure_links = TRUE;
|
1108 |
+
$this->do_not_edit_htaccess = FALSE;
|
1109 |
+
$this->htaccess_redirect = FALSE;
|
1110 |
+
$this->javascript_redirect = FALSE;
|
1111 |
+
$this->wp_redirect = FALSE;
|
1112 |
+
$this->ssl_enabled = FALSE;
|
1113 |
+
$this->switch_mixed_content_fixer_hook = FALSE;
|
1114 |
+
|
1115 |
+
$this->save_options();
|
1116 |
+
|
1117 |
+
//when on multisite, per site activation, recreate domain list for htaccess and wpconfig rewrite actions
|
1118 |
+
if (is_multisite()) {
|
1119 |
+
RSSSL()->rsssl_multisite->deactivate();
|
1120 |
+
if (!RSSSL()->rsssl_multisite->ssl_enabled_networkwide) $this->build_domain_list();
|
1121 |
+
}
|
1122 |
+
|
1123 |
+
$this->remove_wpconfig_edit();
|
1124 |
+
$this->removeHtaccessEdit();
|
1125 |
+
}
|
1126 |
+
|
1127 |
+
|
1128 |
+
/**
|
1129 |
+
* Checks if we are currently on SSL protocol, but extends standard wp with loadbalancer check.
|
1130 |
+
*
|
1131 |
+
* @since 2.0
|
1132 |
+
*
|
1133 |
+
* @access public
|
1134 |
+
*
|
1135 |
+
*/
|
1136 |
+
|
1137 |
+
public function is_ssl_extended()
|
1138 |
+
{
|
1139 |
+
$server_var = FALSE;
|
1140 |
+
|
1141 |
+
if ((isset($_ENV['HTTPS']) && ('on' == $_ENV['HTTPS']))
|
1142 |
+
|| (isset($_SERVER['HTTP_X_FORWARDED_SSL']) && (strpos($_SERVER['HTTP_X_FORWARDED_SSL'], '1') !== false))
|
1143 |
+
|| (isset($_SERVER['HTTP_X_FORWARDED_SSL']) && (strpos($_SERVER['HTTP_X_FORWARDED_SSL'], 'on') !== false))
|
1144 |
+
|| (isset($_SERVER['HTTP_CF_VISITOR']) && (strpos($_SERVER['HTTP_CF_VISITOR'], 'https') !== false))
|
1145 |
+
|| (isset($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO']) && (strpos($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO'], 'https') !== false))
|
1146 |
+
|| (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false))
|
1147 |
+
) {
|
1148 |
+
$server_var = TRUE;
|
1149 |
+
}
|
1150 |
+
|
1151 |
+
|
1152 |
+
if (is_ssl() || $server_var) {
|
1153 |
+
return true;
|
1154 |
+
} else {
|
1155 |
+
return false;
|
1156 |
+
}
|
1157 |
+
}
|
1158 |
+
|
1159 |
+
/**
|
1160 |
+
* Checks for SSL by opening a test page in the plugin directory
|
1161 |
+
*
|
1162 |
+
* @since 2.0
|
1163 |
+
*
|
1164 |
+
* @access public
|
1165 |
+
*
|
1166 |
+
*/
|
1167 |
+
|
1168 |
+
public function detect_configuration()
|
1169 |
+
{
|
1170 |
+
$this->trace_log("** Detecting configuration **");
|
1171 |
+
$this->trace_log("plugin version: " . rsssl_version);
|
1172 |
+
|
1173 |
+
//if current page is on SSL, we can assume SSL is available, even when an errormsg was returned
|
1174 |
+
if ($this->is_ssl_extended()) {
|
1175 |
+
$this->trace_log("Already on SSL, start detecting configuration");
|
1176 |
+
$this->site_has_ssl = TRUE;
|
1177 |
+
} else {
|
1178 |
+
//if certificate is valid
|
1179 |
+
$this->trace_log("Check SSL by retrieving SSL certificate info");
|
1180 |
+
$this->site_has_ssl = RSSSL()->rsssl_certificate->is_valid();
|
1181 |
+
}
|
1182 |
+
|
1183 |
+
if ($this->site_has_ssl) {
|
1184 |
+
$filecontents = $this->get_test_page_contents();
|
1185 |
+
|
1186 |
+
//get filecontents to check .htaccess redirection method and wpconfig fix
|
1187 |
+
//check the type of SSL, either by parsing the returned string, or by reading the server vars.
|
1188 |
+
if ((strpos($filecontents, "#CLOUDFRONT#") !== false) || (isset($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO']) && ($_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO'] == 'https'))) {
|
1189 |
+
$this->ssl_type = "CLOUDFRONT";
|
1190 |
+
} elseif ((strpos($filecontents, "#CLOUDFLARE#") !== false) || (isset($_SERVER['HTTP_CF_VISITOR']) && ($_SERVER['HTTP_CF_VISITOR'] == 'https'))) {
|
1191 |
+
$this->ssl_type = "CLOUDFLARE";
|
1192 |
+
} elseif ((strpos($filecontents, "#LOADBALANCER#") !== false) || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'))) {
|
1193 |
+
$this->ssl_type = "LOADBALANCER";
|
1194 |
+
} elseif ((strpos($filecontents, "#CDN#") !== false) || (isset($_SERVER['HTTP_X_FORWARDED_SSL']) && ($_SERVER['HTTP_X_FORWARDED_SSL'] == 'on' || $_SERVER['HTTP_X_FORWARDED_SSL'] == '1'))) {
|
1195 |
+
$this->ssl_type = "CDN";
|
1196 |
+
} elseif ((strpos($filecontents, "#SERVER-HTTPS-ON#") !== false) || (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on')) {
|
1197 |
+
$this->ssl_type = "SERVER-HTTPS-ON";
|
1198 |
+
} elseif ((strpos($filecontents, "#SERVER-HTTPS-1#") !== false) || (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == '1')) {
|
1199 |
+
$this->ssl_type = "SERVER-HTTPS-1";
|
1200 |
+
} elseif ((strpos($filecontents, "#SERVERPORT443#") !== false) || (isset($_SERVER['SERVER_PORT']) && ('443' == $_SERVER['SERVER_PORT']))) {
|
1201 |
+
$this->ssl_type = "SERVERPORT443";
|
1202 |
+
} elseif ((strpos($filecontents, "#ENVHTTPS#") !== false) || (isset($_ENV['HTTPS']) && ('on' == $_ENV['HTTPS']))) {
|
1203 |
+
$this->ssl_type = "ENVHTTPS";
|
1204 |
+
} elseif ((strpos($filecontents, "#NO KNOWN SSL CONFIGURATION DETECTED#") !== false)) {
|
1205 |
+
//if we are here, SSL was detected, but without any known server variables set.
|
1206 |
+
//So we can use this info to set a server variable ourselves.
|
1207 |
+
if (!$this->wpconfig_has_fixes()) {
|
1208 |
+
$this->no_server_variable = TRUE;
|
1209 |
+
}
|
1210 |
+
$this->trace_log("No server variable detected ");
|
1211 |
+
$this->ssl_type = "NA";
|
1212 |
+
} else {
|
1213 |
+
//no valid response, so set to NA
|
1214 |
+
$this->ssl_type = "NA";
|
1215 |
+
}
|
1216 |
+
|
1217 |
+
//check for is_ssl()
|
1218 |
+
if ((!$this->is_ssl_extended() &&
|
1219 |
+
(strpos($filecontents, "#SERVER-HTTPS-ON#") === false) &&
|
1220 |
+
(strpos($filecontents, "#SERVER-HTTPS-1#") === false) &&
|
1221 |
+
(strpos($filecontents, "#SERVERPORT443#") === false)) || (!is_ssl() && $this->is_ssl_extended())) {
|
1222 |
+
//when is_ssl would return false, we should add some code to wp-config.php
|
1223 |
+
if (!$this->wpconfig_has_fixes()) {
|
1224 |
+
$this->trace_log("is_ssl() will return false: wp-config fix needed");
|
1225 |
+
$this->do_wpconfig_loadbalancer_fix = TRUE;
|
1226 |
+
}
|
1227 |
+
}
|
1228 |
+
|
1229 |
+
$this->trace_log("SSL type: " . $this->ssl_type);
|
1230 |
+
}
|
1231 |
+
$this->check_for_siteurl_in_wpconfig();
|
1232 |
+
|
1233 |
+
$this->save_options();
|
1234 |
+
}
|
1235 |
+
|
1236 |
+
|
1237 |
+
/**
|
1238 |
+
* Test if the htaccess redirect will work
|
1239 |
+
* This way, no redirect loops should occur.
|
1240 |
+
*
|
1241 |
+
* @since 2.1
|
1242 |
+
*
|
1243 |
+
* @access public
|
1244 |
+
*
|
1245 |
+
*/
|
1246 |
+
|
1247 |
+
public function test_htaccess_redirect()
|
1248 |
+
{
|
1249 |
+
if (!current_user_can($this->capability)) return;
|
1250 |
+
if ($this->debug) {
|
1251 |
+
$this->trace_log("testing htaccess rules...");
|
1252 |
+
}
|
1253 |
+
$filecontents = "";
|
1254 |
+
$testpage_url = trailingslashit($this->test_url()) . "testssl/";
|
1255 |
+
switch ($this->ssl_type) {
|
1256 |
+
case "CLOUDFRONT":
|
1257 |
+
$testpage_url .= "cloudfront";
|
1258 |
+
break;
|
1259 |
+
case "CLOUDFLARE":
|
1260 |
+
$testpage_url .= "cloudflare";
|
1261 |
+
break;
|
1262 |
+
case "LOADBALANCER":
|
1263 |
+
$testpage_url .= "loadbalancer";
|
1264 |
+
break;
|
1265 |
+
case "CDN":
|
1266 |
+
$testpage_url .= "cdn";
|
1267 |
+
break;
|
1268 |
+
case "SERVER-HTTPS-ON":
|
1269 |
+
$testpage_url .= "serverhttpson";
|
1270 |
+
break;
|
1271 |
+
case "SERVER-HTTPS-1":
|
1272 |
+
$testpage_url .= "serverhttps1";
|
1273 |
+
break;
|
1274 |
+
case "SERVERPORT443":
|
1275 |
+
$testpage_url .= "serverport443";
|
1276 |
+
break;
|
1277 |
+
case "ENVHTTPS":
|
1278 |
+
$testpage_url .= "envhttps";
|
1279 |
+
break;
|
1280 |
+
}
|
1281 |
+
|
1282 |
+
$testpage_url .= ("/ssl-test-page.html");
|
1283 |
+
|
1284 |
+
$response = wp_remote_get($testpage_url);
|
1285 |
+
if (is_array($response)) {
|
1286 |
+
$status = wp_remote_retrieve_response_code($response);
|
1287 |
+
$filecontents = wp_remote_retrieve_body($response);
|
1288 |
+
}
|
1289 |
+
|
1290 |
+
$this->trace_log("test page url, enter in browser to check manually: " . $testpage_url);
|
1291 |
+
|
1292 |
+
if (!is_wp_error($response) && (strpos($filecontents, "#SSL TEST PAGE#") !== false)) {
|
1293 |
+
$this->htaccess_test_success = TRUE;
|
1294 |
+
$this->trace_log("htaccess rules tested successfully.");
|
1295 |
+
} else {
|
1296 |
+
//.htaccess rewrite rule seems to be giving problems.
|
1297 |
+
$this->htaccess_test_success = FALSE;
|
1298 |
+
if (is_wp_error($response)) {
|
1299 |
+
$this->trace_log("htaccess rules test failed with error: " . $response->get_error_message());
|
1300 |
+
} else {
|
1301 |
+
$this->trace_log("htaccess test rules failed. Set WordPress redirect in settings/SSL");
|
1302 |
+
}
|
1303 |
+
}
|
1304 |
+
}
|
1305 |
+
|
1306 |
+
|
1307 |
+
/**
|
1308 |
+
* Get an url with which we can test the SSL connection and htaccess redirect rules.
|
1309 |
+
*
|
1310 |
+
* @since 2.0
|
1311 |
+
*
|
1312 |
+
* @access public
|
1313 |
+
*
|
1314 |
+
*/
|
1315 |
+
|
1316 |
+
public function test_url()
|
1317 |
+
{
|
1318 |
+
$plugin_url = str_replace("http://", "https://", trailingslashit(rsssl_url));;
|
1319 |
+
$https_home_url = str_replace("http://", "https://", home_url());
|
1320 |
+
|
1321 |
+
//in some case we get a relative url here, so we check that.
|
1322 |
+
//we compare to urls replaced to https, in case one of them is still on http.
|
1323 |
+
if ((strpos($plugin_url, "https://") === FALSE) &&
|
1324 |
+
(strpos($plugin_url, $https_home_url) === FALSE)
|
1325 |
+
) {
|
1326 |
+
//make sure we do not have a slash at the start
|
1327 |
+
$plugin_url = ltrim($plugin_url, "/");
|
1328 |
+
$plugin_url = trailingslashit(home_url()) . $plugin_url;
|
1329 |
+
}
|
1330 |
+
|
1331 |
+
//for subdomains or domain mapping situations, we have to convert the plugin_url from main site to the subdomain url.
|
1332 |
+
if (is_multisite() && (!is_main_site(get_current_blog_id())) && (!RSSSL()->rsssl_multisite->is_multisite_subfolder_install())) {
|
1333 |
+
$mainsiteurl = trailingslashit(str_replace("http://", "https://", network_site_url()));
|
1334 |
+
|
1335 |
+
$home = trailingslashit($https_home_url);
|
1336 |
+
$plugin_url = str_replace($mainsiteurl, $home, $plugin_url);
|
1337 |
+
|
1338 |
+
//return http link if original url is http.
|
1339 |
+
//if (strpos(home_url(), "https://")===FALSE) $plugin_url = str_replace("https://","http://",$plugin_url);
|
1340 |
+
}
|
1341 |
+
|
1342 |
+
return $plugin_url;
|
1343 |
+
}
|
1344 |
+
|
1345 |
+
|
1346 |
+
/**
|
1347 |
+
* removes the added redirect to https rules to the .htaccess file.
|
1348 |
+
*
|
1349 |
+
* @since 2.0
|
1350 |
+
*
|
1351 |
+
* @access public
|
1352 |
+
*
|
1353 |
+
*/
|
1354 |
+
|
1355 |
+
public function removeHtaccessEdit()
|
1356 |
+
{
|
1357 |
+
if (file_exists($this->ABSpath . ".htaccess") && is_writable($this->ABSpath . ".htaccess")) {
|
1358 |
+
$htaccess = file_get_contents($this->ABSpath . ".htaccess");
|
1359 |
+
|
1360 |
+
|
1361 |
+
//if multisite, per site activation and more than one blog remaining on ssl, remove condition for this site only
|
1362 |
+
//the domain list has been rebuilt already, so current site is already removed.
|
1363 |
+
if (is_multisite() && !RSSSL()->rsssl_multisite->ssl_enabled_networkwide && count($this->sites) > 0) {
|
1364 |
+
//remove http or https.
|
1365 |
+
$domain = preg_replace("/(http:\/\/|https:\/\/)/", "", home_url());
|
1366 |
+
$pattern = "/#wpmu\srewritecond\s?" . preg_quote($domain, "/") . "\n.*?#end\swpmu\srewritecond\s?" . preg_quote($domain, "/") . "\n/s";
|
1367 |
+
|
1368 |
+
//only remove if the pattern is there at all
|
1369 |
+
if (preg_match($pattern, $htaccess)) $htaccess = preg_replace($pattern, "", $htaccess);
|
1370 |
+
//now replace any remaining "or" on the last condition.
|
1371 |
+
$pattern = "/(\[OR\])(?!.*(\[OR\]|#start).*?RewriteRule)/s";
|
1372 |
+
$htaccess = preg_replace($pattern, "", $htaccess, 1);
|
1373 |
+
|
1374 |
+
} else {
|
1375 |
+
// remove everything
|
1376 |
+
$pattern = "/#\s?BEGIN\s?rlrssslReallySimpleSSL.*?#\s?END\s?rlrssslReallySimpleSSL/s";
|
1377 |
+
//only remove if the pattern is there at all
|
1378 |
+
if (preg_match($pattern, $htaccess)) $htaccess = preg_replace($pattern, "", $htaccess);
|
1379 |
+
|
1380 |
+
}
|
1381 |
+
|
1382 |
+
$htaccess = preg_replace("/\n+/", "\n", $htaccess);
|
1383 |
+
file_put_contents($this->ABSpath . ".htaccess", $htaccess);
|
1384 |
+
$this->save_options();
|
1385 |
+
} else {
|
1386 |
+
$this->errors['HTACCESS_NOT_WRITABLE'] = TRUE;
|
1387 |
+
if ($this->debug) $this->trace_log("could not remove rules from htaccess, file not writable");
|
1388 |
+
}
|
1389 |
+
}
|
1390 |
+
|
1391 |
+
public function get_htaccess_version()
|
1392 |
+
{
|
1393 |
+
if (!file_exists($this->ABSpath . ".htaccess")) return false;
|
1394 |
+
|
1395 |
+
$htaccess = file_get_contents($this->ABSpath . ".htaccess");
|
1396 |
+
$versionpos = strpos($htaccess, "rsssl_version");
|
1397 |
+
|
1398 |
+
if ($versionpos === false) {
|
1399 |
+
//no version found, so not .htaccess rules.
|
1400 |
+
return false;
|
1401 |
+
} else {
|
1402 |
+
//find closing marker of version
|
1403 |
+
$close = strpos($htaccess, "]", $versionpos);
|
1404 |
+
$version = substr($htaccess, $versionpos + 14, $close - ($versionpos + 14));
|
1405 |
+
return $version;
|
1406 |
+
}
|
1407 |
+
}
|
1408 |
+
|
1409 |
+
|
1410 |
+
/* deprecated */
|
1411 |
+
|
1412 |
+
function htaccess_redirect_allowed()
|
1413 |
+
{
|
1414 |
+
if (is_multisite() && RSSSL()->rsssl_multisite->is_per_site_activated_multisite_subfolder_install()) {
|
1415 |
+
return false;
|
1416 |
+
} else {
|
1417 |
+
return true;
|
1418 |
+
}
|
1419 |
+
}
|
1420 |
+
|
1421 |
+
|
1422 |
+
/*
|
1423 |
+
Checks if the htaccess contains redirect rules, either actual redirect or a rsssl marker.
|
1424 |
+
*/
|
1425 |
+
|
1426 |
+
public function htaccess_contains_redirect_rules()
|
1427 |
+
{
|
1428 |
+
|
1429 |
+
if (!file_exists($this->ABSpath . ".htaccess")) {
|
1430 |
+
return false;
|
1431 |
+
}
|
1432 |
+
|
1433 |
+
$htaccess = file_get_contents($this->ABSpath . ".htaccess");
|
1434 |
+
|
1435 |
+
$needle_old = "RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]";
|
1436 |
+
$needle_new = "RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]";
|
1437 |
+
if (strpos($htaccess, $needle_old) !== FALSE || strpos($htaccess, $needle_new) !== FALSE || $this->contains_rsssl_rules()) {
|
1438 |
+
return true;
|
1439 |
+
} else {
|
1440 |
+
$this->trace_log(".htaccess does not contain default Really Simple SSL redirect");
|
1441 |
+
return false;
|
1442 |
+
}
|
1443 |
+
|
1444 |
+
}
|
1445 |
+
|
1446 |
+
|
1447 |
+
/*
|
1448 |
+
* Checks if the htaccess contains the Really Simple SSL comment.
|
1449 |
+
*
|
1450 |
+
*/
|
1451 |
+
|
1452 |
+
public function contains_rsssl_rules()
|
1453 |
+
{
|
1454 |
+
if (!file_exists($this->ABSpath . ".htaccess")) {
|
1455 |
+
return false;
|
1456 |
+
}
|
1457 |
+
|
1458 |
+
$htaccess = file_get_contents($this->ABSpath . ".htaccess");
|
1459 |
+
|
1460 |
+
$check = null;
|
1461 |
+
preg_match("/BEGIN rlrssslReallySimpleSSL/", $htaccess, $check);
|
1462 |
+
if (count($check) === 0) {
|
1463 |
+
return false;
|
1464 |
+
} else {
|
1465 |
+
return true;
|
1466 |
+
}
|
1467 |
+
}
|
1468 |
+
|
1469 |
+
/*
|
1470 |
+
* Checks if a 301 redirect is set
|
1471 |
+
* this is the case if either the wp_redirect is set, or the htaccess redirect is set.
|
1472 |
+
*
|
1473 |
+
*/
|
1474 |
+
|
1475 |
+
public function has_301_redirect()
|
1476 |
+
{
|
1477 |
+
if ($this->wp_redirect) return true;
|
1478 |
+
|
1479 |
+
if (RSSSL()->rsssl_server->uses_htaccess() && $this->htaccess_contains_redirect_rules()) {
|
1480 |
+
return true;
|
1481 |
+
}
|
1482 |
+
|
1483 |
+
return false;
|
1484 |
+
}
|
1485 |
+
|
1486 |
+
/**
|
1487 |
+
* Checks if the HSTS rule is already in the htaccess file
|
1488 |
+
* Set the hsts variable in the db accordingly. applies to preload version as well.
|
1489 |
+
*
|
1490 |
+
* @since 2.1
|
1491 |
+
*
|
1492 |
+
* @access public
|
1493 |
+
*
|
1494 |
+
*/
|
1495 |
+
|
1496 |
+
public function contains_hsts()
|
1497 |
+
{
|
1498 |
+
if (!file_exists($this->ABSpath . ".htaccess")) {
|
1499 |
+
$this->trace_log(".htaccess not found in " . $this->ABSpath);
|
1500 |
+
$result = $this->hsts; //just return the setting.
|
1501 |
+
} else {
|
1502 |
+
$htaccess = file_get_contents($this->ABSpath . ".htaccess");
|
1503 |
+
|
1504 |
+
preg_match("/Strict-Transport-Security/", $htaccess, $check);
|
1505 |
+
if (count($check) === 0) {
|
1506 |
+
$result = false;
|
1507 |
+
} else {
|
1508 |
+
$result = true;
|
1509 |
+
}
|
1510 |
+
}
|
1511 |
+
|
1512 |
+
return $result;
|
1513 |
+
}
|
1514 |
+
|
1515 |
+
|
1516 |
+
/**
|
1517 |
+
* Adds redirect to https rules to the .htaccess file.
|
1518 |
+
*
|
1519 |
+
* @since 2.0
|
1520 |
+
*
|
1521 |
+
* @access public
|
1522 |
+
*
|
1523 |
+
*/
|
1524 |
+
|
1525 |
+
public function editHtaccess()
|
1526 |
+
{
|
1527 |
+
if (!current_user_can($this->capability)) return;
|
1528 |
+
|
1529 |
+
//check if htaccess exists and if htaccess is writable
|
1530 |
+
//update htaccess to redirect to ssl
|
1531 |
+
|
1532 |
+
$this->trace_log("checking if .htaccess can or should be edited...");
|
1533 |
+
|
1534 |
+
//does it exist?
|
1535 |
+
if (!file_exists($this->ABSpath . ".htaccess")) {
|
1536 |
+
$this->trace_log(".htaccess not found.");
|
1537 |
+
return;
|
1538 |
+
}
|
1539 |
+
|
1540 |
+
//check if editing is blocked.
|
1541 |
+
if ($this->do_not_edit_htaccess) {
|
1542 |
+
$this->trace_log("Edit of .htaccess blocked by setting or define 'do not edit htaccess' in Really Simple SSL.");
|
1543 |
+
return;
|
1544 |
+
}
|
1545 |
+
|
1546 |
+
$htaccess = file_get_contents($this->ABSpath . ".htaccess");
|
1547 |
+
if (!$this->htaccess_contains_redirect_rules()) {
|
1548 |
+
|
1549 |
+
if (!is_writable($this->ABSpath . ".htaccess")) {
|
1550 |
+
//set the wp redirect as fallback, because .htaccess couldn't be edited.
|
1551 |
+
if ($this->clicked_activate_ssl()) $this->wp_redirect = true;
|
1552 |
+
if (is_multisite()) {
|
1553 |
+
RSSSL()->rsssl_multisite->wp_redirect = true;
|
1554 |
+
RSSSL()->rsssl_multisite->save_options();
|
1555 |
+
}
|
1556 |
+
$this->save_options();
|
1557 |
+
$this->trace_log(".htaccess not writable.");
|
1558 |
+
return;
|
1559 |
+
}
|
1560 |
+
|
1561 |
+
$rules = $this->get_redirect_rules();
|
1562 |
+
|
1563 |
+
//insert rules before wordpress part.
|
1564 |
+
if (strlen($rules) > 0) {
|
1565 |
+
$wptag = "# BEGIN WordPress";
|
1566 |
+
if (strpos($htaccess, $wptag) !== false) {
|
1567 |
+
$htaccess = str_replace($wptag, $rules . $wptag, $htaccess);
|
1568 |
+
} else {
|
1569 |
+
$htaccess = $htaccess . $rules;
|
1570 |
+
}
|
1571 |
+
file_put_contents($this->ABSpath . ".htaccess", $htaccess);
|
1572 |
+
}
|
1573 |
+
|
1574 |
+
}
|
1575 |
+
}
|
1576 |
+
|
1577 |
+
|
1578 |
+
public function update_htaccess_after_settings_save($oldvalue = false, $newvalue = false, $option = false)
|
1579 |
+
{
|
1580 |
+
if (!current_user_can($this->capability)) return;
|
1581 |
+
|
1582 |
+
//does it exist?
|
1583 |
+
if (!file_exists($this->ABSpath . ".htaccess")) {
|
1584 |
+
$this->trace_log(".htaccess not found.");
|
1585 |
+
return;
|
1586 |
+
}
|
1587 |
+
|
1588 |
+
|
1589 |
+
if (!is_writable($this->ABSpath . ".htaccess")) {
|
1590 |
+
if ($this->debug) $this->trace_log(".htaccess not writable.");
|
1591 |
+
return;
|
1592 |
+
}
|
1593 |
+
|
1594 |
+
//check if editing is blocked.
|
1595 |
+
if ($this->do_not_edit_htaccess) {
|
1596 |
+
$this->trace_log("Edit of .htaccess blocked by setting or define 'do not edit htaccess' in Really Simple SSL.");
|
1597 |
+
return;
|
1598 |
+
}
|
1599 |
+
|
1600 |
+
$htaccess = file_get_contents($this->ABSpath . ".htaccess");
|
1601 |
+
$htaccess = preg_replace("/#\s?BEGIN\s?rlrssslReallySimpleSSL.*?#\s?END\s?rlrssslReallySimpleSSL/s", "", $htaccess);
|
1602 |
+
$htaccess = preg_replace("/\n+/", "\n", $htaccess);
|
1603 |
+
|
1604 |
+
$rules = $this->get_redirect_rules();
|
1605 |
+
|
1606 |
+
//insert rules before WordPress part.
|
1607 |
+
$wptag = "# BEGIN WordPress";
|
1608 |
+
if (strpos($htaccess, $wptag) !== false) {
|
1609 |
+
$htaccess = str_replace($wptag, $rules . $wptag, $htaccess);
|
1610 |
+
} else {
|
1611 |
+
$htaccess = $htaccess . $rules;
|
1612 |
+
}
|
1613 |
+
file_put_contents($this->ABSpath . ".htaccess", $htaccess);
|
1614 |
+
|
1615 |
+
}
|
1616 |
+
|
1617 |
+
/**
|
1618 |
+
*
|
1619 |
+
* @since 2.2
|
1620 |
+
* Check if the mixed content fixer is functioning on the front end, by scanning the source of the homepage for the fixer comment.
|
1621 |
+
*
|
1622 |
+
*/
|
1623 |
+
|
1624 |
+
public function mixed_content_fixer_detected()
|
1625 |
+
{
|
1626 |
+
|
1627 |
+
$status = 0;
|
1628 |
+
$web_source = "";
|
1629 |
+
//check if the mixed content fixer is active
|
1630 |
+
$response = wp_remote_get(home_url());
|
1631 |
+
|
1632 |
+
if (is_array($response)) {
|
1633 |
+
$status = wp_remote_retrieve_response_code($response);
|
1634 |
+
$web_source = wp_remote_retrieve_body($response);
|
1635 |
+
}
|
1636 |
+
|
1637 |
+
if ($status != 200 || (strpos($web_source, "data-rsssl=") === false)) {
|
1638 |
+
$this->trace_log("Check for Mixed Content detection failed, http statuscode " . $status);
|
1639 |
+
return false;
|
1640 |
+
} else {
|
1641 |
+
$this->trace_log("Mixed content fixer was successfully detected on the front end.");
|
1642 |
+
return true;
|
1643 |
+
}
|
1644 |
+
}
|
1645 |
+
|
1646 |
+
/**
|
1647 |
+
* Create redirect rules for the .htaccess.
|
1648 |
+
*
|
1649 |
+
* @since 2.1
|
1650 |
+
*
|
1651 |
+
* @access public
|
1652 |
+
*
|
1653 |
+
*/
|
1654 |
+
|
1655 |
+
public function get_redirect_rules($manual = false)
|
1656 |
+
{
|
1657 |
+
if (!current_user_can($this->capability)) return;
|
1658 |
+
$this->trace_log("retrieving redirect rules");
|
1659 |
+
//only add the redirect rules when a known type of SSL was detected. Otherwise, we use https.
|
1660 |
+
$rule = "";
|
1661 |
+
|
1662 |
+
//if the htaccess test was successfull, and we know the redirectype, edit
|
1663 |
+
if ($this->htaccess_redirect && ($manual || $this->htaccess_test_success) && $this->ssl_type != "NA") {
|
1664 |
+
$this->trace_log("starting insertion of .htaccess redirects.");
|
1665 |
+
$rule .= "<IfModule mod_rewrite.c>" . "\n";
|
1666 |
+
$rule .= "RewriteEngine on" . "\n";
|
1667 |
+
|
1668 |
+
$or = "";
|
1669 |
+
if ($this->ssl_type == "SERVER-HTTPS-ON") {
|
1670 |
+
$rule .= "RewriteCond %{HTTPS} !=on [NC]" . "\n";
|
1671 |
+
} elseif ($this->ssl_type == "SERVER-HTTPS-1") {
|
1672 |
+
$rule .= "RewriteCond %{HTTPS} !=1" . "\n";
|
1673 |
+
} elseif ($this->ssl_type == "LOADBALANCER") {
|
1674 |
+
$rule .= "RewriteCond %{HTTP:X-Forwarded-Proto} !https" . "\n";
|
1675 |
+
} elseif ($this->ssl_type == "CLOUDFLARE") {
|
1676 |
+
$rule .= "RewriteCond %{HTTP:CF-Visitor} '" . '"scheme":"http"' . "'" . "\n";//some concatenation to get the quotes right.
|
1677 |
+
} elseif ($this->ssl_type == "SERVERPORT443") {
|
1678 |
+
$rule .= "RewriteCond %{SERVER_PORT} !443" . "\n";
|
1679 |
+
} elseif ($this->ssl_type == "CLOUDFRONT") {
|
1680 |
+
$rule .= "RewriteCond %{HTTP:CloudFront-Forwarded-Proto} !https" . "\n";
|
1681 |
+
} elseif ($this->ssl_type == "CDN") {
|
1682 |
+
$rule .= "RewriteCond %{HTTP:X-Forwarded-SSL} !on" . "\n";
|
1683 |
+
} elseif ($type == "ENVHTTPS") {
|
1684 |
+
$rule .= "RewriteCond %{ENV:HTTPS} !=on" . "\n";
|
1685 |
+
}
|
1686 |
+
|
1687 |
+
//if multisite, and NOT subfolder install (checked for in the detec_config function)
|
1688 |
+
//, add a condition so it only applies to sites where plugin is activated
|
1689 |
+
if (is_multisite() && !RSSSL()->rsssl_multisite->ssl_enabled_networkwide) {
|
1690 |
+
$this->trace_log("multisite, per site activation");
|
1691 |
+
|
1692 |
+
foreach ($this->sites as $domain) {
|
1693 |
+
$this->trace_log("adding condition for:" . $domain);
|
1694 |
+
|
1695 |
+
//remove http or https.
|
1696 |
+
$domain = preg_replace("/(http:\/\/|https:\/\/)/", "", $domain);
|
1697 |
+
//We excluded subfolders, so treat as domain
|
1698 |
+
|
1699 |
+
$domain_no_www = str_replace("www.", "", $domain);
|
1700 |
+
$domain_yes_www = "www." . $domain_no_www;
|
1701 |
+
|
1702 |
+
$rule .= "#wpmu rewritecond " . $domain . "\n";
|
1703 |
+
$rule .= "RewriteCond %{HTTP_HOST} ^" . preg_quote($domain_no_www, "/") . " [OR]" . "\n";
|
1704 |
+
$rule .= "RewriteCond %{HTTP_HOST} ^" . preg_quote($domain_yes_www, "/") . " [OR]" . "\n";
|
1705 |
+
$rule .= "#end wpmu rewritecond " . $domain . "\n";
|
1706 |
+
}
|
1707 |
+
|
1708 |
+
//now remove last [OR] if at least on one site the plugin was activated, so we have at lease one condition
|
1709 |
+
if (count($this->sites) > 0) {
|
1710 |
+
$rule = strrev(implode("", explode(strrev("[OR]"), strrev($rule), 2)));
|
1711 |
+
}
|
1712 |
+
} else {
|
1713 |
+
if ($this->debug) {
|
1714 |
+
$this->trace_log("single site or networkwide activation");
|
1715 |
+
}
|
1716 |
+
}
|
1717 |
+
|
1718 |
+
//fastest cache compatibility
|
1719 |
+
if (class_exists('WpFastestCache')) {
|
1720 |
+
$rule .= "RewriteCond %{REQUEST_URI} !wp-content\/cache\/(all|wpfc-mobile-cache)" . "\n";
|
1721 |
+
}
|
1722 |
+
|
1723 |
+
$rule .= "RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]" . "\n";
|
1724 |
+
|
1725 |
+
$rule .= "</IfModule>" . "\n";
|
1726 |
+
}
|
1727 |
+
|
1728 |
+
if (strlen($rule) > 0) {
|
1729 |
+
$rule = "\n" . "# BEGIN rlrssslReallySimpleSSL rsssl_version[" . rsssl_version . "]\n" . $rule . "# END rlrssslReallySimpleSSL" . "\n";
|
1730 |
+
}
|
1731 |
+
|
1732 |
+
$rule = apply_filters("rsssl_htaccess_output", $rule);
|
1733 |
+
|
1734 |
+
$rule = preg_replace("/\n+/", "\n", $rule);
|
1735 |
+
return $rule;
|
1736 |
+
}
|
1737 |
+
|
1738 |
+
|
1739 |
+
/**
|
1740 |
+
* Show warning when wpconfig could not be fixed
|
1741 |
+
*
|
1742 |
+
* @since 2.2
|
1743 |
+
*
|
1744 |
+
*/
|
1745 |
+
|
1746 |
+
public function show_notice_wpconfig_needs_fixes()
|
1747 |
+
{ ?>
|
1748 |
+
<div id="message" class="error fade notice">
|
1749 |
+
<h1><?php echo __("System detection encountered issues", "really-simple-ssl"); ?></h1>
|
1750 |
+
|
1751 |
+
<?php if ($this->wpconfig_siteurl_not_fixed) { ?>
|
1752 |
+
<p>
|
1753 |
+
<?php echo __("A definition of a siteurl or homeurl was detected in your wp-config.php, but the file is not writable.", "really-simple-ssl"); ?>
|
1754 |
+
</p>
|
1755 |
+
<p><?php echo __("Set your wp-config.php to writable and reload this page.", "really-simple-ssl"); ?></p>
|
1756 |
+
<?php }
|
1757 |
+
if ($this->do_wpconfig_loadbalancer_fix) { ?>
|
1758 |
+
<p><?php echo __("Your wp-config.php has to be edited, but is not writable.", "really-simple-ssl"); ?></p>
|
1759 |
+
<p><?php echo __("Because your site is behind a loadbalancer and is_ssl() returns false, you should add the following line of code to your wp-config.php.", "really-simple-ssl"); ?>
|
1760 |
+
|
1761 |
+
<br><br><code>
|
1762 |
+
//Begin Really Simple SSL Load balancing fix<br>
|
1763 |
+
$server_opts = array("HTTP_CLOUDFRONT_FORWARDED_PROTO" => "https", "HTTP_CF_VISITOR"=>"https",
|
1764 |
+
"HTTP_X_FORWARDED_PROTO"=>"https", "HTTP_X_FORWARDED_SSL"=>"on",
|
1765 |
+
"HTTP_X_FORWARDED_SSL"=>"1");<br>
|
1766 |
+
foreach( $server_opts as $option => $value ) {<br>
|
1767 |
+
if ((isset($_ENV["HTTPS"]) && ( "on" == $_ENV["HTTPS"] )) || (isset( $_SERVER[ $option ] )
|
1768 |
+
&& ( strpos( $_SERVER[ $option ], $value ) !== false )) ) {<br>
|
1769 |
+
$_SERVER[ "HTTPS" ] = "on";<br>
|
1770 |
+
break;<br>
|
1771 |
+
}<br>
|
1772 |
+
}<br>
|
1773 |
+
//END Really Simple SSL
|
1774 |
+
</code><br>
|
1775 |
+
</p>
|
1776 |
+
<p><?php echo __("Or set your wp-config.php to writable and reload this page.", "really-simple-ssl"); ?></p>
|
1777 |
+
<?php
|
1778 |
+
}
|
1779 |
+
|
1780 |
+
if ($this->no_server_variable) {
|
1781 |
+
?>
|
1782 |
+
<p><?php echo __('Because your server does not pass a variable with which WordPress can detect SSL, WordPress may create redirect loops on SSL.', 'really-simple-ssl'); ?></p>
|
1783 |
+
<p><?php echo __("Set your wp-config.php to writable and reload this page.", "really-simple-ssl"); ?></p>
|
1784 |
+
<?php
|
1785 |
+
}
|
1786 |
+
?>
|
1787 |
+
|
1788 |
+
</div>
|
1789 |
+
<?php
|
1790 |
+
}
|
1791 |
+
|
1792 |
+
|
1793 |
+
/**
|
1794 |
+
* Show notices
|
1795 |
+
*
|
1796 |
+
* @since 2.0
|
1797 |
+
*
|
1798 |
+
* @access public
|
1799 |
+
*
|
1800 |
+
*/
|
1801 |
+
|
1802 |
+
public function show_notices()
|
1803 |
+
{
|
1804 |
+
/*
|
1805 |
+
show a notice when the .htaccess file does not contain redirect rules
|
1806 |
+
*/
|
1807 |
+
|
1808 |
+
if (!$this->wp_redirect && $this->ssl_enabled && !$this->htaccess_warning_shown && !$this->htaccess_contains_redirect_rules()) {
|
1809 |
+
add_action('admin_print_footer_scripts', array($this, 'insert_dismiss_htaccess'));
|
1810 |
+
?>
|
1811 |
+
<div id="message" class="error fade notice is-dismissible rlrsssl-htaccess">
|
1812 |
+
<p>
|
1813 |
+
<?php echo __("You do not have a 301 redirect to https active in the settings. For SEO purposes it is advised to use 301 redirects. You can enable a 301 redirect in the settings.", "really-simple-ssl"); ?>
|
1814 |
+
<a href="options-general.php?page=rlrsssl_really_simple_ssl"><?php echo __("View settings page", "really-simple-ssl"); ?></a>
|
1815 |
+
</p>
|
1816 |
+
</div>
|
1817 |
+
<?php
|
1818 |
+
}
|
1819 |
+
|
1820 |
+
if (isset($this->errors["DEACTIVATE_FILE_NOT_RENAMED"])) {
|
1821 |
+
?>
|
1822 |
+
<div id="message" class="error fade notice is-dismissible rlrsssl-fail">
|
1823 |
+
<h1>
|
1824 |
+
<?php _e("Major security issue!", "really-simple-ssl"); ?>
|
1825 |
+
</h1>
|
1826 |
+
<p>
|
1827 |
+
<?php _e("The 'force-deactivate.php' file has to be renamed to .txt. Otherwise your ssl can be deactived by anyone on the internet.", "really-simple-ssl"); ?>
|
1828 |
+
</p>
|
1829 |
+
<a href="options-general.php?page=rlrsssl_really_simple_ssl"><?php echo __("Check again", "really-simple-ssl"); ?></a>
|
1830 |
+
</div>
|
1831 |
+
<?php
|
1832 |
+
}
|
1833 |
+
|
1834 |
+
if (is_multisite() && !is_main_site(get_current_blog_id())) return;
|
1835 |
+
/*
|
1836 |
+
SSL success message
|
1837 |
+
*/
|
1838 |
+
|
1839 |
+
if ($this->ssl_enabled && $this->site_has_ssl && !$this->ssl_success_message_shown) {
|
1840 |
+
if (!current_user_can("activate_plugins")) return;
|
1841 |
+
|
1842 |
+
add_action('admin_print_footer_scripts', array($this, 'insert_dismiss_success'));
|
1843 |
+
?>
|
1844 |
+
<div id="message" class="updated fade notice is-dismissible rlrsssl-success">
|
1845 |
+
<p>
|
1846 |
+
<?php _e("SSL activated!", "really-simple-ssl"); ?>
|
1847 |
+
<?php _e("Don't forget to change your settings in Google Analytics and Webmaster tools.", "really-simple-ssl"); ?>
|
1848 |
+
|
1849 |
+
<a target="_blank"
|
1850 |
+
href="https://really-simple-ssl.com/knowledge-base/how-to-setup-google-analytics-and-google-search-consolewebmaster-tools/"><?php _e("More info.", "really-simple-ssl"); ?></a>
|
1851 |
+
</p>
|
1852 |
+
</div>
|
1853 |
+
<?php
|
1854 |
+
}
|
1855 |
+
|
1856 |
+
//some notices for SSL situations
|
1857 |
+
if ($this->site_has_ssl) {
|
1858 |
+
if (sizeof($this->plugin_conflict) > 0) {
|
1859 |
+
//pre WooCommerce 2.5
|
1860 |
+
if (isset($this->plugin_conflict["WOOCOMMERCE_FORCEHTTP"]) && $this->plugin_conflict["WOOCOMMERCE_FORCEHTTP"] && isset($this->plugin_conflict["WOOCOMMERCE_FORCESSL"]) && $this->plugin_conflict["WOOCOMMERCE_FORCESSL"]) {
|
1861 |
+
?>
|
1862 |
+
<div id="message" class="error fade notice"><p>
|
1863 |
+
<?php _e("Really Simple SSL has a conflict with another plugin.", "really-simple-ssl"); ?>
|
1864 |
+
<br>
|
1865 |
+
<?php _e("The force http after leaving checkout in WooCommerce will create a redirect loop.", "really-simple-ssl"); ?>
|
1866 |
+
<br>
|
1867 |
+
<a href="admin.php?page=wc-settings&tab=checkout"><?php _e("Show me this setting", "really-simple-ssl"); ?></a>
|
1868 |
+
</p></div>
|
1869 |
+
<?php
|
1870 |
+
}
|
1871 |
+
}
|
1872 |
+
}
|
1873 |
+
}
|
1874 |
+
|
1875 |
+
/**
|
1876 |
+
* Insert some ajax script to dismiss the SSL success message, and stop nagging about it
|
1877 |
+
*
|
1878 |
+
* @since 2.0
|
1879 |
+
*
|
1880 |
+
* @access public
|
1881 |
+
*
|
1882 |
+
*/
|
1883 |
+
|
1884 |
+
public function insert_dismiss_success()
|
1885 |
+
{
|
1886 |
+
$ajax_nonce = wp_create_nonce("really-simple-ssl-dismiss");
|
1887 |
+
?>
|
1888 |
+
<script type='text/javascript'>
|
1889 |
+
jQuery(document).ready(function ($) {
|
1890 |
+
$(".rlrsssl-success.notice.is-dismissible").on("click", ".notice-dismiss", function (event) {
|
1891 |
+
var data = {
|
1892 |
+
'action': 'dismiss_success_message',
|
1893 |
+
'security': '<?php echo $ajax_nonce; ?>'
|
1894 |
+
};
|
1895 |
+
|
1896 |
+
$.post(ajaxurl, data, function (response) {
|
1897 |
+
|
1898 |
+
});
|
1899 |
+
});
|
1900 |
+
});
|
1901 |
+
</script>
|
1902 |
+
<?php
|
1903 |
+
}
|
1904 |
+
|
1905 |
+
/**
|
1906 |
+
* Insert some ajax script to dismis the htaccess failed fail message, and stop nagging about it
|
1907 |
+
*
|
1908 |
+
* @since 2.0
|
1909 |
+
*
|
1910 |
+
* @access public
|
1911 |
+
*
|
1912 |
+
*/
|
1913 |
+
|
1914 |
+
public function insert_dismiss_htaccess()
|
1915 |
+
{
|
1916 |
+
$ajax_nonce = wp_create_nonce("really-simple-ssl");
|
1917 |
+
?>
|
1918 |
+
<script type='text/javascript'>
|
1919 |
+
jQuery(document).ready(function ($) {
|
1920 |
+
$(".rlrsssl-htaccess.notice.is-dismissible").on("click", ".notice-dismiss", function (event) {
|
1921 |
+
var data = {
|
1922 |
+
'action': 'dismiss_htaccess_warning',
|
1923 |
+
'security': '<?php echo $ajax_nonce; ?>'
|
1924 |
+
};
|
1925 |
+
$.post(ajaxurl, data, function (response) {
|
1926 |
+
|
1927 |
+
});
|
1928 |
+
});
|
1929 |
+
});
|
1930 |
+
</script>
|
1931 |
+
<?php
|
1932 |
+
}
|
1933 |
+
|
1934 |
+
/**
|
1935 |
+
* Process the ajax dismissal of the success message.
|
1936 |
+
*
|
1937 |
+
* @since 2.0
|
1938 |
+
*
|
1939 |
+
* @access public
|
1940 |
+
*
|
1941 |
+
*/
|
1942 |
+
|
1943 |
+
public function dismiss_success_message_callback()
|
1944 |
+
{
|
1945 |
+
//nonce check fails if url is changed to SSL.
|
1946 |
+
//check_ajax_referer( 'really-simple-ssl-dismiss', 'security' );
|
1947 |
+
$this->ssl_success_message_shown = TRUE;
|
1948 |
+
$this->save_options();
|
1949 |
+
wp_die();
|
1950 |
+
}
|
1951 |
+
|
1952 |
+
/**
|
1953 |
+
* Process the ajax dismissal of the htaccess message.
|
1954 |
+
*
|
1955 |
+
* @since 2.1
|
1956 |
+
*
|
1957 |
+
* @access public
|
1958 |
+
*
|
1959 |
+
*/
|
1960 |
+
|
1961 |
+
public function dismiss_htaccess_warning_callback()
|
1962 |
+
{
|
1963 |
+
check_ajax_referer('really-simple-ssl', 'security');
|
1964 |
+
$this->htaccess_warning_shown = TRUE;
|
1965 |
+
$this->save_options();
|
1966 |
+
wp_die(); // this is required to terminate immediately and return a proper response
|
1967 |
+
}
|
1968 |
+
|
1969 |
+
|
1970 |
+
/**
|
1971 |
+
* Adds the admin options page
|
1972 |
+
*
|
1973 |
+
* @since 2.0
|
1974 |
+
*
|
1975 |
+
* @access public
|
1976 |
+
*
|
1977 |
+
*/
|
1978 |
+
|
1979 |
+
public function add_settings_page()
|
1980 |
+
{
|
1981 |
+
if (!current_user_can($this->capability)) return;
|
1982 |
+
//hides the settings page if the hide menu for subsites setting is enabled
|
1983 |
+
if (is_multisite() && rsssl_multisite::this()->hide_menu_for_subsites) return;
|
1984 |
+
|
1985 |
+
global $rsssl_admin_page;
|
1986 |
+
$rsssl_admin_page = add_options_page(
|
1987 |
+
__("SSL settings", "really-simple-ssl"), //link title
|
1988 |
+
__("SSL", "really-simple-ssl"), //page title
|
1989 |
+
$this->capability, //capability
|
1990 |
+
'rlrsssl_really_simple_ssl', //url
|
1991 |
+
array($this, 'settings_page')); //function
|
1992 |
+
|
1993 |
+
// Adds my_help_tab when my_admin_page loads
|
1994 |
+
add_action('load-' . $rsssl_admin_page, array($this, 'admin_add_help_tab'));
|
1995 |
+
|
1996 |
+
}
|
1997 |
+
|
1998 |
+
/**
|
1999 |
+
* Admin help tab
|
2000 |
+
*
|
2001 |
+
* @since 2.0
|
2002 |
+
*
|
2003 |
+
* @access public
|
2004 |
+
*
|
2005 |
+
*/
|
2006 |
+
|
2007 |
+
public function admin_add_help_tab()
|
2008 |
+
{
|
2009 |
+
$screen = get_current_screen();
|
2010 |
+
// Add my_help_tab if current screen is My Admin Page
|
2011 |
+
$screen->add_help_tab(array(
|
2012 |
+
'id' => "really-simple-ssl-documentation",
|
2013 |
+
'title' => __("Documentation", "really-simple-ssl"),
|
2014 |
+
'content' => '<p>' . __("On <a href='https://really-simple-ssl.com'>really-simple-ssl.com</a> you can find a lot of articles and documentation about installing this plugin, and installing SSL in general.", "really-simple-ssl") . '</p>',
|
2015 |
+
));
|
2016 |
+
}
|
2017 |
+
|
2018 |
+
/**
|
2019 |
+
* Create tabs on the settings page
|
2020 |
+
*
|
2021 |
+
* @since 2.1
|
2022 |
+
*
|
2023 |
+
* @access public
|
2024 |
+
*
|
2025 |
+
*/
|
2026 |
+
|
2027 |
+
public function admin_tabs($current = 'homepage')
|
2028 |
+
{
|
2029 |
+
$tabs = array(
|
2030 |
+
'configuration' => __("Configuration", "really-simple-ssl"),
|
2031 |
+
'settings' => __("Settings", "really-simple-ssl"),
|
2032 |
+
'debug' => __("Debug", "really-simple-ssl")
|
2033 |
+
);
|
2034 |
+
|
2035 |
+
$tabs = apply_filters("rsssl_tabs", $tabs);
|
2036 |
+
|
2037 |
+
echo '<h2 class="nav-tab-wrapper">';
|
2038 |
+
|
2039 |
+
foreach ($tabs as $tab => $name) {
|
2040 |
+
$class = ($tab == $current) ? ' nav-tab-active' : '';
|
2041 |
+
echo "<a class='nav-tab$class' href='?page=rlrsssl_really_simple_ssl&tab=$tab'>$name</a>";
|
2042 |
+
}
|
2043 |
+
echo '</h2>';
|
2044 |
+
}
|
2045 |
+
|
2046 |
+
/**
|
2047 |
+
* Build the settings page
|
2048 |
+
*
|
2049 |
+
* @since 2.0
|
2050 |
+
*
|
2051 |
+
* @access public
|
2052 |
+
*
|
2053 |
+
*/
|
2054 |
+
|
2055 |
+
public function settings_page()
|
2056 |
+
{
|
2057 |
+
if (!current_user_can($this->capability)) return;
|
2058 |
+
|
2059 |
+
if (isset ($_GET['tab'])) $this->admin_tabs($_GET['tab']); else $this->admin_tabs('configuration');
|
2060 |
+
if (isset ($_GET['tab'])) $tab = $_GET['tab']; else $tab = 'configuration';
|
2061 |
+
|
2062 |
+
?>
|
2063 |
+
<div class="rsssl-container">
|
2064 |
+
<div class="rsssl-main"><?php
|
2065 |
+
|
2066 |
+
switch ($tab) {
|
2067 |
+
case 'configuration' :
|
2068 |
+
/*
|
2069 |
+
First tab, configuration
|
2070 |
+
*/
|
2071 |
+
?>
|
2072 |
+
<h2><?php echo __("Detected setup", "really-simple-ssl"); ?></h2>
|
2073 |
+
<table class="really-simple-ssl-table">
|
2074 |
+
|
2075 |
+
<?php if ($this->site_has_ssl) { ?>
|
2076 |
+
<tr>
|
2077 |
+
<td><?php echo $this->ssl_enabled ? $this->img("success") : $this->img("error"); ?></td>
|
2078 |
+
<td><?php
|
2079 |
+
if ($this->ssl_enabled) {
|
2080 |
+
_e("SSL is enabled on your site.", "really-simple-ssl") . " ";
|
2081 |
+
} else {
|
2082 |
+
_e("SSL is not enabled yet", "really-simple-ssl") . " ";
|
2083 |
+
$this->show_enable_ssl_button();
|
2084 |
+
}
|
2085 |
+
?>
|
2086 |
+
</td>
|
2087 |
+
<td></td>
|
2088 |
+
</tr>
|
2089 |
+
<?php }
|
2090 |
+
|
2091 |
+
/* check if the mixed content fixer is working */
|
2092 |
+
if ($this->ssl_enabled && $this->autoreplace_insecure_links && $this->site_has_ssl) {
|
2093 |
+
$mixed_content_fixer_detected = $this->mixed_content_fixer_detected();
|
2094 |
+
?>
|
2095 |
+
<tr>
|
2096 |
+
<td><?php echo $mixed_content_fixer_detected ? $this->img("success") : $this->img("error"); ?></td>
|
2097 |
+
<td><?php
|
2098 |
+
if ($mixed_content_fixer_detected) {
|
2099 |
+
_e("Mixed content fixer was successfully detected on the front-end", "really-simple-ssl") . " ";
|
2100 |
+
} else {
|
2101 |
+
_e('The mixed content fixer is active, but was not detected on the frontpage. Please follow these steps to check if the mixed content fixer is working.', "really-simple-ssl") . ": ";
|
2102 |
+
echo ' <a target="_blank" href="https://www.really-simple-ssl.com/knowledge-base/how-to-check-if-the-mixed-content-fixer-is-active/">';
|
2103 |
+
_e('Instructions', 'really-simple-ssl');
|
2104 |
+
echo '</a>';
|
2105 |
+
}
|
2106 |
+
?>
|
2107 |
+
</td>
|
2108 |
+
<td></td>
|
2109 |
+
</tr>
|
2110 |
+
<?php } ?>
|
2111 |
+
<tr>
|
2112 |
+
<td><?php echo ($this->site_has_ssl && $this->wpconfig_ok()) ? $this->img("success") : $this->img("error"); ?></td>
|
2113 |
+
<td><?php
|
2114 |
+
if (!$this->wpconfig_ok()) {
|
2115 |
+
_e("Failed activating SSL", "really-simple-ssl") . " ";
|
2116 |
+
} elseif (!$this->site_has_ssl) {
|
2117 |
+
_e("No SSL detected.", "really-simple-ssl") . " ";
|
2118 |
+
} else {
|
2119 |
+
_e("An SSL certificate was detected on your site. ", "really-simple-ssl");
|
2120 |
+
}
|
2121 |
+
?>
|
2122 |
+
</td>
|
2123 |
+
<td></td>
|
2124 |
+
</tr>
|
2125 |
+
<?php if ($this->ssl_enabled) { ?>
|
2126 |
+
<tr>
|
2127 |
+
<td>
|
2128 |
+
<?php echo ($this->has_301_redirect()) ? $this->img("success") : $this->img("warning"); ?>
|
2129 |
+
</td>
|
2130 |
+
<td>
|
2131 |
+
<?php
|
2132 |
+
|
2133 |
+
if ($this->has_301_redirect()) {
|
2134 |
+
_e("301 redirect to https set: ", "really-simple-ssl");
|
2135 |
+
if (RSSSL()->rsssl_server->uses_htaccess() && $this->htaccess_contains_redirect_rules())
|
2136 |
+
_e(".htaccess redirect", "really-simple-ssl");
|
2137 |
+
|
2138 |
+
if (RSSSL()->rsssl_server->uses_htaccess() && $this->htaccess_contains_redirect_rules() && $this->wp_redirect)
|
2139 |
+
echo " " . __("and", "really-simple-ssl") . " ";
|
2140 |
+
|
2141 |
+
if ($this->wp_redirect)
|
2142 |
+
_e("WordPress redirect", "really-simple-ssl");
|
2143 |
+
|
2144 |
+
} elseif (RSSSL()->rsssl_server->uses_htaccess() && (!is_multisite() || !RSSSL()->rsssl_multisite->is_per_site_activated_multisite_subfolder_install())) {
|
2145 |
+
if (is_writable($this->ABSpath . ".htaccess")) {
|
2146 |
+
_e("Enable a .htaccess redirect or WordPress redirect in the settings to create a 301 redirect.", "really-simple-ssl");
|
2147 |
+
} elseif (!is_writable($this->ABSpath . ".htaccess")) {
|
2148 |
+
_e(".htaccess is not writable. Set 301 WordPress redirect, or set the .htaccess manually if you want to redirect in .htaccess.", "really-simple-ssl");
|
2149 |
+
} else {
|
2150 |
+
_e("Https redirect cannot be set in the .htaccess. Set the .htaccess redirect manually or enable WordPress redirect in the settings.", "really-simple-ssl");
|
2151 |
+
}
|
2152 |
+
} else {
|
2153 |
+
_e("No 301 redirect is set. Enable the WordPress 301 redirect in the settings to get a 301 permanent redirect.", "really-simple-ssl");
|
2154 |
+
}
|
2155 |
+
?>
|
2156 |
+
</td>
|
2157 |
+
<td></td>
|
2158 |
+
</tr>
|
2159 |
+
|
2160 |
+
<?php
|
2161 |
+
}
|
2162 |
+
?>
|
2163 |
+
|
2164 |
+
</table>
|
2165 |
+
<?php do_action("rsssl_configuration_page"); ?>
|
2166 |
+
<?php
|
2167 |
+
break;
|
2168 |
+
case 'settings' :
|
2169 |
+
/*
|
2170 |
+
Second tab, Settings
|
2171 |
+
*/
|
2172 |
+
|
2173 |
+
?>
|
2174 |
+
<form action="options.php" method="post">
|
2175 |
+
<?php
|
2176 |
+
settings_fields('rlrsssl_options');
|
2177 |
+
do_settings_sections('rlrsssl');
|
2178 |
+
?>
|
2179 |
+
|
2180 |
+
<input class="button button-primary" name="Submit" type="submit"
|
2181 |
+
value="<?php echo __("Save", "really-simple-ssl"); ?>"/>
|
2182 |
+
</form>
|
2183 |
+
<?php
|
2184 |
+
break;
|
2185 |
+
|
2186 |
+
case 'debug' :
|
2187 |
+
/*
|
2188 |
+
third tab: debug
|
2189 |
+
*/
|
2190 |
+
?>
|
2191 |
+
<div>
|
2192 |
+
<?php
|
2193 |
+
if ($this->debug) {
|
2194 |
+
echo "<h2>" . __("Log for debugging purposes", "really-simple-ssl") . "</h2>";
|
2195 |
+
echo "<p>" . __("Send me a copy of these lines if you have any issues. The log will be erased when debug is set to false", "really-simple-ssl") . "</p>";
|
2196 |
+
echo "<div class='debug-log'>";
|
2197 |
+
if (defined('RSSSL_SAFE_MODE') && RSSSL_SAFE_MODE) echo "SAFE MODE<br>";
|
2198 |
+
echo "Options:<br>";
|
2199 |
+
if ($this->htaccess_redirect) echo "* htaccess redirect<br>";
|
2200 |
+
if ($this->wp_redirect) echo "* WordPress redirect<br>";
|
2201 |
+
if ($this->autoreplace_insecure_links) echo "* Mixed content fixer<br>";
|
2202 |
+
|
2203 |
+
echo "SERVER: " . RSSSL()->rsssl_server->get_server() . "<br>";
|
2204 |
+
if (is_multisite()) {
|
2205 |
+
echo "MULTISITE<br>";
|
2206 |
+
echo (!RSSSL()->rsssl_multisite->ssl_enabled_networkwide) ? "SSL is being activated per site<br>" : "SSL is activated network wide<br>";
|
2207 |
+
}
|
2208 |
+
|
2209 |
+
echo ($this->ssl_enabled) ? "SSL is enabled for this site<br>" : "SSL is not yet enabled for this site<br>";
|
2210 |
+
echo $this->debug_log;
|
2211 |
+
echo "</div>";
|
2212 |
+
//$this->debug_log.="<br><b>-----------------------</b>";
|
2213 |
+
$this->debug_log = "";
|
2214 |
+
$this->save_options();
|
2215 |
+
} else {
|
2216 |
+
echo "<br>";
|
2217 |
+
_e("To view results here, enable the debug option in the settings tab.", "really-simple-ssl");
|
2218 |
+
}
|
2219 |
+
|
2220 |
+
?>
|
2221 |
+
</div>
|
2222 |
+
<?php
|
2223 |
+
break;
|
2224 |
+
}
|
2225 |
+
//possibility to hook into the tabs.
|
2226 |
+
do_action("show_tab_{$tab}");
|
2227 |
+
?>
|
2228 |
+
</div><!-- end main-->
|
2229 |
+
|
2230 |
+
<?php
|
2231 |
+
|
2232 |
+
/**
|
2233 |
+
*
|
2234 |
+
* Generate a sidebar for free users to advertise pro
|
2235 |
+
* When using Ultimate Member, also show Ultimate Member add-ons
|
2236 |
+
* Pro users never see the sidebar
|
2237 |
+
*
|
2238 |
+
* @since 2.5.27
|
2239 |
+
*
|
2240 |
+
*/
|
2241 |
+
|
2242 |
+
if (!defined("rsssl_pro_version") && (!defined("rsssl_pp_version")) && (!defined("rsssl_soc_version")) && (!class_exists('RSSSL_PRO'))) {
|
2243 |
+
|
2244 |
+
//Generate the Really Simple Plugins logo and recommended plugins text
|
2245 |
+
|
2246 |
+
?>
|
2247 |
+
<div class="rsssl-sidebar">
|
2248 |
+
<div class="rsssl-really-simple-plugins-logo">
|
2249 |
+
<?php echo "<img class='rsssl-pro-image' src='" . trailingslashit(rsssl_url) . "assets/really-simple-plugins.png' alt='Really Simple SSL pro'>"; ?>
|
2250 |
+
</div>
|
2251 |
+
<div class="rsssl-sidebar-title">
|
2252 |
+
<?php
|
2253 |
+
$link_open = '<a target="_blank" href="https://really-simple-ssl.com/contact">';
|
2254 |
+
|
2255 |
+
?>
|
2256 |
+
<h3> <?php echo sprintf(__("We have some suggestions for your setup. Let us know if you have a suggestion for %sus%s!", "really-simple-ssl"), $link_open, "</a>") ?></h3>
|
2257 |
+
</div>
|
2258 |
+
|
2259 |
+
<?php
|
2260 |
+
|
2261 |
+
/*
|
2262 |
+
*
|
2263 |
+
* Generate a container for Really Simple SSL pro, Ultimate Member and Moneybird plugins
|
2264 |
+
* Pro container has different image size, text position and button color then UM and Moneybird
|
2265 |
+
* Before generating, check if Really Simple SSL pro, Ultimate Member is active. For Moneybird, check if locale = nl_NL
|
2266 |
+
*
|
2267 |
+
*/
|
2268 |
+
|
2269 |
+
$url = is_multisite() ? 'https://really-simple-ssl.com/downloads/really-simple-ssl-pro-multisite/' : 'https://really-simple-ssl.com/downloads/really-simple-ssl-pro/';
|
2270 |
+
$this->get_banner_html(array(
|
2271 |
+
'img' => 'rsssl-pro.jpg',
|
2272 |
+
'title' => 'Really Simple SSL Pro',
|
2273 |
+
'description' => __("Really Simple SSL pro optimizes your SSL configuration: extensive scan for mixed content issues, access to premium support, HSTS and more!", "really-simple-ssl"),
|
2274 |
+
'url' => $url,
|
2275 |
+
'pro' => true,
|
2276 |
+
)
|
2277 |
+
);
|
2278 |
+
$this->get_banner_html(array(
|
2279 |
+
'img' => 'complianz-white.jpg',
|
2280 |
+
'title' => 'ComplianZ',
|
2281 |
+
'description' => __("GDPR Ready with the Complianz WordPress Plugin. Always up-to-date documentation by one of the most prominent EU IT Law firms.", "really-simple-ssl"),
|
2282 |
+
'url' => 'https://complianz.io/en/pricing/',
|
2283 |
+
'pro' => true,
|
2284 |
+
)
|
2285 |
+
);
|
2286 |
+
|
2287 |
+
if (defined("ultimatemember_version")) {
|
2288 |
+
|
2289 |
+
if (!defined("um_tagging_version")) {
|
2290 |
+
|
2291 |
+
$this->get_banner_html(array(
|
2292 |
+
'img' => 'um-tagging.jpg',
|
2293 |
+
'title' => 'UM Tagging',
|
2294 |
+
'description' => __("UM Tagging allows you to @tag or @mention all users on your platform.", "really-simple-ssl"),
|
2295 |
+
'url' => 'https://really-simple-plugins.com/download/um-tagging/',
|
2296 |
+
)
|
2297 |
+
);
|
2298 |
+
}
|
2299 |
+
|
2300 |
+
if (!defined("um_most_visited_version")) {
|
2301 |
+
|
2302 |
+
$this->get_banner_html(array(
|
2303 |
+
'img' => 'um-most-visited.jpg',
|
2304 |
+
'title' => 'UM Most Visited',
|
2305 |
+
'description' => __("Show the most visited users and add a 'last visited users' tab to each user profile.", "really-simple-ssl"),
|
2306 |
+
'url' => 'https://really-simple-plugins.com/download/most-visited-members/',
|
2307 |
+
)
|
2308 |
+
);
|
2309 |
+
}
|
2310 |
+
|
2311 |
+
if (!defined("um_tagging_version")) {
|
2312 |
+
$this->get_banner_html(array(
|
2313 |
+
'img' => 'um-mail-alerts.jpg',
|
2314 |
+
'title' => 'UM Mail Alerts',
|
2315 |
+
'description' => __("Automatically send a notification when a user's post on the activity feed is liked or commented on.", "really-simple-ssl"),
|
2316 |
+
'url' => 'https://really-simple-plugins.com/download/um-mail-alerts/',
|
2317 |
+
)
|
2318 |
+
);
|
2319 |
+
|
2320 |
+
}
|
2321 |
+
|
2322 |
+
if (defined("EDD_SL_PLUGIN_DIR") && (get_locale() === 'nl_NL')) {
|
2323 |
+
$this->get_banner_html(array(
|
2324 |
+
'img' => 'edd-moneybird.jpg',
|
2325 |
+
'title' => 'EDD Moneybird',
|
2326 |
+
'description' => __("Export your Easy Digital Downloads sales directly to Moneybird.", "really-simple-ssl"),
|
2327 |
+
'url' => 'https://really-simple-plugins.com/download/edd-moneybird/',
|
2328 |
+
)
|
2329 |
+
);
|
2330 |
+
|
2331 |
+
}
|
2332 |
+
|
2333 |
+
if (defined('WC_PLUGIN_FILE') && (get_locale() === 'nl_NL')) {
|
2334 |
+
$this->get_banner_html(array(
|
2335 |
+
'img' => 'woocommerce-moneybird.jpg',
|
2336 |
+
'title' => 'WooCommerce Moneybird',
|
2337 |
+
'description' => __("Export your WooCommerce sales directly to Moneybird.", "really-simple-ssl"),
|
2338 |
+
'url' => 'https://really-simple-plugins.com/download/woocommerce-moneybird/',
|
2339 |
+
)
|
2340 |
+
);
|
2341 |
+
|
2342 |
+
}
|
2343 |
+
} ?>
|
2344 |
+
</div>
|
2345 |
+
<?php }
|
2346 |
+
?>
|
2347 |
+
|
2348 |
+
|
2349 |
+
</div><!-- end container -->
|
2350 |
+
<?php
|
2351 |
+
}
|
2352 |
+
|
2353 |
+
/**
|
2354 |
+
* Returns a success, error or warning image for the settings page
|
2355 |
+
*
|
2356 |
+
* @since 2.0
|
2357 |
+
*
|
2358 |
+
* @access public
|
2359 |
+
*
|
2360 |
+
* @param string $type the type of image
|
2361 |
+
*
|
2362 |
+
* @return html string
|
2363 |
+
*/
|
2364 |
+
|
2365 |
+
public function img($type)
|
2366 |
+
{
|
2367 |
+
if ($type == 'success') {
|
2368 |
+
return "<img class='rsssl-icons' src='" . trailingslashit(rsssl_url) . "img/check-icon.png' alt='success'>";
|
2369 |
+
} elseif ($type == "error") {
|
2370 |
+
return "<img class='rsssl-icons' src='" . trailingslashit(rsssl_url) . "img/cross-icon.png' alt='error'>";
|
2371 |
+
} else {
|
2372 |
+
return "<img class='rsssl-icons' src='" . trailingslashit(rsssl_url) . "img/warning-icon.png' alt='warning'>";
|
2373 |
+
}
|
2374 |
+
}
|
2375 |
+
|
2376 |
+
|
2377 |
+
private function get_banner_html($args)
|
2378 |
+
{
|
2379 |
+
|
2380 |
+
$default = array(
|
2381 |
+
'pro' => false,
|
2382 |
+
);
|
2383 |
+
|
2384 |
+
$args = wp_parse_args($args, $default);
|
2385 |
+
|
2386 |
+
$pro = $args['pro'] ? '-pro' : '';
|
2387 |
+
?>
|
2388 |
+
<div class="rsssl-sidebar-single-content-container<?php echo $pro ?>">
|
2389 |
+
<img class="rsssl-sidebar-image<?php echo $pro ?>"
|
2390 |
+
src="<?php echo trailingslashit(rsssl_url) . 'assets/' . $args['img'] ?>"
|
2391 |
+
alt="<?php echo $args['title'] ?>">
|
2392 |
+
<div class="rsssl-sidebar-text-content<?php echo $pro ?>">
|
2393 |
+
<?php echo $args['description'] ?>
|
2394 |
+
</div>
|
2395 |
+
<div class="rsssl-more-info-button">
|
2396 |
+
<a id="rsssl-premium-button<?php echo $pro ?>" class="button"
|
2397 |
+
href="<?php echo $args['url'] ?>"
|
2398 |
+
target="_blank"> <?php echo __("More info", "really-simple-ssl") ?> </a>
|
2399 |
+
</div>
|
2400 |
+
</div>
|
2401 |
+
<?php
|
2402 |
+
}
|
2403 |
+
|
2404 |
+
/**
|
2405 |
+
* Add some css for the settings page
|
2406 |
+
*
|
2407 |
+
* @since 2.0
|
2408 |
+
*
|
2409 |
+
* @access public
|
2410 |
+
*
|
2411 |
+
*/
|
2412 |
+
|
2413 |
+
public function enqueue_assets($hook)
|
2414 |
+
{
|
2415 |
+
global $rsssl_admin_page;
|
2416 |
+
//prevent from loading on other pages than settings page.
|
2417 |
+
if ((!is_network_admin() && ($hook != $rsssl_admin_page)) && $this->ssl_enabled)
|
2418 |
+
return;
|
2419 |
+
|
2420 |
+
wp_register_style('rlrsssl-css', trailingslashit(rsssl_url) . 'css/main.css', "", rsssl_version);
|
2421 |
+
wp_enqueue_style('rlrsssl-css');
|
2422 |
+
}
|
2423 |
+
|
2424 |
+
|
2425 |
+
/*
|
2426 |
+
|
2427 |
+
feedback for the free users. Pro users see something different.
|
2428 |
+
|
2429 |
+
*/
|
2430 |
+
|
2431 |
+
|
2432 |
+
public function configuration_page_more()
|
2433 |
+
{
|
2434 |
+
?>
|
2435 |
+
<table>
|
2436 |
+
<tr>
|
2437 |
+
<td>
|
2438 |
+
<?php echo $this->contains_hsts() ? $this->img("success") : $this->img("warning"); ?>
|
2439 |
+
</td>
|
2440 |
+
<td>
|
2441 |
+
<?php
|
2442 |
+
if ($this->contains_hsts()) {
|
2443 |
+
_e("HTTP Strict Transport Security was enabled", "really-simple-ssl");
|
2444 |
+
} else {
|
2445 |
+
|
2446 |
+
$wiki_open = '<a href="https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security" target="_blank">';
|
2447 |
+
$link_open = '<a target="_blank" href="' . $this->pro_url . '">';
|
2448 |
+
$link_close = '</a>';
|
2449 |
+
|
2450 |
+
printf(__('%sHTTP Strict Transport Security%s is not enabled.', "really-simple-ssl"), $wiki_open, $link_close);
|
2451 |
+
echo " ";
|
2452 |
+
printf(__("To enable, %sget Premium%s ", "really-simple-ssl"), $link_open, $link_close);
|
2453 |
+
}
|
2454 |
+
?>
|
2455 |
+
</td>
|
2456 |
+
<td></td>
|
2457 |
+
</tr>
|
2458 |
+
<tr>
|
2459 |
+
|
2460 |
+
<td><?php echo ($this->contains_secure_cookie_settings()) ? $this->img("success") : $this->img("warning"); ?></td>
|
2461 |
+
<td><?php
|
2462 |
+
if ($this->contains_secure_cookie_settings()) {
|
2463 |
+
_e("Secure cookies set", "really-simple-ssl") . " ";
|
2464 |
+
} else {
|
2465 |
+
|
2466 |
+
$link_open = '<a target="_blank" href="' . $this->pro_url . '">';
|
2467 |
+
$link_close = '</a>';
|
2468 |
+
|
2469 |
+
_e('Secure cookie settings not enabled.', "really-simple-ssl");
|
2470 |
+
echo " ";
|
2471 |
+
printf(__("To enable, %sget Premium%s ", "really-simple-ssl"), $link_open, $link_close);
|
2472 |
+
}
|
2473 |
+
?>
|
2474 |
+
</td>
|
2475 |
+
<td></td>
|
2476 |
+
</tr>
|
2477 |
+
</table>
|
2478 |
+
|
2479 |
+
|
2480 |
+
<?php
|
2481 |
+
|
2482 |
+
if (!$this->site_has_ssl) {
|
2483 |
+
$this->show_pro();
|
2484 |
+
} else {
|
2485 |
+
if (!$this->ssl_enabled) { ?>
|
2486 |
+
<p><?php _e("If you want to be sure you're ready to migrate to SSL, get Premium, which includes an extensive scan and premium support.", "really-simple-ssl") ?>
|
2487 |
+
<a target="_blank"
|
2488 |
+
href="<?php echo $this->pro_url ?>"><?php _e("Learn more", "really-simple-ssl") ?></a></p>
|
2489 |
+
<?php } else { ?>
|
2490 |
+
<p><?php _e('Still having issues with mixed content? Check out Premium, which includes an extensive scan and premium support. ', "really-simple-ssl") ?>
|
2491 |
+
<a target="_blank"
|
2492 |
+
href="<?php echo $this->pro_url ?>"><?php _e("Learn more", "really-simple-ssl") ?></a></p>
|
2493 |
+
<?php
|
2494 |
+
}
|
2495 |
+
}
|
2496 |
}
|
2497 |
|
2498 |
+
/**
|
2499 |
+
* Create the settings page form
|
2500 |
+
*
|
2501 |
+
* @since 2.0
|
2502 |
+
*
|
2503 |
+
* @access public
|
2504 |
+
*
|
2505 |
+
*/
|
2506 |
|
2507 |
+
public function create_form()
|
2508 |
+
{
|
2509 |
+
register_setting('rlrsssl_options', 'rlrsssl_options', array($this, 'options_validate'));
|
2510 |
+
add_settings_section('rlrsssl_settings', __("Settings", "really-simple-ssl"), array($this, 'section_text'), 'rlrsssl');
|
2511 |
+
add_settings_field('id_autoreplace_insecure_links', __("Auto replace mixed content", "really-simple-ssl"), array($this, 'get_option_autoreplace_insecure_links'), 'rlrsssl', 'rlrsssl_settings');
|
2512 |
|
2513 |
+
//only show option to enable or disable mixed content and redirect when SSL is detected
|
2514 |
+
if ($this->ssl_enabled) {
|
2515 |
+
add_settings_field('id_wp_redirect', __("Enable WordPress 301 redirection to SSL", "really-simple-ssl"), array($this, 'get_option_wp_redirect'), 'rlrsssl', 'rlrsssl_settings');
|
|
|
|
|
|
|
2516 |
|
2517 |
+
//when enabled networkwide, it's handled on the network settings page
|
2518 |
+
if (RSSSL()->rsssl_server->uses_htaccess() && (!is_multisite() || !RSSSL()->rsssl_multisite->ssl_enabled_networkwide)) {
|
2519 |
+
add_settings_field('id_htaccess_redirect', __("Enable 301 .htaccess redirect", "really-simple-ssl"), array($this, 'get_option_htaccess_redirect'), 'rlrsssl', 'rlrsssl_settings');
|
2520 |
+
}
|
2521 |
|
2522 |
+
add_settings_field('id_javascript_redirect', __("Enable Javascript redirection to SSL", "really-simple-ssl"), array($this, 'get_option_javascript_redirect'), 'rlrsssl', 'rlrsssl_settings');
|
2523 |
+
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2524 |
|
2525 |
+
add_settings_field('id_debug', __("Debug", "really-simple-ssl"), array($this, 'get_option_debug'), 'rlrsssl', 'rlrsssl_settings');
|
2526 |
+
//on multisite this setting can only be set networkwide
|
2527 |
+
if (RSSSL()->rsssl_server->uses_htaccess() && !is_multisite()) {
|
2528 |
+
add_settings_field('id_do_not_edit_htaccess', __("Stop editing the .htaccess file", "really-simple-ssl"), array($this, 'get_option_do_not_edit_htaccess'), 'rlrsssl', 'rlrsssl_settings');
|
2529 |
+
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2530 |
|
2531 |
+
add_settings_field('id_switch_mixed_content_fixer_hook', __("Switch mixed content fixer hook", "really-simple-ssl"), array($this, 'get_option_switch_mixed_content_fixer_hook'), 'rlrsssl', 'rlrsssl_settings');
|
|
|
|
|
|
|
|
|
|
|
|
|
2532 |
|
2533 |
+
add_settings_field('id_deactivate_keep_ssl', __("Deactivate plugin and keep SSL", "really-simple-ssl"), array($this, 'get_option_deactivate_keep_ssl'), 'rlrsssl', 'rlrsssl_settings');
|
|
|
|
|
2534 |
|
2535 |
|
2536 |
+
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2537 |
|
2538 |
+
/**
|
2539 |
+
* Insert some explanation above the form
|
2540 |
+
*
|
2541 |
+
* @since 2.0
|
2542 |
+
*
|
2543 |
+
* @access public
|
2544 |
+
*
|
2545 |
+
*/
|
2546 |
|
2547 |
+
public function section_text()
|
2548 |
+
{
|
2549 |
?>
|
2550 |
+
<p><?php _e('Settings to optimize your SSL configuration', 'really-simple-ssl'); ?></p>
|
|
|
|
|
|
|
|
|
|
|
2551 |
<?php
|
2552 |
+
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2553 |
|
2554 |
+
/**
|
2555 |
+
* Check the posted values in the settings page for validity
|
2556 |
+
*
|
2557 |
+
* @since 2.0
|
2558 |
+
*
|
2559 |
+
* @access public
|
2560 |
+
*
|
2561 |
+
*/
|
2562 |
|
2563 |
+
public function options_validate($input)
|
2564 |
+
{
|
2565 |
+
//fill array with current values, so we don't lose any
|
2566 |
+
$newinput = array();
|
2567 |
+
$newinput['site_has_ssl'] = $this->site_has_ssl;
|
2568 |
+
$newinput['ssl_success_message_shown'] = $this->ssl_success_message_shown;
|
2569 |
+
$newinput['htaccess_warning_shown'] = $this->htaccess_warning_shown;
|
2570 |
+
$newinput['plugin_db_version'] = $this->plugin_db_version;
|
2571 |
+
$newinput['ssl_enabled'] = $this->ssl_enabled;
|
2572 |
+
$newinput['debug_log'] = $this->debug_log;
|
2573 |
+
|
2574 |
+
if (!empty($input['hsts']) && $input['hsts'] == '1') {
|
2575 |
+
$newinput['hsts'] = TRUE;
|
2576 |
+
} else {
|
2577 |
+
$newinput['hsts'] = FALSE;
|
2578 |
+
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2579 |
|
2580 |
+
if (!empty($input['javascript_redirect']) && $input['javascript_redirect'] == '1') {
|
2581 |
+
$newinput['javascript_redirect'] = TRUE;
|
2582 |
+
} else {
|
2583 |
+
$newinput['javascript_redirect'] = FALSE;
|
2584 |
+
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2585 |
|
2586 |
+
if (!empty($input['wp_redirect']) && $input['wp_redirect'] == '1') {
|
2587 |
+
$newinput['wp_redirect'] = TRUE;
|
2588 |
+
} else {
|
2589 |
+
$newinput['wp_redirect'] = FALSE;
|
2590 |
+
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2591 |
|
2592 |
+
if (!empty($input['autoreplace_insecure_links']) && $input['autoreplace_insecure_links'] == '1') {
|
2593 |
+
$newinput['autoreplace_insecure_links'] = TRUE;
|
2594 |
+
} else {
|
2595 |
+
$newinput['autoreplace_insecure_links'] = FALSE;
|
2596 |
+
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2597 |
|
2598 |
+
if (!empty($input['debug']) && $input['debug'] == '1') {
|
2599 |
+
$newinput['debug'] = TRUE;
|
2600 |
+
} else {
|
2601 |
+
$newinput['debug'] = FALSE;
|
2602 |
+
$this->debug_log = "";
|
2603 |
+
}
|
2604 |
|
2605 |
+
if (!empty($input['do_not_edit_htaccess']) && $input['do_not_edit_htaccess'] == '1') {
|
2606 |
+
$newinput['do_not_edit_htaccess'] = TRUE;
|
2607 |
+
} else {
|
2608 |
+
$newinput['do_not_edit_htaccess'] = FALSE;
|
2609 |
+
}
|
|
|
|
|
|
|
2610 |
|
2611 |
+
if (!empty($input['switch_mixed_content_fixer_hook']) && $input['switch_mixed_content_fixer_hook'] == '1') {
|
2612 |
+
$newinput['switch_mixed_content_fixer_hook'] = TRUE;
|
2613 |
+
} else {
|
2614 |
+
$newinput['switch_mixed_content_fixer_hook'] = FALSE;
|
2615 |
+
}
|
2616 |
+
|
2617 |
+
if (!empty($input['htaccess_redirect']) && $input['htaccess_redirect'] == '1') {
|
2618 |
+
$newinput['htaccess_redirect'] = TRUE;
|
2619 |
+
} else {
|
2620 |
+
$newinput['htaccess_redirect'] = FALSE;
|
2621 |
+
}
|
2622 |
|
2623 |
+
return $newinput;
|
2624 |
+
}
|
|
|
|
|
2625 |
|
2626 |
+
/**
|
2627 |
+
* Insert option into settings form
|
2628 |
+
* deprecated
|
2629 |
+
* @since 2.0
|
2630 |
+
*
|
2631 |
+
* @access public
|
2632 |
+
*
|
2633 |
+
*/
|
2634 |
+
|
2635 |
+
public function get_option_debug()
|
2636 |
+
{
|
2637 |
+
$options = get_option('rlrsssl_options');
|
2638 |
+
echo '<input id="rlrsssl_options" name="rlrsssl_options[debug]" size="40" type="checkbox" value="1"' . checked(1, $this->debug, false) . " />";
|
2639 |
+
RSSSL()->rsssl_help->get_help_tip(__("Enable this option to get debug info in the debug tab.", "really-simple-ssl"));
|
2640 |
+
|
2641 |
+
}
|
2642 |
+
|
2643 |
+
/**
|
2644 |
+
* Insert option into settings form
|
2645 |
+
* @since 2.2
|
2646 |
+
*
|
2647 |
+
* @access public
|
2648 |
+
*
|
2649 |
+
*/
|
2650 |
+
|
2651 |
+
public function get_option_javascript_redirect()
|
2652 |
+
{
|
2653 |
+
$javascript_redirect = $this->javascript_redirect;
|
2654 |
+
$disabled = "";
|
2655 |
+
$comment = "";
|
2656 |
+
|
2657 |
+
if (is_multisite() && rsssl_multisite::this()->javascript_redirect) {
|
2658 |
+
$disabled = "disabled";
|
2659 |
+
$javascript_redirect = TRUE;
|
2660 |
+
$comment = __("This option is enabled on the network menu.", "really-simple-ssl");
|
2661 |
}
|
2662 |
|
2663 |
+
echo '<input ' . $disabled . ' id="rlrsssl_options" name="rlrsssl_options[javascript_redirect]" size="40" type="checkbox" value="1"' . checked(1, $javascript_redirect, false) . " />";
|
2664 |
+
RSSSL()->rsssl_help->get_help_tip(__("This is a fallback you should only use if other redirection methods do not work.", "really-simple-ssl"));
|
2665 |
+
echo $comment;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2666 |
|
2667 |
+
}
|
2668 |
|
2669 |
+
/**
|
2670 |
+
* Insert option into settings form
|
2671 |
+
* @since 2.5.0
|
2672 |
+
*
|
2673 |
+
* @access public
|
2674 |
+
*
|
2675 |
+
*/
|
2676 |
+
|
2677 |
+
public function get_option_wp_redirect()
|
2678 |
+
{
|
2679 |
+
$wp_redirect = $this->wp_redirect;
|
2680 |
+
$disabled = "";
|
2681 |
+
$comment = "";
|
2682 |
+
|
2683 |
+
if (is_multisite() && rsssl_multisite::this()->wp_redirect) {
|
2684 |
+
$disabled = "disabled";
|
2685 |
+
$wp_redirect = TRUE;
|
2686 |
+
$comment = __("This option is enabled on the network menu.", "really-simple-ssl");
|
2687 |
+
}
|
2688 |
+
|
2689 |
+
echo '<input ' . $disabled . ' id="rlrsssl_options" name="rlrsssl_options[wp_redirect]" size="40" type="checkbox" value="1"' . checked(1, $wp_redirect, false) . " />";
|
2690 |
+
RSSSL()->rsssl_help->get_help_tip(__("Enable this if you want to use the internal WordPress 301 redirect. Needed on NGINX servers, or if the .htaccess redirect cannot be used.", "really-simple-ssl"));
|
2691 |
+
echo $comment;
|
2692 |
+
|
2693 |
+
}
|
2694 |
+
|
2695 |
+
|
2696 |
+
/**
|
2697 |
+
* Insert option into settings form
|
2698 |
+
* The .htaccess redirect is not shown for multisite sites that are enabled network wide.
|
2699 |
+
*
|
2700 |
+
* @since 2.5.8
|
2701 |
+
*
|
2702 |
+
* @access public
|
2703 |
+
*
|
2704 |
+
*/
|
2705 |
+
|
2706 |
+
public function get_option_htaccess_redirect()
|
2707 |
+
{
|
2708 |
+
|
2709 |
+
$options = get_option('rlrsssl_options');
|
2710 |
+
|
2711 |
+
$htaccess_redirect = $this->htaccess_redirect;
|
2712 |
+
$disabled = "";
|
2713 |
+
$comment = "";
|
2714 |
+
|
2715 |
+
//networkwide is not shown, so this only applies to per site activated sites.
|
2716 |
+
if (is_multisite() && RSSSL()->rsssl_multisite->htaccess_redirect) {
|
2717 |
+
$disabled = "disabled";
|
2718 |
+
$htaccess_redirect = TRUE;
|
2719 |
+
$comment = __("This option is enabled on the network menu.", "really-simple-ssl");
|
2720 |
+
} else {
|
2721 |
+
$disabled = ($this->do_not_edit_htaccess) ? "disabled" : "";
|
2722 |
+
}
|
2723 |
+
|
2724 |
+
echo '<input ' . $disabled . ' id="rlrsssl_options" name="rlrsssl_options[htaccess_redirect]" size="40" type="checkbox" value="1"' . checked(1, $this->htaccess_redirect, false) . " />";
|
2725 |
+
RSSSL()->rsssl_help->get_help_tip(__("A .htaccess redirect is faster. Really Simple SSL detects the redirect code that is most likely to work (99% of websites), but this is not 100%. Make sure you know how to regain access to your site if anything goes wrong!", "really-simple-ssl"));
|
2726 |
+
echo $comment;
|
2727 |
+
|
2728 |
+
if ($this->htaccess_redirect && (!is_writable($this->ABSpath . ".htaccess") || !$this->htaccess_test_success)) {
|
2729 |
+
echo "<br><br>";
|
2730 |
+
if (!is_writable($this->ABSpath . ".htaccess")) _e("The .htaccess file is not writable. Add these lines to your .htaccess manually, or set 644 writing permissions", "really-simple-ssl");
|
2731 |
+
if (!$this->htaccess_test_success) _e("The .htaccess redirect rules that were selected by this plugin failed in the test. The following redirect rules were tested:", "really-simple-ssl");
|
2732 |
+
echo "<br><br>";
|
2733 |
+
if ($this->ssl_type != "NA") {
|
2734 |
+
$manual = true;
|
2735 |
+
$rules = $this->get_redirect_rules($manual);
|
2736 |
|
2737 |
+
$arr_search = array("<", ">", "\n");
|
2738 |
+
$arr_replace = array("<", ">", "<br>");
|
2739 |
+
$rules = str_replace($arr_search, $arr_replace, $rules);
|
2740 |
+
|
2741 |
+
?>
|
2742 |
+
<code>
|
2743 |
+
<?php echo $rules; ?>
|
2744 |
+
</code>
|
2745 |
+
<?php
|
2746 |
+
} else {
|
2747 |
+
_e("The plugin could not detect any possible redirect rule.", "really-simple-ssl");
|
2748 |
+
}
|
2749 |
+
}
|
2750 |
+
|
2751 |
+
//on multisite, the .htaccess do not edit option is not available
|
2752 |
+
if (!is_multisite()) {
|
2753 |
+
if ($this->do_not_edit_htaccess) {
|
2754 |
+
_e("If the setting 'do not edit htaccess' is enabled, you can't change this setting.", "really-simple-ssl");
|
2755 |
+
} elseif (!$this->htaccess_redirect) {
|
2756 |
+
$link_start = '<a target="_blank" href="https://really-simple-ssl.com/knowledge-base/remove-htaccess-redirect-site-lockout/">';
|
2757 |
+
$link_end = '</a>';
|
2758 |
+
printf(
|
2759 |
+
__('Before you enable this, make sure you know how to %1$sregain access%2$s to your site in case of a redirect loop.', 'really-simple-ssl'),
|
2760 |
+
$link_start,
|
2761 |
+
$link_end
|
2762 |
+
);
|
2763 |
+
}
|
2764 |
+
}
|
2765 |
+
|
2766 |
+
}
|
2767 |
+
|
2768 |
+
/**
|
2769 |
+
* Insert option into settings form
|
2770 |
+
*
|
2771 |
+
* @since 2.0
|
2772 |
+
*
|
2773 |
+
* @access public
|
2774 |
+
*
|
2775 |
+
*/
|
2776 |
+
|
2777 |
+
public function get_option_do_not_edit_htaccess()
|
2778 |
+
{
|
2779 |
+
$options = get_option('rlrsssl_options');
|
2780 |
+
echo '<input id="rlrsssl_options" name="rlrsssl_options[do_not_edit_htaccess]" size="40" type="checkbox" value="1"' . checked(1, $this->do_not_edit_htaccess, false) . " />";
|
2781 |
+
|
2782 |
+
RSSSL()->rsssl_help->get_help_tip(__("If you want to customize the Really Simple SSL .htaccess, you need to prevent Really Simple SSL from rewriting it. Enabling this option will do that.", "really-simple-ssl"));
|
2783 |
+
if (!$this->do_not_edit_htaccess && !is_writable($this->ABSpath . ".htaccess")) _e(".htaccess is currently not writable.", "really-simple-ssl");
|
2784 |
+
}
|
2785 |
+
|
2786 |
+
/**
|
2787 |
+
* Insert option into settings form
|
2788 |
+
*
|
2789 |
+
* @since 2.1
|
2790 |
+
*
|
2791 |
+
* @access public
|
2792 |
+
*
|
2793 |
+
*/
|
2794 |
+
|
2795 |
+
public function get_option_switch_mixed_content_fixer_hook()
|
2796 |
+
{
|
2797 |
+
$options = get_option('rslrsssl_options');
|
2798 |
+
echo '<input id="rlrsssl_options" name="rlrsssl_options[switch_mixed_content_fixer_hook]" size="40" type="checkbox" value="1"' . checked(1, $this->switch_mixed_content_fixer_hook, false) . " />";
|
2799 |
+
RSSSL()->rsssl_help->get_help_tip(__("If this option is set to true, the mixed content fixer will fire on the init hook instead of the template_redirect hook. Only use this option when you experience problems with the mixed content fixer.", "really-simple-ssl"));
|
2800 |
+
}
|
2801 |
+
|
2802 |
+
/*
|
2803 |
+
*
|
2804 |
+
* Add a button and thickbox to deactivate SSL while keeping SSL
|
2805 |
+
*
|
2806 |
+
*
|
2807 |
+
*
|
2808 |
+
*/
|
2809 |
+
|
2810 |
+
|
2811 |
+
public function get_option_deactivate_keep_ssl()
|
2812 |
+
{
|
2813 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2814 |
?>
|
2815 |
+
<div><input class="thickbox button" title="" type="button" style="display: block; float: left;" alt="#TB_inline?
|
2816 |
+
height=370&width=400&inlineId=deactivate_keep_ssl" value="Deactivate Plugin and keep SSL"/></div>
|
2817 |
+
<div id="deactivate_keep_ssl" style="display: none;">
|
2818 |
+
|
2819 |
+
<h1 style="margin: 10px 0; text-align: center;"><?php _e("Are you sure?", "really-simple-ssl") ?></h1>
|
2820 |
+
<h2 style="margin: 20px 0; text-align: left;"><?php _e("Deactivating the plugin while keeping SSL will do the following:", "really-simple-ssl") ?></h2>
|
2821 |
+
<ul style="text-align: left; font-size: 1.2em;">
|
2822 |
+
<li><?php _e("* The mixed content fixer will stop working", "really-simple-ssl") ?></li>
|
2823 |
+
<li><?php _e("* The WordPress 301 and Javascript redirect will stop working", "really-simple-ssl") ?></li>
|
2824 |
+
<li><?php _e("* Your site address will remain https://", "really-simple-ssl") ?> </li>
|
2825 |
+
<li><?php _e("* The .htaccess redirect will remain active", "really-simple-ssl") ?></li>
|
2826 |
+
<?php _e("Deactivating the plugin via the plugins overview will revert the site back to http://.", "really-simple-ssl") ?>
|
2827 |
+
</ul>
|
2828 |
+
|
2829 |
+
<script>
|
2830 |
+
jQuery(document).ready(function ($) {
|
2831 |
+
$('#rsssl_close_tb_window').click(tb_remove);
|
2832 |
+
});
|
2833 |
+
</script>
|
2834 |
+
<?php
|
2835 |
+
$token = wp_create_nonce('rsssl_deactivate_plugin');
|
2836 |
+
$deactivate_keep_ssl_link = admin_url("options-general.php?page=rlrsssl_really_simple_ssl&action=uninstall_keep_ssl&token=" . $token);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2837 |
|
2838 |
?>
|
2839 |
+
<a class="button rsssl-button-deactivate-keep-ssl" href="<?php add_thickbox() ?>
|
2840 |
+
<?php echo $deactivate_keep_ssl_link ?>"><?php _e("I'm sure I want to deactivate", "really-simple-ssl") ?>
|
2841 |
+
</a>
|
2842 |
+
|
2843 |
+
<a class="button" href="#" id="rsssl_close_tb_window"><?php _e("Cancel", "really-simple-ssl") ?></a>
|
2844 |
+
|
2845 |
+
|
2846 |
+
</div>
|
2847 |
+
<?php
|
2848 |
+
RSSSL()->rsssl_help->get_help_tip(__("Clicking this button will deactivate the plugin while keeping your site on SSL. The WordPress 301 redirect, Javascript redirect and mixed content fixer will stop working. The site address will remain https:// and the .htaccess redirect will remain active. Deactivating the plugin via the plugins overview will revert the site back to http://.", "really-simple-ssl"));
|
2849 |
+
|
2850 |
+
}
|
2851 |
+
|
2852 |
+
public function get_option_autoreplace_insecure_links()
|
2853 |
+
{
|
2854 |
+
//$options = get_option('rlrsssl_options');
|
2855 |
+
$autoreplace_mixed_content = $this->autoreplace_insecure_links;
|
2856 |
+
$disabled = "";
|
2857 |
+
$comment = "";
|
2858 |
+
|
2859 |
+
if (is_multisite() && rsssl_multisite::this()->autoreplace_mixed_content) {
|
2860 |
+
$disabled = "disabled";
|
2861 |
+
$autoreplace_mixed_content = TRUE;
|
2862 |
+
$comment = __("This option is enabled on the network menu.", "really-simple-ssl");
|
2863 |
+
}
|
2864 |
+
echo '<input ' . $disabled . ' id="rlrsssl_options" name="rlrsssl_options[autoreplace_insecure_links]" size="40" type="checkbox" value="1"' . checked(1, $autoreplace_mixed_content, false) . ' />';
|
2865 |
+
RSSSL()->rsssl_help->get_help_tip(__("In most cases you need to leave this enabled, to prevent mixed content issues on your site.", "really-simple-ssl"));
|
2866 |
+
echo $comment;
|
2867 |
+
}
|
2868 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2869 |
/**
|
2870 |
* Add settings link on plugins overview page
|
2871 |
*
|
2875 |
*
|
2876 |
*/
|
2877 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2878 |
|
2879 |
+
public function plugin_settings_link($links)
|
2880 |
+
{
|
2881 |
+
|
2882 |
+
//add 'revert to http' after the Deactivate link on the plugins overview page
|
2883 |
+
if (isset($links['deactivate'])) {
|
2884 |
+
$deactivate_link = $links['deactivate'];
|
2885 |
+
$links['deactivate'] = str_replace('</a>', " " . __("(revert to http)", "really-simple-ssl") . '</a>', $deactivate_link);
|
2886 |
+
}
|
2887 |
+
|
2888 |
+
$settings_link = '<a href="' . admin_url("options-general.php?page=rlrsssl_really_simple_ssl") . '">' . __("Settings", "really-simple-ssl") . '</a>';
|
2889 |
+
array_unshift($links, $settings_link);
|
2890 |
+
|
2891 |
+
$faq_link = '<a target="_blank" href="https://really-simple-ssl.com/knowledge-base/">' . __('Docs', 'really-simple-ssl') . '</a>';
|
2892 |
+
array_unshift($links, $faq_link);
|
2893 |
+
|
2894 |
+
if (defined("rsssl_pro_version")) {
|
2895 |
+
if (class_exists('RSSSL_PRO')) {
|
2896 |
+
if (RSSSL_PRO()->rsssl_licensing->license_is_valid()) return $links;
|
2897 |
+
}
|
2898 |
+
}
|
2899 |
+
if (!defined("rsssl_pro_version")) {
|
2900 |
+
if (!class_exists('RSSSL_PRO')) {
|
2901 |
+
$premium_link = '<a target="_blank" href="https://really-simple-ssl.com/premium-support">' . __('Premium Support', 'really-simple-ssl') . '</a>';
|
2902 |
+
array_unshift($links, $premium_link);
|
2903 |
+
}
|
2904 |
+
}
|
2905 |
+
return $links;
|
2906 |
+
}
|
2907 |
+
|
2908 |
+
/**
|
2909 |
+
* Check for possible plugin conflicts
|
2910 |
+
*
|
2911 |
+
* @since 2.0
|
2912 |
+
*
|
2913 |
+
* @access public
|
2914 |
+
* @return none
|
2915 |
+
*
|
2916 |
+
*/
|
2917 |
+
|
2918 |
+
public function check_plugin_conflicts()
|
2919 |
+
{
|
2920 |
+
// $this->plugin_conflict["WOOCOMMERCE_FORCESSL"] = TRUE;
|
2921 |
+
}
|
2922 |
+
|
2923 |
+
|
2924 |
+
/**
|
2925 |
+
* Check if wpconfig contains httponly cooky settings
|
2926 |
+
*
|
2927 |
+
* @since 2.5
|
2928 |
+
*
|
2929 |
+
* @access public
|
2930 |
+
* @return boolean
|
2931 |
+
*
|
2932 |
+
*/
|
2933 |
+
|
2934 |
+
public function contains_secure_cookie_settings()
|
2935 |
+
{
|
2936 |
+
$wpconfig_path = $this->find_wp_config_path();
|
2937 |
+
|
2938 |
+
if (!$wpconfig_path) return false;
|
2939 |
+
|
2940 |
+
$wpconfig = file_get_contents($wpconfig_path);
|
2941 |
+
if ((strpos($wpconfig, "//Begin Really Simple SSL session cookie settings") === FALSE) && (strpos($wpconfig, "cookie_httponly") === FALSE)) {
|
2942 |
+
return false;
|
2943 |
+
}
|
2944 |
+
|
2945 |
+
return true;
|
2946 |
+
}
|
2947 |
+
|
2948 |
+
|
2949 |
+
/**
|
2950 |
+
* Get the absolute path the the www directory of this site, where .htaccess lives.
|
2951 |
+
*
|
2952 |
+
* @since 2.0
|
2953 |
+
*
|
2954 |
+
* @access public
|
2955 |
+
*
|
2956 |
+
*/
|
2957 |
+
|
2958 |
+
public function getABSPATH()
|
2959 |
+
{
|
2960 |
+
$path = ABSPATH;
|
2961 |
+
if ($this->is_subdirectory_install()) {
|
2962 |
+
$siteUrl = site_url();
|
2963 |
+
$homeUrl = home_url();
|
2964 |
+
$diff = str_replace($homeUrl, "", $siteUrl);
|
2965 |
+
$diff = trim($diff, "/");
|
2966 |
+
$pos = strrpos($path, $diff);
|
2967 |
+
if ($pos !== false) {
|
2968 |
+
$path = substr_replace($path, "", $pos, strlen($diff));
|
2969 |
+
$path = trim($path, "/");
|
2970 |
+
$path = "/" . $path . "/";
|
2971 |
+
}
|
2972 |
+
}
|
2973 |
+
|
2974 |
+
return $path;
|
2975 |
+
}
|
2976 |
+
|
2977 |
+
/**
|
2978 |
+
* Find if this WordPress installation is installed in a subdirectory
|
2979 |
+
*
|
2980 |
+
* @since 2.0
|
2981 |
+
*
|
2982 |
+
* @access protected
|
2983 |
+
*
|
2984 |
+
*/
|
2985 |
+
|
2986 |
+
protected function is_subdirectory_install()
|
2987 |
+
{
|
2988 |
+
if (strlen(site_url()) > strlen(home_url())) {
|
2989 |
+
return true;
|
2990 |
+
}
|
2991 |
+
return false;
|
2992 |
+
}
|
2993 |
+
|
2994 |
+
/*
|
2995 |
+
* Retrieve the contents of the test page
|
2996 |
+
*/
|
2997 |
+
|
2998 |
+
|
2999 |
+
protected function get_test_page_contents()
|
3000 |
+
{
|
3001 |
+
$filecontents = "";
|
3002 |
+
|
3003 |
+
$testpage_url = trailingslashit($this->test_url()) . "ssl-test-page.php";
|
3004 |
+
$this->trace_log("Opening testpage to check server configuration: " . $testpage_url);
|
3005 |
+
|
3006 |
+
$response = wp_remote_get($testpage_url);
|
3007 |
+
|
3008 |
+
if (is_array($response)) {
|
3009 |
+
$status = wp_remote_retrieve_response_code($response);
|
3010 |
+
$filecontents = wp_remote_retrieve_body($response);
|
3011 |
+
}
|
3012 |
|
3013 |
+
$this->trace_log("test page url, enter in browser to check manually: " . $testpage_url);
|
3014 |
+
|
3015 |
+
if (!is_wp_error($response) && (strpos($filecontents, "#SSL TEST PAGE#") !== false)) {
|
3016 |
+
|
3017 |
+
$this->trace_log("SSL test page loaded successfully");
|
3018 |
+
} else {
|
3019 |
+
|
3020 |
+
$error = "";
|
3021 |
+
if (is_wp_error($response)) $error = $response->get_error_message();
|
3022 |
+
$this->trace_log("Could not open testpage " . $error);
|
3023 |
+
}
|
3024 |
+
|
3025 |
+
|
3026 |
+
return $filecontents;
|
3027 |
+
}
|
3028 |
|
3029 |
|
3030 |
} //class closure
|
class-certificate.php
ADDED
@@ -0,0 +1,208 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
defined('ABSPATH') or die("you do not have access to this page!");
|
4 |
+
|
5 |
+
if ( ! class_exists( 'rsssl_certificate' ) ) {
|
6 |
+
class rsssl_certificate
|
7 |
+
{
|
8 |
+
private static $_this;
|
9 |
+
|
10 |
+
function __construct()
|
11 |
+
{
|
12 |
+
|
13 |
+
if (isset(self::$_this))
|
14 |
+
wp_die(sprintf(__('%s is a singleton class and you cannot create a second instance.', 'really-simple-ssl'), get_class($this)));
|
15 |
+
|
16 |
+
self::$_this = $this;
|
17 |
+
|
18 |
+
}
|
19 |
+
|
20 |
+
static function this()
|
21 |
+
{
|
22 |
+
return self::$_this;
|
23 |
+
}
|
24 |
+
|
25 |
+
/**
|
26 |
+
*
|
27 |
+
* @since 3.0
|
28 |
+
*
|
29 |
+
* Check if the certificate is valid
|
30 |
+
*
|
31 |
+
* @return bool
|
32 |
+
*
|
33 |
+
*/
|
34 |
+
|
35 |
+
public function is_valid()
|
36 |
+
{
|
37 |
+
|
38 |
+
//Get current domain
|
39 |
+
$domain = site_url();
|
40 |
+
|
41 |
+
if (function_exists('stream_context_get_params')) {
|
42 |
+
//get certificate info
|
43 |
+
$certinfo = $this->get_certinfo($domain);
|
44 |
+
|
45 |
+
if (!$certinfo) return false;
|
46 |
+
|
47 |
+
//Check if domain is valid
|
48 |
+
$domain_valid = $this->is_domain_valid($certinfo, $domain);
|
49 |
+
//Check if date is valid
|
50 |
+
$date_valid = $this->is_date_valid($certinfo);
|
51 |
+
//Domain and date valid? Return true
|
52 |
+
if ($domain_valid && $date_valid) return true;
|
53 |
+
}
|
54 |
+
|
55 |
+
return false;
|
56 |
+
}
|
57 |
+
|
58 |
+
/**
|
59 |
+
*
|
60 |
+
* Check common name(s) and alternative name(s) on certificate and match them to the site_url ($domain)
|
61 |
+
*
|
62 |
+
* @since 3.0
|
63 |
+
*
|
64 |
+
* @access public
|
65 |
+
*
|
66 |
+
* @return bool
|
67 |
+
*
|
68 |
+
*/
|
69 |
+
|
70 |
+
public function is_domain_valid($certinfo, $domain)
|
71 |
+
{
|
72 |
+
|
73 |
+
//Get both the common name(s) and the alternative names from the certificate
|
74 |
+
$certificate_common_names = isset($certinfo['subject']['CN']) ? $certinfo['subject']['CN'] : false;
|
75 |
+
$certificate_alternative_names = isset($certinfo['extensions']['subjectAltName']) ? $certinfo['extensions']['subjectAltName'] : false;
|
76 |
+
|
77 |
+
//Check if the domain is found in either the certificate common name(s) (CN) or alternative name(s) (AN)
|
78 |
+
$pos_cn = strpos($domain, $certificate_common_names);
|
79 |
+
$pos_an = strpos($domain, $certificate_alternative_names);
|
80 |
+
|
81 |
+
//If the domain is found, return true
|
82 |
+
if (($pos_cn !== false) || ($pos_an !== false)) return true;
|
83 |
+
|
84 |
+
return false;
|
85 |
+
|
86 |
+
}
|
87 |
+
|
88 |
+
/**
|
89 |
+
*
|
90 |
+
* Check if the date is valid by looking at the validFrom and validTo times
|
91 |
+
*
|
92 |
+
* @since 3.0
|
93 |
+
*
|
94 |
+
* @access public
|
95 |
+
*
|
96 |
+
* @return bool
|
97 |
+
*
|
98 |
+
*/
|
99 |
+
|
100 |
+
public function is_date_valid($certinfo)
|
101 |
+
{
|
102 |
+
|
103 |
+
//Get the start date and end date from the certificate
|
104 |
+
$start_date = isset($certinfo['validFrom_time_t']) ? $certinfo['validFrom_time_t'] : false;
|
105 |
+
$end_date = isset($certinfo['validTo_time_t']) ? $certinfo['validTo_time_t'] : false;
|
106 |
+
|
107 |
+
//Get current date
|
108 |
+
$current_date = time();
|
109 |
+
|
110 |
+
//Check if the current date is between the start date and end date. If so, return true
|
111 |
+
if ($current_date > $start_date && ($current_date < $end_date)) return true;
|
112 |
+
|
113 |
+
return false;
|
114 |
+
|
115 |
+
}
|
116 |
+
|
117 |
+
|
118 |
+
/**
|
119 |
+
*
|
120 |
+
* Check if the certificate is a wildcard certificate
|
121 |
+
* Function is used in class-multisite.php to determine whether to show a notice for multisite subfolder installations without a wildcard certificate
|
122 |
+
*
|
123 |
+
* @since 3.0
|
124 |
+
*
|
125 |
+
* @access public
|
126 |
+
*
|
127 |
+
* @return bool
|
128 |
+
*
|
129 |
+
*/
|
130 |
+
|
131 |
+
public function is_wildcard()
|
132 |
+
{
|
133 |
+
//$domain = "http://cnet.com";
|
134 |
+
$domain = network_site_url();
|
135 |
+
|
136 |
+
$certinfo = $this->get_certinfo($domain);
|
137 |
+
//Get the certificate common name
|
138 |
+
$certificate_common_name = isset($certinfo['subject']['CN']) ? $certinfo['subject']['CN'] : false;
|
139 |
+
|
140 |
+
//A wildcard certificate is indicated by *, using this as our wildcard indicator
|
141 |
+
$wildcard_indicator = "*";
|
142 |
+
|
143 |
+
//Check if the common name(s) contain an *
|
144 |
+
$pos = strpos($certificate_common_name, $wildcard_indicator);
|
145 |
+
|
146 |
+
//If so, return true
|
147 |
+
if ($pos !== false) return true;
|
148 |
+
|
149 |
+
return false;
|
150 |
+
|
151 |
+
}
|
152 |
+
|
153 |
+
/**
|
154 |
+
*
|
155 |
+
* Get the certificate info
|
156 |
+
*
|
157 |
+
* @since 3.0
|
158 |
+
*
|
159 |
+
* @access public
|
160 |
+
*
|
161 |
+
*/
|
162 |
+
|
163 |
+
|
164 |
+
public function get_certinfo($domain)
|
165 |
+
{
|
166 |
+
//check if the certificate is still valid, and send an email to the administrator if this is not the case.
|
167 |
+
$url = $domain;
|
168 |
+
$original_parse = parse_url($url, PHP_URL_HOST);
|
169 |
+
|
170 |
+
if ($original_parse) {
|
171 |
+
|
172 |
+
$get = stream_context_create(array("ssl" => array("capture_peer_cert" => TRUE)));
|
173 |
+
if ($get) {
|
174 |
+
set_error_handler(array($this, 'custom_error_handling'));
|
175 |
+
$read = stream_socket_client("ssl://" . $original_parse . ":443", $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $get);
|
176 |
+
restore_error_handler();
|
177 |
+
|
178 |
+
if ($errno == 0 && $read) {
|
179 |
+
|
180 |
+
$cert = stream_context_get_params($read);
|
181 |
+
$certinfo = openssl_x509_parse($cert['options']['ssl']['peer_certificate']);
|
182 |
+
}
|
183 |
+
}
|
184 |
+
}
|
185 |
+
|
186 |
+
if (!empty($certinfo)) return $certinfo;
|
187 |
+
|
188 |
+
return false;
|
189 |
+
}
|
190 |
+
|
191 |
+
/**
|
192 |
+
*
|
193 |
+
* Catch errors
|
194 |
+
*
|
195 |
+
* @since 3.0
|
196 |
+
*
|
197 |
+
* @access public
|
198 |
+
*
|
199 |
+
*/
|
200 |
+
|
201 |
+
|
202 |
+
public function custom_error_handling($errno, $errstr, $errfile, $errline, array $errcontext) {
|
203 |
+
return true;
|
204 |
+
}
|
205 |
+
|
206 |
+
//class closure
|
207 |
+
}
|
208 |
+
}
|
class-front-end.php
CHANGED
@@ -155,13 +155,13 @@ if ( ! class_exists( 'rsssl_front_end' ) ) {
|
|
155 |
|
156 |
public function force_ssl_with_javascript()
|
157 |
{
|
158 |
-
|
159 |
-
|
160 |
-
|
161 |
-
|
162 |
-
|
163 |
-
|
164 |
-
|
165 |
}
|
166 |
|
167 |
}
|
155 |
|
156 |
public function force_ssl_with_javascript()
|
157 |
{
|
158 |
+
$script = '<script>';
|
159 |
+
$script .= 'if (document.location.protocol != "https:") {';
|
160 |
+
$script .= 'document.location = document.URL.replace(/^http:/i, "https:");';
|
161 |
+
$script .= '}';
|
162 |
+
$script .= '</script>';
|
163 |
+
|
164 |
+
echo apply_filters('rsssl_javascript_redirect', $script);
|
165 |
}
|
166 |
|
167 |
}
|
class-multisite.php
CHANGED
@@ -2,785 +2,830 @@
|
|
2 |
|
3 |
defined('ABSPATH') or die("you do not have access to this page!");
|
4 |
|
5 |
-
if (
|
6 |
-
|
7 |
-
|
8 |
-
|
9 |
-
|
10 |
-
|
11 |
-
|
12 |
-
|
13 |
-
|
14 |
-
|
15 |
-
|
16 |
-
|
17 |
-
|
18 |
-
|
19 |
-
|
20 |
-
|
21 |
-
|
22 |
-
|
23 |
-
|
24 |
-
|
25 |
-
|
26 |
-
|
27 |
-
|
28 |
-
|
29 |
-
|
30 |
-
|
31 |
-
|
32 |
-
|
33 |
-
|
34 |
-
|
35 |
-
|
36 |
-
|
37 |
-
|
38 |
-
|
39 |
-
|
40 |
-
|
41 |
-
|
42 |
-
|
43 |
-
|
44 |
-
|
45 |
-
|
46 |
-
|
47 |
-
|
48 |
-
|
49 |
-
|
50 |
-
|
51 |
-
|
52 |
-
|
53 |
-
|
54 |
-
|
55 |
-
|
56 |
-
|
57 |
-
|
58 |
-
|
59 |
-
|
60 |
-
|
61 |
-
|
62 |
-
|
63 |
-
|
64 |
-
|
65 |
-
|
66 |
-
|
67 |
-
|
68 |
-
|
69 |
-
|
70 |
-
|
71 |
-
|
72 |
-
|
73 |
-
|
74 |
-
|
75 |
-
|
76 |
-
|
77 |
-
|
78 |
-
|
79 |
-
|
80 |
-
|
81 |
-
|
82 |
-
|
83 |
-
|
84 |
-
|
85 |
-
|
86 |
-
|
87 |
-
|
88 |
-
|
89 |
-
|
90 |
-
|
91 |
-
|
92 |
-
|
93 |
-
|
94 |
-
|
95 |
-
|
96 |
-
|
97 |
-
|
98 |
-
|
99 |
-
|
100 |
-
|
101 |
-
|
102 |
-
|
103 |
-
|
104 |
-
|
105 |
-
|
106 |
-
|
107 |
-
|
108 |
-
|
109 |
-
|
110 |
-
|
111 |
-
|
112 |
-
|
113 |
-
|
114 |
-
|
115 |
-
|
116 |
-
|
117 |
-
|
118 |
-
|
119 |
-
|
120 |
-
|
121 |
-
|
122 |
-
|
123 |
-
|
124 |
-
|
125 |
-
|
126 |
-
|
127 |
-
|
128 |
-
|
129 |
-
|
130 |
-
|
131 |
-
|
132 |
-
|
133 |
-
|
134 |
-
|
135 |
-
|
136 |
-
|
137 |
-
|
138 |
-
|
139 |
-
|
140 |
-
|
141 |
-
|
142 |
-
|
143 |
-
|
144 |
-
|
145 |
-
|
146 |
-
|
147 |
-
|
148 |
-
|
149 |
-
|
150 |
-
|
151 |
-
|
152 |
-
|
153 |
-
|
154 |
-
|
155 |
-
|
156 |
-
|
157 |
-
|
158 |
-
|
159 |
-
|
160 |
-
|
161 |
-
|
162 |
-
|
163 |
-
|
164 |
-
|
165 |
-
|
166 |
-
|
167 |
-
|
168 |
-
|
169 |
-
|
170 |
-
<?php }?>
|
171 |
-
<option value="1" <?php if ($this->ssl_enabled_networkwide) echo "selected";?>><?php _e("networkwide", "really-simple-ssl")?>
|
172 |
-
<option value="0" <?php if (!$this->ssl_enabled_networkwide) echo "selected";?>><?php _e("per site", "really-simple-ssl")?>
|
173 |
-
</select>
|
174 |
-
<?php
|
175 |
-
|
176 |
-
//echo '<input id="rlrsssl_options" name="rlrsssl_network_options[ssl_enabled_networkwide]" size="40" type="checkbox" value="1"' . checked( 1, $this->ssl_enabled_networkwide, false ) ." />";
|
177 |
-
rsssl_help::this()->get_help_tip(__("Select to enable SSL networkwide or per site.", "really-simple-ssl"));
|
178 |
-
}
|
179 |
-
|
180 |
-
|
181 |
-
/**
|
182 |
-
* Displays the options page. The big difference here is where you post the data
|
183 |
-
* because, unlike for normal option pages, there is nowhere to process it by
|
184 |
-
* default so we have to create our own hook to process the saving of our options.
|
185 |
-
*/
|
186 |
-
|
187 |
-
public function multisite_menu_page() {
|
188 |
-
$tab = "settings";
|
189 |
-
if ( isset ( $_GET['tab'] ) ) $tab = $_GET['tab'];
|
190 |
-
$this->admin_tabs($tab);
|
191 |
-
|
192 |
-
do_action("rsssl_show_network_tab_{$tab}");
|
193 |
-
}
|
194 |
-
|
195 |
-
|
196 |
-
public function settings_tab(){
|
197 |
-
if (isset($_GET['updated'])): ?>
|
198 |
-
<div id="message" class="updated notice is-dismissible"><p><?php _e('Options saved.', 'really-simple-ssl') ?></p></div>
|
199 |
-
<?php endif; ?>
|
200 |
-
<div class="wrap">
|
201 |
-
<h1><?php _e('Really Simple SSL multisite options', 'really-simple-ssl'); ?></h1>
|
202 |
-
<form method="POST" action="edit.php?action=rsssl_update_network_settings">
|
203 |
-
<?php
|
204 |
-
|
205 |
-
settings_fields($this->option_group);
|
206 |
-
do_settings_sections($this->page_slug);
|
207 |
-
submit_button();
|
208 |
-
?>
|
209 |
-
</form>
|
210 |
-
</div>
|
211 |
-
<?php
|
212 |
-
}
|
213 |
-
|
214 |
-
|
215 |
-
/**
|
216 |
-
* Save network settings
|
217 |
-
*/
|
218 |
-
|
219 |
-
public function update_network_options() {
|
220 |
-
check_admin_referer($this->option_group.'-options');
|
221 |
-
|
222 |
-
if (isset($_POST["rlrsssl_network_options"])) {
|
223 |
-
$prev_ssl_enabled_networkwide = $this->ssl_enabled_networkwide;
|
224 |
-
$options = array_map(array($this, "sanitize_boolean"), $_POST["rlrsssl_network_options"]);
|
225 |
-
$options["selected_networkwide_or_per_site"] = true;
|
226 |
-
|
227 |
-
$this->ssl_enabled_networkwide = isset($options["ssl_enabled_networkwide"]) ? $options["ssl_enabled_networkwide"] : false;
|
228 |
-
|
229 |
-
$this->wp_redirect = isset($options["wp_redirect"]) ? $options["wp_redirect"] : false;
|
230 |
-
$this->htaccess_redirect = isset($options["htaccess_redirect"]) ? $options["htaccess_redirect"] : false;
|
231 |
-
|
232 |
-
$this->do_not_edit_htaccess = isset($options["do_not_edit_htaccess"]) ? $options["do_not_edit_htaccess"] : false;
|
233 |
-
$this->autoreplace_mixed_content = isset($options["autoreplace_mixed_content"]) ? $options["autoreplace_mixed_content"] : false;
|
234 |
-
$this->javascript_redirect = isset($options["javascript_redirect"]) ? $options["javascript_redirect"] : false;
|
235 |
-
$this->hsts = isset($options["hsts"]) ? $options["hsts"] : false;
|
236 |
-
$this->mixed_content_admin = isset($options["mixed_content_admin"]) ? $options["mixed_content_admin"] : false;
|
237 |
-
$this->cert_expiration_warning = isset($options["cert_expiration_warning"]) ? $options["cert_expiration_warning"] : false;
|
238 |
-
$this->hide_menu_for_subsites = isset($options["hide_menu_for_subsites"]) ? $options["hide_menu_for_subsites"] : false;
|
239 |
-
|
240 |
-
|
241 |
-
$this->selected_networkwide_or_per_site = isset($options["selected_networkwide_or_per_site"]) ? $options["selected_networkwide_or_per_site"] : false;
|
242 |
-
}
|
243 |
-
|
244 |
-
$this->save_options();
|
245 |
-
|
246 |
-
if ($this->ssl_enabled_networkwide) {
|
247 |
-
//enable SSL on all sites on the network
|
248 |
-
$this->activate_ssl_networkwide();
|
249 |
-
} elseif ($prev_ssl_enabled_networkwide!=$this->ssl_enabled_networkwide) {
|
250 |
-
//if we switch to per page, we deactivate SSL on all pages first, but only if the setting was changed.
|
251 |
-
$sites = $this->get_sites_bw_compatible();
|
252 |
-
foreach ( $sites as $site ) {
|
253 |
-
$this->switch_to_blog_bw_compatible($site);
|
254 |
-
RSSSL()->really_simple_ssl->deactivate_ssl();
|
255 |
-
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
256 |
-
}
|
257 |
-
}
|
258 |
-
|
259 |
-
|
260 |
-
// At last we redirect back to our options page.
|
261 |
-
wp_redirect(add_query_arg(array('page' => $this->page_slug, 'updated' => 'true'), network_admin_url('settings.php')));
|
262 |
-
exit;
|
263 |
-
}
|
264 |
-
|
265 |
-
public function sanitize_boolean($value)
|
266 |
-
{
|
267 |
-
if ($value == true) {
|
268 |
-
return true;
|
269 |
-
} else {
|
270 |
-
return false;
|
271 |
-
}
|
272 |
-
}
|
273 |
-
|
274 |
-
|
275 |
-
/**
|
276 |
-
* Give the user an option to activate network wide or not.
|
277 |
-
* Needs to be called after detect_configuration function
|
278 |
-
*
|
279 |
-
* @since 2.3
|
280 |
-
*
|
281 |
-
* @access public
|
282 |
-
*
|
283 |
-
*/
|
284 |
-
|
285 |
-
public function show_notice_activate_networkwide(){
|
286 |
-
//if no SSL was detected, don't activate it yet.
|
287 |
-
if (!RSSSL()->really_simple_ssl->site_has_ssl) {
|
288 |
-
global $wp;
|
289 |
-
$current_url = "https://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"]
|
290 |
-
?>
|
291 |
-
<div id="message" class="error fade notice activate-ssl">
|
292 |
-
<p><?php _e("No SSL was detected. If you do have an SSL certificate, try to reload this page over https by clicking this link:","really-simple-ssl");?> <a href="<?php echo $current_url?>"><?php _e("reload over https.","really-simple-ssl");?></a>
|
293 |
-
<?php _e("You can check your certificate on","really-simple-ssl");?> <a target="_blank" href="https://www.ssllabs.com/ssltest/">Qualys SSL Labs</a>
|
294 |
-
</p>
|
295 |
-
</div>
|
296 |
-
<?php } ?>
|
297 |
-
|
298 |
-
<?php if (RSSSL()->really_simple_ssl->site_has_ssl) {
|
299 |
-
if (is_main_site(get_current_blog_id()) && RSSSL()->really_simple_ssl->wpconfig_ok()) {
|
300 |
-
?>
|
301 |
-
<div id="message" class="updated fade notice activate-ssl">
|
302 |
-
<h1><?php _e("Choose your preferred setup","really-simple-ssl");?></h1>
|
303 |
-
<?php _e("Some things can't be done automatically. Before you migrate, please check for: ",'really-simple-ssl');?>
|
304 |
-
<p>
|
305 |
-
<ul>
|
306 |
-
<li><?php _e('Http references in your .css and .js files: change any http:// into //','really-simple-ssl');?></li>
|
307 |
-
<li><?php _e('Images, stylesheets or scripts from a domain without an SSL certificate: remove them or move to your own server.','really-simple-ssl');?></li>
|
308 |
-
</ul>
|
309 |
-
</p>
|
310 |
-
<?php $this->show_pro(); ?>
|
311 |
-
<p>
|
312 |
-
<form action="" method="post">
|
313 |
-
<?php wp_nonce_field( 'rsssl_nonce', 'rsssl_nonce' );?>
|
314 |
-
<input type="submit" class='button button-primary' value="<?php _e("Activate SSL networkwide","really-simple-ssl");?>" id="rsssl_do_activate_ssl_networkwide" name="rsssl_do_activate_ssl_networkwide">
|
315 |
-
<input type="submit" class='button button-primary' value="<?php _e("Activate SSL per site","really-simple-ssl");?>" id="rsssl_do_activate_ssl_per_site" name="rsssl_do_activate_ssl_per_site">
|
316 |
-
</form>
|
317 |
-
</p>
|
318 |
-
<p>
|
319 |
-
<?php _e("Networkwide activation does not check if a site has an SSL certificate. It just migrates all sites to SSL.","really-simple-ssl");?>
|
320 |
-
</p>
|
321 |
-
</div>
|
322 |
-
<?php
|
323 |
-
}
|
324 |
-
}
|
325 |
-
}
|
326 |
-
/**
|
327 |
-
* @since 2.3
|
328 |
-
* Shows option to buy pro
|
329 |
-
|
330 |
-
*/
|
331 |
-
|
332 |
-
public function show_pro(){
|
333 |
-
?>
|
334 |
-
<p><?php _e('You can also let the automatic scan of the pro version handle this for you, and get premium support and increased security with HSTS included.','really-simple-ssl');?> <a target="_blank" href="<?php echo $this->pro_url;?>"><?php _e("Check out Really Simple SSL Premium","really-simple-ssl");?></a></p>
|
335 |
-
<?php
|
336 |
-
}
|
337 |
-
|
338 |
-
|
339 |
-
|
340 |
-
/*
|
341 |
-
|
342 |
-
Check if the plugin is network activated.
|
343 |
-
|
344 |
-
*/
|
345 |
-
|
346 |
-
|
347 |
-
public function plugin_network_wide_active(){
|
348 |
-
if ( ! function_exists( 'is_plugin_active_for_network' ) )
|
349 |
-
require_once( ABSPATH . '/wp-admin/includes/plugin.php' );
|
350 |
-
|
351 |
-
if ( is_plugin_active_for_network(rsssl_plugin) ){
|
352 |
-
return true;
|
353 |
-
} else {
|
354 |
-
return false;
|
355 |
-
}
|
356 |
-
}
|
357 |
-
|
358 |
-
|
359 |
-
|
360 |
-
public function process_networkwide_choice(){
|
361 |
-
|
362 |
-
if (!$this->plugin_network_wide_active()) return;
|
363 |
-
|
364 |
-
|
365 |
-
if ( isset($_POST['rsssl_do_activate_ssl_networkwide'])) {
|
366 |
-
|
367 |
-
$this->selected_networkwide_or_per_site = true;
|
368 |
-
$this->ssl_enabled_networkwide = true;
|
369 |
-
$this->wp_redirect = true;
|
370 |
-
$this->save_options();
|
371 |
-
|
372 |
-
//enable SSL on all sites on the network
|
373 |
-
$this->activate_ssl_networkwide();
|
374 |
-
|
375 |
-
}
|
376 |
-
|
377 |
-
if (isset($_POST['rsssl_do_activate_ssl_per_site'])) {
|
378 |
-
|
379 |
-
$this->selected_networkwide_or_per_site = true;
|
380 |
-
$this->ssl_enabled_networkwide = false;
|
381 |
-
$this->save_options();
|
382 |
-
}
|
383 |
-
|
384 |
-
}
|
385 |
-
|
386 |
-
|
387 |
-
public function save_options(){
|
388 |
-
$options = get_site_option("rlrsssl_network_options");
|
389 |
-
if (!is_array($options)) $options = array();
|
390 |
-
|
391 |
-
$options["selected_networkwide_or_per_site"] = $this->selected_networkwide_or_per_site;
|
392 |
-
$options["ssl_enabled_networkwide"] = $this->ssl_enabled_networkwide;
|
393 |
-
$options["wp_redirect"] = $this->wp_redirect;
|
394 |
-
$options["htaccess_redirect"] = $this->htaccess_redirect;
|
395 |
-
$options["do_not_edit_htaccess"] = $this->do_not_edit_htaccess;
|
396 |
-
$options["autoreplace_mixed_content"] = $this->autoreplace_mixed_content;
|
397 |
-
$options["javascript_redirect"] = $this->javascript_redirect;
|
398 |
-
$options["hsts"] = $this->hsts;
|
399 |
-
$options["mixed_content_admin"] = $this->mixed_content_admin;
|
400 |
-
$options["cert_expiration_warning"] = $this->cert_expiration_warning;
|
401 |
-
$options["hide_menu_for_subsites"] = $this->hide_menu_for_subsites;
|
402 |
-
|
403 |
-
update_site_option("rlrsssl_network_options", $options);
|
404 |
-
}
|
405 |
-
|
406 |
-
|
407 |
-
public function activate_ssl_networkwide(){
|
408 |
-
|
409 |
-
//set all sites as enabled
|
410 |
-
$sites = $this->get_sites_bw_compatible();
|
411 |
-
|
412 |
-
foreach ( $sites as $site ) {
|
413 |
-
$this->switch_to_blog_bw_compatible($site);
|
414 |
-
RSSSL()->really_simple_ssl->activate_ssl();
|
415 |
-
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
416 |
-
}
|
417 |
|
418 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
419 |
|
420 |
|
|
|
421 |
|
|
|
422 |
|
423 |
-
|
424 |
|
425 |
-
public function get_sites_bw_compatible(){
|
426 |
-
global $wp_version;
|
427 |
-
$sites = ($wp_version >= 4.6 ) ? get_sites() : wp_get_sites();
|
428 |
-
return $sites;
|
429 |
-
}
|
430 |
|
431 |
-
|
432 |
-
|
|
|
|
|
433 |
|
434 |
-
|
|
|
|
|
|
|
|
|
|
|
435 |
|
436 |
-
public function switch_to_blog_bw_compatible($site){
|
437 |
-
global $wp_version;
|
438 |
-
if ($wp_version >= 4.6 ) {
|
439 |
-
switch_to_blog( $site->blog_id );
|
440 |
-
} else {
|
441 |
-
switch_to_blog( $site[ 'blog_id' ] );
|
442 |
-
}
|
443 |
-
}
|
444 |
|
445 |
-
|
|
|
446 |
|
447 |
-
|
448 |
-
$options["selected_networkwide_or_per_site"] = false;
|
449 |
-
$options["wp_redirect"] = false;
|
450 |
-
$options["htaccess_redirect"] = false;
|
451 |
-
$options["do_not_edit_htaccess"] = false;
|
452 |
-
$options["autoreplace_mixed_content"] = false;
|
453 |
-
$options["javascript_redirect"] = false;
|
454 |
-
$options["hsts"] = false;
|
455 |
-
$options["mixed_content_admin"] = false;
|
456 |
-
$options["cert_expiration_warning"] = false;
|
457 |
-
$options["hide_menu_for_subsites"] = false;
|
458 |
|
459 |
-
unset($options["ssl_enabled_networkwide"]);
|
460 |
-
update_site_option("rlrsssl_network_options", $options);
|
461 |
|
462 |
-
|
463 |
-
foreach ( $sites as $site ) {
|
464 |
-
$this->switch_to_blog_bw_compatible($site);
|
465 |
-
RSSSL()->really_simple_ssl->deactivate_ssl();
|
466 |
-
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
467 |
-
}
|
468 |
|
469 |
-
|
|
|
|
|
|
|
470 |
|
|
|
|
|
471 |
|
472 |
-
|
473 |
-
* filters the get_admin_url function to correct the false https urls wordpress returns for non SSL websites.
|
474 |
-
*
|
475 |
-
* @since 2.3.10
|
476 |
-
*
|
477 |
-
*/
|
478 |
|
479 |
-
|
480 |
-
if (!$blog_id) $blog_id = get_current_blog_id();
|
481 |
|
482 |
-
|
483 |
-
|
|
|
|
|
484 |
|
485 |
-
|
486 |
-
//if a site is loaded over https, it should return https links, unless the url is requested for another blog.
|
487 |
-
//In that case, we only return a https link if the site_url is https, and http otherwise.
|
488 |
-
if (get_current_blog_id()==$blog_id) return $url;
|
489 |
|
490 |
-
//now check if the blog is http or https, and change the url accordingly
|
491 |
-
if (!$this->ssl_enabled_networkwide) {
|
492 |
-
$home_url = get_blog_option($blog_id, 'home');
|
493 |
-
if (strpos($home_url, "https://")===false) {
|
494 |
-
$url = str_replace("https://","http://",$url);
|
495 |
-
}
|
496 |
-
}
|
497 |
|
|
|
|
|
|
|
|
|
498 |
|
499 |
-
|
500 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
501 |
|
502 |
-
|
503 |
-
|
504 |
-
*
|
505 |
-
* @since 2.3.17
|
506 |
-
*
|
507 |
-
*/
|
508 |
-
|
509 |
-
public function check_site_protocol($url, $path, $orig_scheme, $blog_id){
|
510 |
-
if (!$blog_id) $blog_id = get_current_blog_id();
|
511 |
-
|
512 |
-
if (get_current_blog_id()==$blog_id) return $url;
|
513 |
-
|
514 |
-
if (!$this->ssl_enabled_networkwide) {
|
515 |
-
$home_url = get_blog_option($blog_id, 'home');
|
516 |
-
if (strpos($home_url, "https://")===false) {
|
517 |
-
$url = str_replace("https://","http://",$url);
|
518 |
-
}
|
519 |
-
}
|
520 |
-
return $url;
|
521 |
-
}
|
522 |
|
523 |
|
|
|
|
|
524 |
|
525 |
-
|
526 |
-
|
527 |
-
*
|
528 |
-
* @since 2.2
|
529 |
-
*
|
530 |
-
* @access public
|
531 |
-
*
|
532 |
-
**/
|
533 |
-
|
534 |
-
public function is_multisite_subfolder_install() {
|
535 |
-
if (!is_multisite()) return FALSE;
|
536 |
-
//we check this manually, as the SUBDOMAIN_INSTALL constant of wordpress might return false for domain mapping configs
|
537 |
-
$is_subfolder = FALSE;
|
538 |
-
$sites = $this->get_sites_bw_compatible();
|
539 |
-
foreach ( $sites as $site ) {
|
540 |
-
$this->switch_to_blog_bw_compatible($site);
|
541 |
-
if ($this->is_subfolder(home_url())) {
|
542 |
-
$is_subfolder=TRUE;
|
543 |
-
}
|
544 |
-
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
545 |
-
if ($is_subfolder) return true;
|
546 |
-
}
|
547 |
-
|
548 |
-
return $is_subfolder;
|
549 |
-
}
|
550 |
|
551 |
-
|
552 |
-
|
553 |
-
|
554 |
-
|
555 |
-
|
556 |
-
* @param string $domain
|
557 |
-
*
|
558 |
-
* @access private
|
559 |
-
*
|
560 |
-
*/
|
561 |
-
|
562 |
-
public function is_subfolder($domain) {
|
563 |
-
|
564 |
-
//remove slashes of the http(s)
|
565 |
-
$domain = preg_replace("/(http:\/\/|https:\/\/)/","",$domain);
|
566 |
-
if (strpos($domain,"/")!==FALSE) {
|
567 |
-
return true;
|
568 |
-
}
|
569 |
-
return false;
|
570 |
-
}
|
571 |
|
572 |
-
|
573 |
-
if (is_multisite() && $this->is_multisite_subfolder_install() && !$this->ssl_enabled_networkwide){
|
574 |
-
return true;
|
575 |
-
}
|
576 |
|
577 |
-
return false;
|
578 |
-
}
|
579 |
|
580 |
-
|
581 |
-
|
582 |
-
|
583 |
-
|
584 |
-
*
|
585 |
-
* @access public
|
586 |
-
*
|
587 |
-
*/
|
588 |
-
|
589 |
-
public function show_notices()
|
590 |
-
{
|
591 |
-
|
592 |
-
if (isset(RSSSL()->really_simple_ssl->errors["DEACTIVATE_FILE_NOT_RENAMED"])) {
|
593 |
-
?>
|
594 |
-
<div id="message" class="error fade notice is-dismissible rlrsssl-fail">
|
595 |
-
<h1>
|
596 |
-
<?php _e("Major security issue!","really-simple-ssl");?>
|
597 |
-
</h1>
|
598 |
-
<p>
|
599 |
-
<?php _e("The 'force-deactivate.php' file has to be renamed to .txt. Otherwise your ssl can be deactived by anyone on the internet.","really-simple-ssl");?>
|
600 |
-
</p>
|
601 |
-
<a href="options-general.php?page=rlrsssl_really_simple_ssl"><?php echo __("Check again","really-simple-ssl");?></a>
|
602 |
-
</div>
|
603 |
-
<?php
|
604 |
-
}
|
605 |
-
|
606 |
-
/*
|
607 |
-
SSL success message
|
608 |
-
*/
|
609 |
-
|
610 |
-
if ($this->selected_networkwide_or_per_site && !get_site_option("rsssl_success_message_shown")) {
|
611 |
-
|
612 |
-
?>
|
613 |
-
<div id="message" class="updated fade notice is-dismissible rlrsssl-multisite-success">
|
614 |
-
<p>
|
615 |
-
<?php _e("SSL activated!","really-simple-ssl");?>
|
616 |
-
<?php
|
617 |
-
if ($this->ssl_enabled_networkwide)
|
618 |
-
_e("SSL was activated on your entire network.", "really-simple-ssl");
|
619 |
-
else
|
620 |
-
_e("SSL was activated per site.", "really-simple-ssl");
|
621 |
-
?>
|
622 |
-
<?php _e("Don't forget to change your settings in Google Analytics and Webmaster tools.","really-simple-ssl");?>
|
623 |
-
<a target="_blank" href="https://really-simple-ssl.com/knowledge-base/how-to-setup-google-analytics-and-google-search-consolewebmaster-tools/"><?php _e("More info.","really-simple-ssl");?></a>
|
624 |
-
</p>
|
625 |
-
</div>
|
626 |
-
<?php
|
627 |
-
}
|
628 |
-
|
629 |
-
if (!$this->ssl_enabled_networkwide && $this->selected_networkwide_or_per_site && $this->is_multisite_subfolder_install()) {
|
630 |
-
//with no server variables, the website could get into a redirect loop.
|
631 |
-
if (RSSSL()->really_simple_ssl->no_server_variable) {
|
632 |
-
?>
|
633 |
-
<div id="message" class="error fade notice">
|
634 |
-
<p>
|
635 |
-
<?php _e('You run a Multisite installation with subfolders, which prevents this plugin from fixing your missing server variable in the wp-config.php.','really-simple-ssl');?>
|
636 |
-
<?php _e('Because the $_SERVER["HTTPS"] variable is not set, your website may experience redirect loops.','really-simple-ssl');?>
|
637 |
-
<?php _e('Activate networkwide to fix this.','really-simple-ssl');?>
|
638 |
-
</p>
|
639 |
-
</div>
|
640 |
-
<?php
|
641 |
-
}
|
642 |
-
}
|
643 |
-
}
|
644 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
645 |
|
646 |
-
|
647 |
-
|
648 |
-
*
|
649 |
-
* @since 2.0
|
650 |
-
*
|
651 |
-
* @access public
|
652 |
-
*
|
653 |
-
*/
|
654 |
-
|
655 |
-
public function insert_dismiss_success() {
|
656 |
-
if ($this->selected_networkwide_or_per_site && !get_site_option("rsssl_success_message_shown")) {
|
657 |
-
$ajax_nonce = wp_create_nonce( "really-simple-ssl-dismiss" );
|
658 |
-
?>
|
659 |
-
<script type='text/javascript'>
|
660 |
-
jQuery(document).ready(function($) {
|
661 |
-
$(".rlrsssl-multisite-success.notice.is-dismissible").on("click", ".notice-dismiss", function(event){
|
662 |
-
|
663 |
-
var data = {
|
664 |
-
'action': 'dismiss_success_message_multisite',
|
665 |
-
'security': '<?php echo $ajax_nonce; ?>'
|
666 |
-
};
|
667 |
-
|
668 |
-
$.post(ajaxurl, data, function(response) {
|
669 |
-
|
670 |
-
});
|
671 |
-
});
|
672 |
-
});
|
673 |
-
</script>
|
674 |
-
<?php
|
675 |
-
}
|
676 |
-
}
|
677 |
|
678 |
-
|
679 |
-
* Process the ajax dismissal of the success message.
|
680 |
-
*
|
681 |
-
* @since 2.0
|
682 |
-
*
|
683 |
-
* @access public
|
684 |
-
*
|
685 |
-
*/
|
686 |
|
687 |
-
public function
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
688 |
//nonce check fails if url is changed to SSL.
|
689 |
//check_ajax_referer( 'really-simple-ssl-dismiss', 'security' );
|
690 |
-
update_site_option("rsssl_success_message_shown", true);
|
691 |
-
wp_die();
|
692 |
-
}
|
693 |
-
|
694 |
-
|
695 |
-
public function dismiss_pro_option_notice()
|
696 |
-
|
697 |
-
|
698 |
-
|
699 |
-
|
700 |
-
|
701 |
-
|
702 |
-
|
703 |
-
|
704 |
-
|
705 |
-
|
706 |
-
|
707 |
-
|
708 |
-
|
709 |
-
|
710 |
-
|
711 |
-
|
712 |
-
|
713 |
-
|
714 |
-
|
715 |
-
|
716 |
-
|
717 |
-
|
718 |
-
|
719 |
-
|
720 |
-
|
721 |
-
|
722 |
-
|
723 |
-
|
724 |
-
|
725 |
-
|
726 |
-
|
727 |
-
|
728 |
-
|
729 |
-
|
730 |
-
|
731 |
-
|
732 |
-
|
733 |
-
|
734 |
-
|
735 |
-
|
736 |
-
|
737 |
-
|
738 |
-
|
739 |
-
|
740 |
-
|
741 |
-
|
742 |
-
|
743 |
-
|
744 |
-
|
745 |
-
|
746 |
-
|
747 |
-
|
748 |
-
|
749 |
-
|
750 |
-
|
751 |
-
|
752 |
-
|
753 |
-
|
754 |
-
|
755 |
-
|
756 |
-
|
757 |
-
|
758 |
-
|
759 |
-
|
760 |
-
|
761 |
-
|
762 |
-
|
763 |
-
|
764 |
-
|
765 |
-
|
766 |
-
|
767 |
-
|
768 |
-
|
769 |
-
|
770 |
-
|
771 |
-
|
772 |
-
|
773 |
-
|
774 |
-
|
775 |
-
|
776 |
-
|
777 |
-
|
778 |
-
|
779 |
-
|
780 |
-
|
781 |
-
|
782 |
-
|
783 |
-
|
784 |
-
|
785 |
-
|
|
|
|
|
|
|
|
|
786 |
}
|
2 |
|
3 |
defined('ABSPATH') or die("you do not have access to this page!");
|
4 |
|
5 |
+
if (!class_exists('rsssl_multisite')) {
|
6 |
+
class rsssl_multisite
|
7 |
+
{
|
8 |
+
private static $_this;
|
9 |
+
|
10 |
+
public $option_group = "rsssl_network_options";
|
11 |
+
public $page_slug = "really-simple-ssl";
|
12 |
+
public $section = "rsssl_network_options_section";
|
13 |
+
public $ssl_enabled_networkwide;
|
14 |
+
public $selected_networkwide_or_per_site;
|
15 |
+
|
16 |
+
public $wp_redirect;
|
17 |
+
public $htaccess_redirect;
|
18 |
+
public $do_not_edit_htaccess;
|
19 |
+
public $autoreplace_mixed_content;
|
20 |
+
public $javascript_redirect;
|
21 |
+
public $hsts;
|
22 |
+
public $mixed_content_admin;
|
23 |
+
public $cert_expiration_warning;
|
24 |
+
public $hide_menu_for_subsites;
|
25 |
+
|
26 |
+
private $pro_url = "https://www.really-simple-ssl.com/pro-multisite";
|
27 |
+
|
28 |
+
function __construct()
|
29 |
+
{
|
30 |
+
|
31 |
+
if (isset(self::$_this))
|
32 |
+
wp_die(sprintf(__('%s is a singleton class and you cannot create a second instance.', 'really-simple-ssl'), get_class($this)));
|
33 |
+
|
34 |
+
self::$_this = $this;
|
35 |
+
|
36 |
+
|
37 |
+
$this->load_options();
|
38 |
+
register_activation_hook(dirname(__FILE__) . "/" . rsssl_plugin, array($this, 'activate'));
|
39 |
+
|
40 |
+
/*filters to make sure WordPress returns the correct protocol */
|
41 |
+
add_filter("admin_url", array($this, "check_admin_protocol"), 20, 3);
|
42 |
+
add_filter('home_url', array($this, 'check_site_protocol'), 20, 4);
|
43 |
+
add_filter('site_url', array($this, 'check_site_protocol'), 20, 4);
|
44 |
+
|
45 |
+
add_action("plugins_loaded", array($this, "process_networkwide_choice"), 10, 0);
|
46 |
+
add_action("plugins_loaded", array($this, "networkwide_choice_notice"), 20, 0);
|
47 |
+
|
48 |
+
add_action('network_admin_menu', array(&$this, 'add_multisite_menu'));
|
49 |
+
add_action('network_admin_edit_rsssl_update_network_settings', array($this, 'update_network_options'));
|
50 |
+
|
51 |
+
if (is_network_admin()) {
|
52 |
+
add_action('network_admin_notices', array($this, 'show_notices'), 10);
|
53 |
+
add_action('admin_print_footer_scripts', array($this, 'insert_dismiss_success'));
|
54 |
+
}
|
55 |
+
|
56 |
+
add_action('wp_ajax_dismiss_success_message_multisite', array($this, 'dismiss_success_message_callback'));
|
57 |
+
add_action('wp_ajax_rsssl_pro_dismiss_pro_option_notice', array($this, 'dismiss_pro_option_notice'));
|
58 |
+
add_action("network_admin_notices", array($this, 'show_pro_option_notice'));
|
59 |
+
add_action("rsssl_show_network_tab_settings", array($this, 'settings_tab'));
|
60 |
+
add_action('wpmu_new_blog', array($this, 'maybe_activate_ssl_in_new_blog'), 10, 6);
|
61 |
+
|
62 |
+
}
|
63 |
+
|
64 |
+
static function this()
|
65 |
+
{
|
66 |
+
return self::$_this;
|
67 |
+
}
|
68 |
+
|
69 |
+
/*
|
70 |
+
|
71 |
+
When a new site is added, maybe activate SSL as well.
|
72 |
+
|
73 |
+
*/
|
74 |
+
|
75 |
+
public function maybe_activate_ssl_in_new_blog($blog_id, $user_id, $domain, $path, $site_id, $meta)
|
76 |
+
{
|
77 |
+
if ($this->ssl_enabled_networkwide) {
|
78 |
+
$site = get_blog_details($blog_id);
|
79 |
+
$this->switch_to_blog_bw_compatible($site);
|
80 |
+
RSSSL()->really_simple_ssl->activate_ssl();
|
81 |
+
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
82 |
+
}
|
83 |
+
}
|
84 |
+
|
85 |
+
|
86 |
+
public function networkwide_choice_notice()
|
87 |
+
{
|
88 |
+
|
89 |
+
if ($this->plugin_network_wide_active() && !$this->selected_networkwide_or_per_site) {
|
90 |
+
add_action('network_admin_notices', array($this, 'show_notice_activate_networkwide'), 10);
|
91 |
+
}
|
92 |
+
}
|
93 |
+
|
94 |
+
public function load_options()
|
95 |
+
{
|
96 |
+
$options = get_site_option('rlrsssl_network_options');
|
97 |
+
$this->selected_networkwide_or_per_site = isset($options["selected_networkwide_or_per_site"]) ? $options["selected_networkwide_or_per_site"] : false;
|
98 |
+
$this->ssl_enabled_networkwide = isset($options["ssl_enabled_networkwide"]) ? $options["ssl_enabled_networkwide"] : false;
|
99 |
+
$this->wp_redirect = isset($options["wp_redirect"]) ? $options["wp_redirect"] : false;
|
100 |
+
$this->htaccess_redirect = isset($options["htaccess_redirect"]) ? $options["htaccess_redirect"] : false;
|
101 |
+
$this->do_not_edit_htaccess = isset($options["do_not_edit_htaccess"]) ? $options["do_not_edit_htaccess"] : false;
|
102 |
+
$this->autoreplace_mixed_content = isset($options["autoreplace_mixed_content"]) ? $options["autoreplace_mixed_content"] : false;
|
103 |
+
$this->javascript_redirect = isset($options["javascript_redirect"]) ? $options["javascript_redirect"] : false;
|
104 |
+
$this->hsts = isset($options["hsts"]) ? $options["hsts"] : false;
|
105 |
+
$this->mixed_content_admin = isset($options["mixed_content_admin"]) ? $options["mixed_content_admin"] : false;
|
106 |
+
$this->cert_expiration_warning = isset($options["cert_expiration_warning"]) ? $options["cert_expiration_warning"] : false;
|
107 |
+
$this->hide_menu_for_subsites = isset($options["hide_menu_for_subsites"]) ? $options["hide_menu_for_subsites"] : false;
|
108 |
+
}
|
109 |
+
|
110 |
+
|
111 |
+
/**
|
112 |
+
* On plugin activation, we can check if it is networkwide or not.
|
113 |
+
*
|
114 |
+
* @since 2.1
|
115 |
+
*
|
116 |
+
* @access public
|
117 |
+
*
|
118 |
+
*/
|
119 |
+
|
120 |
+
public function activate($networkwide)
|
121 |
+
{
|
122 |
+
//if networkwide, we ask, if not, we set it as selected.
|
123 |
+
if (!$networkwide) {
|
124 |
+
$this->selected_networkwide_or_per_site = true;
|
125 |
+
$this->ssl_enabled_networkwide = false;
|
126 |
+
$this->save_options();
|
127 |
+
}
|
128 |
+
|
129 |
+
}
|
130 |
+
|
131 |
+
/*
|
132 |
+
|
133 |
+
Add network menu for SSL
|
134 |
+
Only when plugin is network activated.
|
135 |
+
|
136 |
+
*/
|
137 |
+
|
138 |
+
public function add_multisite_menu()
|
139 |
+
{
|
140 |
+
if (!$this->plugin_network_wide_active()) return;
|
141 |
+
|
142 |
+
register_setting($this->option_group, 'rsssl_options');
|
143 |
+
add_settings_section('rsssl_network_settings', __("Settings", "really-simple-ssl"), array($this, 'section_text'), $this->page_slug);
|
144 |
+
|
145 |
+
add_settings_field('id_ssl_enabled_networkwide', __("Enable SSL", "really-simple-ssl"), array($this, 'get_option_enable_multisite'), $this->page_slug, 'rsssl_network_settings');
|
146 |
+
RSSSL()->rsssl_network_admin_page = add_submenu_page('settings.php', "SSL", "SSL", 'manage_options', $this->page_slug, array(&$this, 'multisite_menu_page'));
|
147 |
+
|
148 |
+
}
|
149 |
+
|
150 |
+
/*
|
151 |
+
Shows the content of the multisite menu page
|
152 |
+
*/
|
153 |
+
|
154 |
+
public function section_text()
|
155 |
+
{
|
156 |
+
_e("Below you can set the multisite options for Really Simple SSL", "really-simple-ssl");
|
157 |
+
}
|
158 |
+
|
159 |
+
public function get_option_enable_multisite()
|
160 |
+
{
|
161 |
+
?>
|
162 |
+
<select name="rlrsssl_network_options[ssl_enabled_networkwide]">
|
163 |
+
<?php if (!$this->selected_networkwide_or_per_site) { ?>
|
164 |
+
<option value="-1" <?php if (!$this->selected_networkwide_or_per_site) echo "selected"; ?>><?php _e("No selection was made", "really-simple-ssl") ?>
|
165 |
+
<?php } ?>
|
166 |
+
<option value="1" <?php if ($this->ssl_enabled_networkwide) echo "selected"; ?>><?php _e("networkwide", "really-simple-ssl") ?>
|
167 |
+
<option value="0" <?php if (!$this->ssl_enabled_networkwide) echo "selected"; ?>><?php _e("per site", "really-simple-ssl") ?>
|
168 |
+
</select>
|
169 |
+
<?php
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
170 |
|
171 |
+
//echo '<input id="rlrsssl_options" name="rlrsssl_network_options[ssl_enabled_networkwide]" size="40" type="checkbox" value="1"' . checked( 1, $this->ssl_enabled_networkwide, false ) ." />";
|
172 |
+
rsssl_help::this()->get_help_tip(__("Select to enable SSL networkwide or per site.", "really-simple-ssl"));
|
173 |
+
}
|
174 |
+
|
175 |
+
|
176 |
+
/**
|
177 |
+
* Displays the options page. The big difference here is where you post the data
|
178 |
+
* because, unlike for normal option pages, there is nowhere to process it by
|
179 |
+
* default so we have to create our own hook to process the saving of our options.
|
180 |
+
*/
|
181 |
+
|
182 |
+
public function multisite_menu_page()
|
183 |
+
{
|
184 |
+
$tab = "settings";
|
185 |
+
if (isset ($_GET['tab'])) $tab = $_GET['tab'];
|
186 |
+
$this->admin_tabs($tab);
|
187 |
+
|
188 |
+
do_action("rsssl_show_network_tab_{$tab}");
|
189 |
+
}
|
190 |
+
|
191 |
+
|
192 |
+
public function settings_tab()
|
193 |
+
{
|
194 |
+
if (isset($_GET['updated'])): ?>
|
195 |
+
<div id="message" class="updated notice is-dismissible">
|
196 |
+
<p><?php _e('Options saved.', 'really-simple-ssl') ?></p></div>
|
197 |
+
<?php endif; ?>
|
198 |
+
<div class="wrap">
|
199 |
+
<h1><?php _e('Really Simple SSL multisite options', 'really-simple-ssl'); ?></h1>
|
200 |
+
<form method="POST" action="edit.php?action=rsssl_update_network_settings">
|
201 |
+
<?php
|
202 |
+
|
203 |
+
settings_fields($this->option_group);
|
204 |
+
do_settings_sections($this->page_slug);
|
205 |
+
submit_button();
|
206 |
+
?>
|
207 |
+
</form>
|
208 |
+
</div>
|
209 |
+
<?php
|
210 |
+
}
|
211 |
+
|
212 |
+
|
213 |
+
/**
|
214 |
+
* Save network settings
|
215 |
+
*/
|
216 |
+
|
217 |
+
public function update_network_options()
|
218 |
+
{
|
219 |
+
check_admin_referer($this->option_group . '-options');
|
220 |
+
|
221 |
+
if (isset($_POST["rlrsssl_network_options"])) {
|
222 |
+
$prev_ssl_enabled_networkwide = $this->ssl_enabled_networkwide;
|
223 |
+
$options = array_map(array($this, "sanitize_boolean"), $_POST["rlrsssl_network_options"]);
|
224 |
+
$options["selected_networkwide_or_per_site"] = true;
|
225 |
+
|
226 |
+
$this->ssl_enabled_networkwide = isset($options["ssl_enabled_networkwide"]) ? $options["ssl_enabled_networkwide"] : false;
|
227 |
+
|
228 |
+
$this->wp_redirect = isset($options["wp_redirect"]) ? $options["wp_redirect"] : false;
|
229 |
+
$this->htaccess_redirect = isset($options["htaccess_redirect"]) ? $options["htaccess_redirect"] : false;
|
230 |
+
|
231 |
+
$this->do_not_edit_htaccess = isset($options["do_not_edit_htaccess"]) ? $options["do_not_edit_htaccess"] : false;
|
232 |
+
$this->autoreplace_mixed_content = isset($options["autoreplace_mixed_content"]) ? $options["autoreplace_mixed_content"] : false;
|
233 |
+
$this->javascript_redirect = isset($options["javascript_redirect"]) ? $options["javascript_redirect"] : false;
|
234 |
+
$this->hsts = isset($options["hsts"]) ? $options["hsts"] : false;
|
235 |
+
$this->mixed_content_admin = isset($options["mixed_content_admin"]) ? $options["mixed_content_admin"] : false;
|
236 |
+
$this->cert_expiration_warning = isset($options["cert_expiration_warning"]) ? $options["cert_expiration_warning"] : false;
|
237 |
+
$this->hide_menu_for_subsites = isset($options["hide_menu_for_subsites"]) ? $options["hide_menu_for_subsites"] : false;
|
238 |
+
|
239 |
+
|
240 |
+
$this->selected_networkwide_or_per_site = isset($options["selected_networkwide_or_per_site"]) ? $options["selected_networkwide_or_per_site"] : false;
|
241 |
+
}
|
242 |
+
|
243 |
+
$this->save_options();
|
244 |
+
|
245 |
+
if ($this->ssl_enabled_networkwide) {
|
246 |
+
//enable SSL on all sites on the network
|
247 |
+
$this->activate_ssl_networkwide();
|
248 |
+
} elseif ($prev_ssl_enabled_networkwide != $this->ssl_enabled_networkwide) {
|
249 |
+
//if we switch to per page, we deactivate SSL on all pages first, but only if the setting was changed.
|
250 |
+
$sites = $this->get_sites_bw_compatible();
|
251 |
+
foreach ($sites as $site) {
|
252 |
+
$this->switch_to_blog_bw_compatible($site);
|
253 |
+
RSSSL()->really_simple_ssl->deactivate_ssl();
|
254 |
+
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
255 |
+
}
|
256 |
+
}
|
257 |
+
|
258 |
+
|
259 |
+
// At last we redirect back to our options page.
|
260 |
+
wp_redirect(add_query_arg(array('page' => $this->page_slug, 'updated' => 'true'), network_admin_url('settings.php')));
|
261 |
+
exit;
|
262 |
+
}
|
263 |
+
|
264 |
+
public function sanitize_boolean($value)
|
265 |
+
{
|
266 |
+
if ($value == true) {
|
267 |
+
return true;
|
268 |
+
} else {
|
269 |
+
return false;
|
270 |
+
}
|
271 |
+
}
|
272 |
+
|
273 |
+
|
274 |
+
/**
|
275 |
+
* Give the user an option to activate network wide or not.
|
276 |
+
* Needs to be called after detect_configuration function
|
277 |
+
*
|
278 |
+
* @since 2.3
|
279 |
+
*
|
280 |
+
* @access public
|
281 |
+
*
|
282 |
+
*/
|
283 |
+
|
284 |
+
public function show_notice_activate_networkwide()
|
285 |
+
{
|
286 |
+
//if no SSL was detected, don't activate it yet.
|
287 |
+
|
288 |
+
if (!RSSSL()->really_simple_ssl->site_has_ssl) {
|
289 |
+
$current_url = "https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]
|
290 |
+
?>
|
291 |
+
<div id="message" class="error fade notice activate-ssl">
|
292 |
+
<p><?php _e("No SSL was detected. If you do have an SSL certificate, try to reload this page over https by clicking this link:", "really-simple-ssl"); ?>
|
293 |
+
<a
|
294 |
+
href="<?php echo $current_url ?>"><?php _e("reload over https.", "really-simple-ssl"); ?></a>
|
295 |
+
<?php _e("You can check your certificate on", "really-simple-ssl"); ?> <a target="_blank"
|
296 |
+
href="https://www.ssllabs.com/ssltest/">Qualys
|
297 |
+
SSL Labs</a>
|
298 |
+
</p>
|
299 |
+
</div>
|
300 |
+
<?php } ?>
|
301 |
+
|
302 |
+
<?php if (RSSSL()->really_simple_ssl->site_has_ssl) {
|
303 |
+
if (is_main_site(get_current_blog_id()) && RSSSL()->really_simple_ssl->wpconfig_ok()) {
|
304 |
+
?>
|
305 |
+
<div id="message" class="updated fade notice activate-ssl">
|
306 |
+
<h1><?php _e("Choose your preferred setup", "really-simple-ssl"); ?></h1>
|
307 |
+
<?php _e("Some things can't be done automatically. Before you migrate, please check for: ", 'really-simple-ssl'); ?>
|
308 |
+
<p>
|
309 |
+
<ul>
|
310 |
+
<li><?php _e('Http references in your .css and .js files: change any http:// into //', 'really-simple-ssl'); ?></li>
|
311 |
+
<li><?php _e('Images, stylesheets or scripts from a domain without an SSL certificate: remove them or move to your own server.', 'really-simple-ssl'); ?></li>
|
312 |
+
</ul>
|
313 |
+
</p>
|
314 |
+
<?php $this->show_pro(); ?>
|
315 |
+
<p>
|
316 |
+
<form action="" method="post">
|
317 |
+
<?php wp_nonce_field('rsssl_nonce', 'rsssl_nonce'); ?>
|
318 |
+
<input type="submit" class='button button-primary'
|
319 |
+
value="<?php _e("Activate SSL networkwide", "really-simple-ssl"); ?>"
|
320 |
+
id="rsssl_do_activate_ssl_networkwide" name="rsssl_do_activate_ssl_networkwide">
|
321 |
+
<input type="submit" class='button button-primary'
|
322 |
+
value="<?php _e("Activate SSL per site", "really-simple-ssl"); ?>"
|
323 |
+
id="rsssl_do_activate_ssl_per_site" name="rsssl_do_activate_ssl_per_site">
|
324 |
+
</form>
|
325 |
+
</p>
|
326 |
+
<p>
|
327 |
+
<?php _e("Networkwide activation does not check if a site has an SSL certificate. It just migrates all sites to SSL.", "really-simple-ssl"); ?>
|
328 |
+
</p>
|
329 |
+
</div>
|
330 |
+
<?php
|
331 |
+
}
|
332 |
+
}
|
333 |
+
}
|
334 |
+
|
335 |
+
/**
|
336 |
+
* @since 2.3
|
337 |
+
* Shows option to buy pro
|
338 |
+
*/
|
339 |
+
|
340 |
+
public function show_pro()
|
341 |
+
{
|
342 |
+
?>
|
343 |
+
<p><?php _e('You can also let the automatic scan of the pro version handle this for you, and get premium support and increased security with HSTS included.', 'really-simple-ssl'); ?>
|
344 |
+
<a target="_blank"
|
345 |
+
href="<?php echo $this->pro_url; ?>"><?php _e("Check out Really Simple SSL Premium", "really-simple-ssl"); ?></a>
|
346 |
+
</p>
|
347 |
+
<?php
|
348 |
+
}
|
349 |
|
350 |
|
351 |
+
/*
|
352 |
|
353 |
+
Check if the plugin is network activated.
|
354 |
|
355 |
+
*/
|
356 |
|
|
|
|
|
|
|
|
|
|
|
357 |
|
358 |
+
public function plugin_network_wide_active()
|
359 |
+
{
|
360 |
+
if (!function_exists('is_plugin_active_for_network'))
|
361 |
+
require_once(ABSPATH . '/wp-admin/includes/plugin.php');
|
362 |
|
363 |
+
if (is_plugin_active_for_network(rsssl_plugin)) {
|
364 |
+
return true;
|
365 |
+
} else {
|
366 |
+
return false;
|
367 |
+
}
|
368 |
+
}
|
369 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
370 |
|
371 |
+
public function process_networkwide_choice()
|
372 |
+
{
|
373 |
|
374 |
+
if (!$this->plugin_network_wide_active()) return;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
375 |
|
|
|
|
|
376 |
|
377 |
+
if (isset($_POST['rsssl_do_activate_ssl_networkwide'])) {
|
|
|
|
|
|
|
|
|
|
|
378 |
|
379 |
+
$this->selected_networkwide_or_per_site = true;
|
380 |
+
$this->ssl_enabled_networkwide = true;
|
381 |
+
$this->wp_redirect = true;
|
382 |
+
$this->save_options();
|
383 |
|
384 |
+
//enable SSL on all sites on the network
|
385 |
+
$this->activate_ssl_networkwide();
|
386 |
|
387 |
+
}
|
|
|
|
|
|
|
|
|
|
|
388 |
|
389 |
+
if (isset($_POST['rsssl_do_activate_ssl_per_site'])) {
|
|
|
390 |
|
391 |
+
$this->selected_networkwide_or_per_site = true;
|
392 |
+
$this->ssl_enabled_networkwide = false;
|
393 |
+
$this->save_options();
|
394 |
+
}
|
395 |
|
396 |
+
}
|
|
|
|
|
|
|
397 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
398 |
|
399 |
+
public function save_options()
|
400 |
+
{
|
401 |
+
$options = get_site_option("rlrsssl_network_options");
|
402 |
+
if (!is_array($options)) $options = array();
|
403 |
|
404 |
+
$options["selected_networkwide_or_per_site"] = $this->selected_networkwide_or_per_site;
|
405 |
+
$options["ssl_enabled_networkwide"] = $this->ssl_enabled_networkwide;
|
406 |
+
$options["wp_redirect"] = $this->wp_redirect;
|
407 |
+
$options["htaccess_redirect"] = $this->htaccess_redirect;
|
408 |
+
$options["do_not_edit_htaccess"] = $this->do_not_edit_htaccess;
|
409 |
+
$options["autoreplace_mixed_content"] = $this->autoreplace_mixed_content;
|
410 |
+
$options["javascript_redirect"] = $this->javascript_redirect;
|
411 |
+
$options["hsts"] = $this->hsts;
|
412 |
+
$options["mixed_content_admin"] = $this->mixed_content_admin;
|
413 |
+
$options["cert_expiration_warning"] = $this->cert_expiration_warning;
|
414 |
+
$options["hide_menu_for_subsites"] = $this->hide_menu_for_subsites;
|
415 |
|
416 |
+
update_site_option("rlrsssl_network_options", $options);
|
417 |
+
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
418 |
|
419 |
|
420 |
+
public function activate_ssl_networkwide()
|
421 |
+
{
|
422 |
|
423 |
+
//set all sites as enabled
|
424 |
+
$sites = $this->get_sites_bw_compatible();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
425 |
|
426 |
+
foreach ($sites as $site) {
|
427 |
+
$this->switch_to_blog_bw_compatible($site);
|
428 |
+
RSSSL()->really_simple_ssl->activate_ssl();
|
429 |
+
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
430 |
+
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
431 |
|
432 |
+
}
|
|
|
|
|
|
|
433 |
|
|
|
|
|
434 |
|
435 |
+
//change deprecated function depending on version.
|
436 |
+
public function get_sites_bw_compatible()
|
437 |
+
{
|
438 |
+
global $wp_version;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
439 |
|
440 |
+
//make sure all blogs are returned, not only the first 100.
|
441 |
+
$args = array(
|
442 |
+
'number' => get_blog_count()
|
443 |
+
);
|
444 |
+
$sites = ($wp_version >= 4.6) ? get_sites($args) : wp_get_sites();
|
445 |
+
return $sites;
|
446 |
+
}
|
447 |
|
448 |
+
/*
|
449 |
+
The new get_sites function returns an object.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
450 |
|
451 |
+
*/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
452 |
|
453 |
+
public function switch_to_blog_bw_compatible($site)
|
454 |
+
{
|
455 |
+
global $wp_version;
|
456 |
+
if ($wp_version >= 4.6) {
|
457 |
+
switch_to_blog($site->blog_id);
|
458 |
+
} else {
|
459 |
+
switch_to_blog($site['blog_id']);
|
460 |
+
}
|
461 |
+
}
|
462 |
+
|
463 |
+
public function deactivate()
|
464 |
+
{
|
465 |
+
|
466 |
+
$options = get_site_option("rlrsssl_network_options");
|
467 |
+
$options["selected_networkwide_or_per_site"] = false;
|
468 |
+
$options["wp_redirect"] = false;
|
469 |
+
$options["htaccess_redirect"] = false;
|
470 |
+
$options["do_not_edit_htaccess"] = false;
|
471 |
+
$options["autoreplace_mixed_content"] = false;
|
472 |
+
$options["javascript_redirect"] = false;
|
473 |
+
$options["hsts"] = false;
|
474 |
+
$options["mixed_content_admin"] = false;
|
475 |
+
$options["cert_expiration_warning"] = false;
|
476 |
+
$options["hide_menu_for_subsites"] = false;
|
477 |
+
|
478 |
+
unset($options["ssl_enabled_networkwide"]);
|
479 |
+
update_site_option("rlrsssl_network_options", $options);
|
480 |
+
|
481 |
+
$sites = $this->get_sites_bw_compatible();
|
482 |
+
foreach ($sites as $site) {
|
483 |
+
$this->switch_to_blog_bw_compatible($site);
|
484 |
+
RSSSL()->really_simple_ssl->deactivate_ssl();
|
485 |
+
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
486 |
+
}
|
487 |
+
|
488 |
+
|
489 |
+
}
|
490 |
+
|
491 |
+
|
492 |
+
/**
|
493 |
+
* filters the get_admin_url function to correct the false https urls wordpress returns for non SSL websites.
|
494 |
+
*
|
495 |
+
* @since 2.3.10
|
496 |
+
*
|
497 |
+
*/
|
498 |
+
|
499 |
+
public function check_admin_protocol($url, $path, $blog_id)
|
500 |
+
{
|
501 |
+
if (!$blog_id) $blog_id = get_current_blog_id();
|
502 |
+
|
503 |
+
//if the force_ssl_admin is defined, the admin_url should not be forced back to http: all admin panels should be https.
|
504 |
+
if (defined('FORCE_SSL_ADMIN')) return $url;
|
505 |
+
|
506 |
+
//do not force to http if the request is made for an url of the current blog.
|
507 |
+
//if a site is loaded over https, it should return https links, unless the url is requested for another blog.
|
508 |
+
//In that case, we only return a https link if the site_url is https, and http otherwise.
|
509 |
+
if (get_current_blog_id() == $blog_id) return $url;
|
510 |
+
|
511 |
+
//now check if the blog is http or https, and change the url accordingly
|
512 |
+
if (!$this->ssl_enabled_networkwide) {
|
513 |
+
$home_url = get_blog_option($blog_id, 'home');
|
514 |
+
if (strpos($home_url, "https://") === false) {
|
515 |
+
$url = str_replace("https://", "http://", $url);
|
516 |
+
}
|
517 |
+
}
|
518 |
+
|
519 |
+
|
520 |
+
return $url;
|
521 |
+
}
|
522 |
+
|
523 |
+
/**
|
524 |
+
* filters the home_url and/or site_url function to correct the false https urls wordpress returns for non SSL websites.
|
525 |
+
*
|
526 |
+
* @since 2.3.17
|
527 |
+
*
|
528 |
+
*/
|
529 |
+
|
530 |
+
public function check_site_protocol($url, $path, $orig_scheme, $blog_id)
|
531 |
+
{
|
532 |
+
if (!$blog_id) $blog_id = get_current_blog_id();
|
533 |
+
|
534 |
+
if (get_current_blog_id() == $blog_id) return $url;
|
535 |
+
|
536 |
+
if (!$this->ssl_enabled_networkwide) {
|
537 |
+
$home_url = get_blog_option($blog_id, 'home');
|
538 |
+
if (strpos($home_url, "https://") === false) {
|
539 |
+
$url = str_replace("https://", "http://", $url);
|
540 |
+
}
|
541 |
+
}
|
542 |
+
return $url;
|
543 |
+
}
|
544 |
+
|
545 |
+
|
546 |
+
/*
|
547 |
+
* Checks if we are on a subfolder install. (domain.com/site1 )
|
548 |
+
*
|
549 |
+
* @since 2.2
|
550 |
+
*
|
551 |
+
* @access public
|
552 |
+
*
|
553 |
+
**/
|
554 |
+
|
555 |
+
public function is_multisite_subfolder_install()
|
556 |
+
{
|
557 |
+
if (!is_multisite()) return FALSE;
|
558 |
+
//we check this manually, as the SUBDOMAIN_INSTALL constant of wordpress might return false for domain mapping configs
|
559 |
+
$is_subfolder = FALSE;
|
560 |
+
$sites = $this->get_sites_bw_compatible();
|
561 |
+
foreach ($sites as $site) {
|
562 |
+
$this->switch_to_blog_bw_compatible($site);
|
563 |
+
if ($this->is_subfolder(home_url())) {
|
564 |
+
$is_subfolder = TRUE;
|
565 |
+
}
|
566 |
+
restore_current_blog(); //switches back to previous blog, not current, so we have to do it each loop
|
567 |
+
if ($is_subfolder) return true;
|
568 |
+
}
|
569 |
+
|
570 |
+
return $is_subfolder;
|
571 |
+
}
|
572 |
+
|
573 |
+
/**
|
574 |
+
* Test if a domain has a subfolder structure
|
575 |
+
*
|
576 |
+
* @since 2.2
|
577 |
+
*
|
578 |
+
* @param string $domain
|
579 |
+
*
|
580 |
+
* @access private
|
581 |
+
*
|
582 |
+
*/
|
583 |
+
|
584 |
+
public function is_subfolder($domain)
|
585 |
+
{
|
586 |
+
|
587 |
+
//remove slashes of the http(s)
|
588 |
+
$domain = preg_replace("/(http:\/\/|https:\/\/)/", "", $domain);
|
589 |
+
if (strpos($domain, "/") !== FALSE) {
|
590 |
+
return true;
|
591 |
+
}
|
592 |
+
return false;
|
593 |
+
}
|
594 |
+
|
595 |
+
public function is_per_site_activated_multisite_subfolder_install()
|
596 |
+
{
|
597 |
+
if (is_multisite() && $this->is_multisite_subfolder_install() && !$this->ssl_enabled_networkwide) {
|
598 |
+
return true;
|
599 |
+
}
|
600 |
+
|
601 |
+
return false;
|
602 |
+
}
|
603 |
+
|
604 |
+
/**
|
605 |
+
* Show notices
|
606 |
+
*
|
607 |
+
* @since 2.0
|
608 |
+
*
|
609 |
+
* @access public
|
610 |
+
*
|
611 |
+
*/
|
612 |
+
|
613 |
+
public function show_notices()
|
614 |
+
{
|
615 |
+
|
616 |
+
if (isset(RSSSL()->really_simple_ssl->errors["DEACTIVATE_FILE_NOT_RENAMED"])) {
|
617 |
+
?>
|
618 |
+
<div id="message" class="error fade notice is-dismissible rlrsssl-fail">
|
619 |
+
<h1>
|
620 |
+
<?php _e("Major security issue!", "really-simple-ssl"); ?>
|
621 |
+
</h1>
|
622 |
+
<p>
|
623 |
+
<?php _e("The 'force-deactivate.php' file has to be renamed to .txt. Otherwise your ssl can be deactived by anyone on the internet.", "really-simple-ssl"); ?>
|
624 |
+
</p>
|
625 |
+
<a href="options-general.php?page=rlrsssl_really_simple_ssl"><?php echo __("Check again", "really-simple-ssl"); ?></a>
|
626 |
+
</div>
|
627 |
+
<?php
|
628 |
+
}
|
629 |
+
|
630 |
+
/*
|
631 |
+
SSL success message
|
632 |
+
*/
|
633 |
+
|
634 |
+
if ($this->selected_networkwide_or_per_site && !get_site_option("rsssl_success_message_shown")) {
|
635 |
+
|
636 |
+
?>
|
637 |
+
<div id="message" class="updated fade notice is-dismissible rlrsssl-multisite-success">
|
638 |
+
<p>
|
639 |
+
<?php _e("SSL activated!", "really-simple-ssl"); ?>
|
640 |
+
<?php
|
641 |
+
if ($this->ssl_enabled_networkwide)
|
642 |
+
_e("SSL was activated on your entire network.", "really-simple-ssl");
|
643 |
+
else
|
644 |
+
_e("SSL was activated per site.", "really-simple-ssl");
|
645 |
+
?>
|
646 |
+
<?php _e("Don't forget to change your settings in Google Analytics and Webmaster tools.", "really-simple-ssl"); ?>
|
647 |
+
|
648 |
+
<a target="_blank"
|
649 |
+
href="https://really-simple-ssl.com/knowledge-base/how-to-setup-google-analytics-and-google-search-consolewebmaster-tools/"><?php _e("More info.", "really-simple-ssl"); ?></a>
|
650 |
+
</p>
|
651 |
+
</div>
|
652 |
+
<?php
|
653 |
+
}
|
654 |
+
|
655 |
+
if (!$this->ssl_enabled_networkwide && $this->selected_networkwide_or_per_site && $this->is_multisite_subfolder_install()) {
|
656 |
+
//with no server variables, the website could get into a redirect loop.
|
657 |
+
if (RSSSL()->really_simple_ssl->no_server_variable) {
|
658 |
+
?>
|
659 |
+
<div id="message" class="error fade notice">
|
660 |
+
<p>
|
661 |
+
<?php _e('You run a Multisite installation with subfolders, which prevents this plugin from fixing your missing server variable in the wp-config.php.', 'really-simple-ssl'); ?>
|
662 |
+
<?php _e('Because the $_SERVER["HTTPS"] variable is not set, your website may experience redirect loops.', 'really-simple-ssl'); ?>
|
663 |
+
<?php _e('Activate networkwide to fix this.', 'really-simple-ssl'); ?>
|
664 |
+
</p>
|
665 |
+
</div>
|
666 |
+
<?php
|
667 |
+
}
|
668 |
+
}
|
669 |
+
|
670 |
+
if (!RSSSL()->really_simple_ssl->ssl_enabled && !$this->is_multisite_subfolder_install() && !RSSSL()->rsssl_certificate->is_wildcard() && !get_site_option("rsssl_wildcard_message_shown")) {
|
671 |
+
?>
|
672 |
+
<div id="message" class="error fade notice is-dismissible">
|
673 |
+
<p>
|
674 |
+
<?php _e("You run a Multisite installation with subdomains, but your site doesn't have a wildcard certificate.", 'really-simple-ssl'); ?>
|
675 |
+
<?php _e("This leads to issues when activating SSL networkwide since subdomains will be forced over SSL as well while they don't have a valid certificate.", 'really-simple-ssl'); ?>
|
676 |
+
<?php _e("Activate SSL per site or install a wildcard certificate to fix this.", 'really-simple-ssl'); ?>
|
677 |
+
</p>
|
678 |
+
</div>
|
679 |
+
<?php
|
680 |
+
}
|
681 |
+
|
682 |
+
}
|
683 |
+
|
684 |
+
|
685 |
+
/**
|
686 |
+
* Insert some ajax script to dismiss the SSL success message, and stop nagging about it
|
687 |
+
*
|
688 |
+
* @since 2.0
|
689 |
+
*
|
690 |
+
* @access public
|
691 |
+
*
|
692 |
+
*/
|
693 |
+
|
694 |
+
public function insert_dismiss_success()
|
695 |
+
{
|
696 |
+
if ($this->selected_networkwide_or_per_site && !get_site_option("rsssl_success_message_shown")) {
|
697 |
+
$ajax_nonce = wp_create_nonce("really-simple-ssl-dismiss");
|
698 |
+
?>
|
699 |
+
<script type='text/javascript'>
|
700 |
+
jQuery(document).ready(function ($) {
|
701 |
+
$(".rlrsssl-multisite-success.notice.is-dismissible").on("click", ".notice-dismiss", function (event) {
|
702 |
+
|
703 |
+
var data = {
|
704 |
+
'action': 'dismiss_success_message_multisite',
|
705 |
+
'security': '<?php echo $ajax_nonce; ?>'
|
706 |
+
};
|
707 |
+
|
708 |
+
$.post(ajaxurl, data, function (response) {
|
709 |
+
|
710 |
+
});
|
711 |
+
});
|
712 |
+
});
|
713 |
+
</script>
|
714 |
+
<?php
|
715 |
+
}
|
716 |
+
}
|
717 |
+
|
718 |
+
/**
|
719 |
+
* Process the ajax dismissal of the success message.
|
720 |
+
*
|
721 |
+
* @since 2.0
|
722 |
+
*
|
723 |
+
* @access public
|
724 |
+
*
|
725 |
+
*/
|
726 |
+
|
727 |
+
public function dismiss_success_message_callback()
|
728 |
+
{
|
729 |
//nonce check fails if url is changed to SSL.
|
730 |
//check_ajax_referer( 'really-simple-ssl-dismiss', 'security' );
|
731 |
+
update_site_option("rsssl_success_message_shown", true);
|
732 |
+
wp_die();
|
733 |
+
}
|
734 |
+
|
735 |
+
|
736 |
+
public function dismiss_pro_option_notice()
|
737 |
+
{
|
738 |
+
check_ajax_referer('rsssl-pro-dismiss-pro-option-notice', 'nonce');
|
739 |
+
update_option('rsssl_pro_pro_option_notice_dismissed', true);
|
740 |
+
wp_die();
|
741 |
+
}
|
742 |
+
|
743 |
+
public function dismiss_pro_option_script()
|
744 |
+
{
|
745 |
+
$ajax_nonce = wp_create_nonce("rsssl-pro-dismiss-pro-option-notice");
|
746 |
+
?>
|
747 |
+
<script type='text/javascript'>
|
748 |
+
jQuery(document).ready(function ($) {
|
749 |
+
|
750 |
+
$(".rsssl-pro-dismiss-notice.notice.is-dismissible").on("click", ".notice-dismiss", function (event) {
|
751 |
+
var data = {
|
752 |
+
'action': 'rsssl_pro_dismiss_pro_option_notice',
|
753 |
+
'nonce': '<?php echo $ajax_nonce; ?>'
|
754 |
+
};
|
755 |
+
|
756 |
+
$.post(ajaxurl, data, function (response) {
|
757 |
+
|
758 |
+
});
|
759 |
+
});
|
760 |
+
});
|
761 |
+
</script>
|
762 |
+
<?php
|
763 |
+
}
|
764 |
+
|
765 |
+
|
766 |
+
public function show_pro_option_notice()
|
767 |
+
{
|
768 |
+
if (!$this->is_settings_page()) return;
|
769 |
+
|
770 |
+
$dismissed = get_option('rsssl_pro_pro_option_notice_dismissed');
|
771 |
+
if (!$dismissed) {
|
772 |
+
|
773 |
+
if (defined('rsssl_pro_version')) {
|
774 |
+
if (!defined('rsssl_pro_ms_version')) {
|
775 |
+
add_action('admin_print_footer_scripts', array($this, 'dismiss_pro_option_script'));
|
776 |
+
?>
|
777 |
+
<div id="message" class="updated fade notice is-dismissible rsssl-pro-dismiss-notice">
|
778 |
+
<p>
|
779 |
+
<?php echo sprintf(__('You are running Really Simple SSL pro. A dedicated add-on for multisite has been released. If you want more options to have full control over your multisite network, you can ask for a discount code to %supgrade%s your license to a multisite license.', 'really-simple-ssl'), '<a href="https://really-simple-ssl.com/contact" title="Really Simple SSL">', '</a>') ?>
|
780 |
+
</p>
|
781 |
+
</p></div>
|
782 |
+
<?php
|
783 |
+
}
|
784 |
+
} else {
|
785 |
+
?>
|
786 |
+
<div id="message" class="updated fade notice is-dismissible rsssl-pro-dismiss-notice">
|
787 |
+
<p>
|
788 |
+
<?php echo sprintf(__('If you want more options to have full control over your multisite network, you can %supgrade%s your license to a multisite license, or dismiss this message', 'really-simple-ssl'), '<a href="https://really-simple-ssl.com/pro-multisite" title="Really Simple SSL">', '</a>') ?>
|
789 |
+
</p>
|
790 |
+
</p></div>
|
791 |
+
<?php
|
792 |
+
}
|
793 |
+
}
|
794 |
+
}
|
795 |
+
|
796 |
+
public function is_settings_page()
|
797 |
+
{
|
798 |
+
return (isset($_GET['page']) && $_GET['page'] == 'really-simple-ssl') ? true : false;
|
799 |
+
}
|
800 |
+
|
801 |
+
|
802 |
+
/**
|
803 |
+
* Create tabs on the settings page
|
804 |
+
*
|
805 |
+
* @since 1.0.0
|
806 |
+
*
|
807 |
+
* @access public
|
808 |
+
*
|
809 |
+
*/
|
810 |
+
|
811 |
+
public function admin_tabs($current = 'settings')
|
812 |
+
{
|
813 |
+
$tabs = array(
|
814 |
+
'settings' => __("Settings", "really-simple-ssl"),
|
815 |
+
);
|
816 |
+
|
817 |
+
$tabs = apply_filters("rsssl_network_tabs", $tabs);
|
818 |
+
|
819 |
+
if (count($tabs) > 1) {
|
820 |
+
echo '<h2 class="nav-tab-wrapper">';
|
821 |
+
|
822 |
+
foreach ($tabs as $tab => $name) {
|
823 |
+
$class = ($tab == $current) ? ' nav-tab-active' : '';
|
824 |
+
echo "<a class='nav-tab$class' href='?page=really-simple-ssl&tab=$tab'>$name</a>";
|
825 |
+
}
|
826 |
+
echo '</h2>';
|
827 |
+
}
|
828 |
+
}
|
829 |
+
|
830 |
+
} //class closure
|
831 |
}
|
css/main.css
CHANGED
@@ -4,34 +4,15 @@
|
|
4 |
padding: 1px 15px;
|
5 |
}
|
6 |
|
7 |
-
|
8 |
-
|
|
|
9 |
float:left;
|
10 |
-
} */
|
11 |
-
|
12 |
-
.rsssl-sidebar {
|
13 |
-
width:20%;
|
14 |
-
float:left;
|
15 |
-
}
|
16 |
-
|
17 |
-
.rsssl-sidebar h4 {
|
18 |
-
font-size:14px;
|
19 |
-
font-style:italic;
|
20 |
-
}
|
21 |
-
|
22 |
-
.rsssl-wrapper {
|
23 |
-
padding:30px;
|
24 |
-
}
|
25 |
-
|
26 |
-
@media screen and (max-width: 800px) {
|
27 |
-
.rsssl-sidebar, .rsssl-main {
|
28 |
-
width:100%;
|
29 |
-
}
|
30 |
}
|
31 |
|
32 |
.rsssl-sidebar img {
|
33 |
max-width:100%;
|
34 |
-
height:inherit
|
35 |
}
|
36 |
|
37 |
.activate-ssl ul, .rsssl-result ul, .rsssl_bullets {
|
@@ -263,3 +244,220 @@
|
|
263 |
margin-left: 0;
|
264 |
margin-bottom: -16px;
|
265 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
4 |
padding: 1px 15px;
|
5 |
}
|
6 |
|
7 |
+
.rsssl-main {
|
8 |
+
flex: 1;
|
9 |
+
width: 80%;
|
10 |
float:left;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
11 |
}
|
12 |
|
13 |
.rsssl-sidebar img {
|
14 |
max-width:100%;
|
15 |
+
/*height:inherit;*/
|
16 |
}
|
17 |
|
18 |
.activate-ssl ul, .rsssl-result ul, .rsssl_bullets {
|
244 |
margin-left: 0;
|
245 |
margin-bottom: -16px;
|
246 |
}
|
247 |
+
|
248 |
+
/* Styling for the sidebar in the admin tab of the free plugin */
|
249 |
+
|
250 |
+
.rsssl-really-simple-plugins-logo {
|
251 |
+
background-color: #DCDCDC;
|
252 |
+
margin-left: -15px;
|
253 |
+
margin-right: -15px;
|
254 |
+
}
|
255 |
+
|
256 |
+
.rsssl-sidebar {
|
257 |
+
width: 240px;
|
258 |
+
margin-top: 20px;
|
259 |
+
padding-left: 15px;
|
260 |
+
padding-right: 15px;
|
261 |
+
margin-right: 15px;
|
262 |
+
padding-bottom: 15px;
|
263 |
+
background-color: #ECECEC;
|
264 |
+
}
|
265 |
+
|
266 |
+
.rsssl-sidebar-single-content-container {
|
267 |
+
min-height: 125px;
|
268 |
+
padding-bottom: 35px;
|
269 |
+
margin-bottom: 10px;
|
270 |
+
background-color: #DCDCDC;
|
271 |
+
width: 100%;
|
272 |
+
border-radius: 3%;
|
273 |
+
}
|
274 |
+
|
275 |
+
.rsssl-sidebar-single-content-container-pro {
|
276 |
+
min-height: 125px;
|
277 |
+
padding-bottom: 35px;
|
278 |
+
margin-bottom: 10px;
|
279 |
+
background-color: #DCDCDC;
|
280 |
+
width: 100%;
|
281 |
+
border-radius: 3%;
|
282 |
+
}
|
283 |
+
|
284 |
+
.rsssl-sidebar-title h3 {
|
285 |
+
font-size: 0.9em;
|
286 |
+
}
|
287 |
+
|
288 |
+
.rsssl-sidebar-text-content-pro {
|
289 |
+
font-weight: 700;
|
290 |
+
font-size: 0.8em;
|
291 |
+
width: 90%;
|
292 |
+
/*min-height: 100px;*/
|
293 |
+
margin: auto;
|
294 |
+
}
|
295 |
+
|
296 |
+
.rsssl-sidebar-text-content {
|
297 |
+
width: 45%;
|
298 |
+
padding-top: 5px;
|
299 |
+
padding-right: 7px;
|
300 |
+
font-weight: 700;
|
301 |
+
font-size: 0.8em;
|
302 |
+
float: right;
|
303 |
+
margin: 10px auto;
|
304 |
+
}
|
305 |
+
|
306 |
+
.rsssl-pro-image {
|
307 |
+
height: 30px;
|
308 |
+
margin-top: 6px;
|
309 |
+
}
|
310 |
+
|
311 |
+
.rsssl-sidebar-image-pro {
|
312 |
+
width: 90%;
|
313 |
+
margin: 10px;
|
314 |
+
}
|
315 |
+
|
316 |
+
.rsssl-sidebar-image {
|
317 |
+
width: 100px;
|
318 |
+
float: left;
|
319 |
+
padding: 10px;
|
320 |
+
height: 100px;
|
321 |
+
}
|
322 |
+
|
323 |
+
@media screen and (max-width: 1024px) and (min-width: 541px) {
|
324 |
+
/* Let the main container be 100% width again */
|
325 |
+
.rsssl-main {
|
326 |
+
width: 100%;
|
327 |
+
}
|
328 |
+
|
329 |
+
.rsssl-sidebar-title {
|
330 |
+
/*margin: auto;*/
|
331 |
+
text-align: center;
|
332 |
+
}
|
333 |
+
|
334 |
+
.rsssl-container {
|
335 |
+
flex-direction: column;
|
336 |
+
}
|
337 |
+
.rsssl-sidebar {
|
338 |
+
width: 100%;
|
339 |
+
/*padding-left: 10%;*/
|
340 |
+
}
|
341 |
+
.rsssl-really-simple-plugins-logo {
|
342 |
+
width: 40%;
|
343 |
+
}
|
344 |
+
.rsssl-sidebar-single-content-container {
|
345 |
+
width: 40%;
|
346 |
+
padding-left: 25px;
|
347 |
+
float: left;
|
348 |
+
margin-right: 25px;
|
349 |
+
}
|
350 |
+
|
351 |
+
.rsssl-sidebar-single-content-container-pro {
|
352 |
+
width: 40%;
|
353 |
+
padding-left: 25px;
|
354 |
+
margin: auto auto 25px;
|
355 |
+
}
|
356 |
+
|
357 |
+
.rsssl-sidebar-um-text-content {
|
358 |
+
width: 40%;
|
359 |
+
}
|
360 |
+
.rsssl-pro-image {
|
361 |
+
display: none;
|
362 |
+
}
|
363 |
+
}
|
364 |
+
|
365 |
+
@media screen and (max-width: 540px) {
|
366 |
+
.rsssl-main {
|
367 |
+
width: 100%;
|
368 |
+
}
|
369 |
+
.rsssl-container {
|
370 |
+
flex-direction: column;
|
371 |
+
}
|
372 |
+
.rsssl-sidebar {
|
373 |
+
display: grid;
|
374 |
+
text-align: -webkit-center;
|
375 |
+
width: 70%;
|
376 |
+
}
|
377 |
+
.rsssl-sidebar-um-text-content {
|
378 |
+
width: 45%;
|
379 |
+
}
|
380 |
+
.rsssl-sidebar-single-content-container-pro {
|
381 |
+
padding-bottom: 10px;
|
382 |
+
}
|
383 |
+
.rsssl-sidebar-single-content-container {
|
384 |
+
padding-bottom: 10px;
|
385 |
+
}
|
386 |
+
}
|
387 |
+
|
388 |
+
.rsssl-sidebar h4 {
|
389 |
+
font-size:14px;
|
390 |
+
font-style:italic;
|
391 |
+
}
|
392 |
+
|
393 |
+
.rsssl-wrapper {
|
394 |
+
padding: 30px;
|
395 |
+
}
|
396 |
+
|
397 |
+
.rsssl-sidebar-list {
|
398 |
+
font-size: 0.9em;
|
399 |
+
}
|
400 |
+
|
401 |
+
#rsssl-premium-button-pro {
|
402 |
+
display: inline-table;
|
403 |
+
width: 40%;
|
404 |
+
text-align: center;
|
405 |
+
float: right;
|
406 |
+
font-size: inherit;
|
407 |
+
height: 25px;
|
408 |
+
-webkit-border-radius: 12px;
|
409 |
+
-moz-border-radius: 12px;
|
410 |
+
border-radius: 12px;
|
411 |
+
background-color: #7BD561;
|
412 |
+
color: white;
|
413 |
+
margin-right: 5px;
|
414 |
+
}
|
415 |
+
|
416 |
+
.rsssl-sidebar-content {
|
417 |
+
float: left;
|
418 |
+
padding-bottom: 10px;
|
419 |
+
}
|
420 |
+
|
421 |
+
hr {
|
422 |
+
display: block;
|
423 |
+
height: 1px;
|
424 |
+
border: 0;
|
425 |
+
border-top: 1px solid #ccc;
|
426 |
+
margin: 1em 0;
|
427 |
+
padding: 0;
|
428 |
+
}
|
429 |
+
|
430 |
+
.rsssl-container {
|
431 |
+
display: flex;
|
432 |
+
}
|
433 |
+
|
434 |
+
#rsssl-premium-button {
|
435 |
+
display: inline-table;
|
436 |
+
width: 40%;
|
437 |
+
text-align: center;
|
438 |
+
float: right;
|
439 |
+
font-size: inherit;
|
440 |
+
height: 25px;
|
441 |
+
-webkit-border-radius: 12px;
|
442 |
+
-moz-border-radius: 12px;
|
443 |
+
border-radius: 12px;
|
444 |
+
background-color: #017FAF;
|
445 |
+
color: white;
|
446 |
+
margin-right: 5px;
|
447 |
+
}
|
448 |
+
|
449 |
+
.rsssl-more-info-button {
|
450 |
+
clear: both;
|
451 |
+
}
|
452 |
+
|
453 |
+
#TB_ajaxContent {
|
454 |
+
text-align: center !important;
|
455 |
+
}
|
456 |
+
|
457 |
+
#TB_window {
|
458 |
+
height: 370px !important;
|
459 |
+
}
|
460 |
+
|
461 |
+
.rsssl-button-deactivate-keep-ssl {
|
462 |
+
margin-right: 15px;
|
463 |
+
}
|
readme.txt
CHANGED
@@ -4,8 +4,9 @@ Donate link: https://www.paypal.me/reallysimplessl
|
|
4 |
Tags: SSL, https, force SSL, mixed content, insecure content, secure website, website security, TLS, security, secure socket layers, HSTS
|
5 |
Requires at least: 4.2
|
6 |
License: GPL2
|
7 |
-
Tested up to: 4.9
|
8 |
-
|
|
|
9 |
|
10 |
No setup required! You only need an SSL certificate, and this plugin will do the rest.
|
11 |
|
@@ -78,6 +79,18 @@ If you are experiencing redirect loops on your site, try these [instructions](ht
|
|
78 |
Yes. There is a dedicated network settings page where you can switch between network activated SSL and per page SSL. In the dedicated pro for multisite plugin, you can override all site settings for SSL on the network level, and can activate and deactivate SSL in the network menu for each site.
|
79 |
|
80 |
== Changelog ==
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
81 |
= 2.5.26 =
|
82 |
* Fix: multisite menu not showing when main site is not SSL.
|
83 |
* Fix: the admin_url and site_url filter get an empty blog_id when checking the URL for the current blog.
|
@@ -455,7 +468,8 @@ Always back up before any upgrade. Especially .htaccess, wp-config.php and the p
|
|
455 |
|
456 |
== Screenshots ==
|
457 |
1. After activation, if SSL was detected, you can enable SSL.
|
458 |
-
2. View your configuration on the settings page
|
|
|
459 |
|
460 |
== Frequently asked questions ==
|
461 |
* Really Simple SSL maintains an extensive knowledge-base at https://www.really-simple-ssl.com.
|
4 |
Tags: SSL, https, force SSL, mixed content, insecure content, secure website, website security, TLS, security, secure socket layers, HSTS
|
5 |
Requires at least: 4.2
|
6 |
License: GPL2
|
7 |
+
Tested up to: 4.9.5
|
8 |
+
Requires PHP: 5.4
|
9 |
+
Stable tag: 3.0.1
|
10 |
|
11 |
No setup required! You only need an SSL certificate, and this plugin will do the rest.
|
12 |
|
79 |
Yes. There is a dedicated network settings page where you can switch between network activated SSL and per page SSL. In the dedicated pro for multisite plugin, you can override all site settings for SSL on the network level, and can activate and deactivate SSL in the network menu for each site.
|
80 |
|
81 |
== Changelog ==
|
82 |
+
= 3.0.1 =
|
83 |
+
* Tweak: Add privacy notice
|
84 |
+
* Tweak: Set javascript redirect to false by default
|
85 |
+
* Fix: Hide SSL notice on multisite for all subsites, and show only for "activate_plugins" cap users
|
86 |
+
|
87 |
+
= 3.0 =
|
88 |
+
* Added a built-in certificate check in the class-certificate.php file that checks if the domain is present in the common names and/or the alternative names section.
|
89 |
+
* The .htaccess redirect now uses $1 instead of {REQUEST_URI}.
|
90 |
+
* Added an option to deactivate the plugin while keeping SSL in the SSL settings.
|
91 |
+
* Added a filter for the Javascript redirect.
|
92 |
+
* Added a sidebar with recommended plugins.
|
93 |
+
|
94 |
= 2.5.26 =
|
95 |
* Fix: multisite menu not showing when main site is not SSL.
|
96 |
* Fix: the admin_url and site_url filter get an empty blog_id when checking the URL for the current blog.
|
468 |
|
469 |
== Screenshots ==
|
470 |
1. After activation, if SSL was detected, you can enable SSL.
|
471 |
+
2. View your configuration on the settings page.
|
472 |
+
3. Mixed content scan.
|
473 |
|
474 |
== Frequently asked questions ==
|
475 |
* Really Simple SSL maintains an extensive knowledge-base at https://www.really-simple-ssl.com.
|
rlrsssl-really-simple-ssl.php
CHANGED
@@ -3,7 +3,7 @@
|
|
3 |
* Plugin Name: Really Simple SSL
|
4 |
* Plugin URI: https://www.really-simple-ssl.com
|
5 |
* Description: Lightweight plugin without any setup to make your site SSL proof
|
6 |
-
* Version:
|
7 |
* Text Domain: really-simple-ssl
|
8 |
* Domain Path: /languages
|
9 |
* Author: Rogier Lankhorst
|
@@ -39,6 +39,7 @@
|
|
39 |
public $rsssl_server;
|
40 |
public $really_simple_ssl;
|
41 |
public $rsssl_help;
|
|
|
42 |
|
43 |
private function __construct() {}
|
44 |
|
@@ -65,6 +66,7 @@
|
|
65 |
self::$instance->rsssl_server = new rsssl_server();
|
66 |
self::$instance->really_simple_ssl = new rsssl_admin();
|
67 |
self::$instance->rsssl_help = new rsssl_help();
|
|
|
68 |
|
69 |
// Backwards compatibility for add-ons
|
70 |
global $rsssl_cache, $rsssl_server, $really_simple_ssl, $rsssl_help;
|
@@ -101,6 +103,7 @@
|
|
101 |
require_once( rsssl_path . 'class-cache.php' );
|
102 |
require_once( rsssl_path . 'class-server.php' );
|
103 |
require_once( rsssl_path . 'class-help.php' );
|
|
|
104 |
|
105 |
if ( is_multisite() ) {
|
106 |
require_once( rsssl_path . 'class-multisite.php' );
|
3 |
* Plugin Name: Really Simple SSL
|
4 |
* Plugin URI: https://www.really-simple-ssl.com
|
5 |
* Description: Lightweight plugin without any setup to make your site SSL proof
|
6 |
+
* Version: 3.0.1
|
7 |
* Text Domain: really-simple-ssl
|
8 |
* Domain Path: /languages
|
9 |
* Author: Rogier Lankhorst
|
39 |
public $rsssl_server;
|
40 |
public $really_simple_ssl;
|
41 |
public $rsssl_help;
|
42 |
+
public $rsssl_certificate;
|
43 |
|
44 |
private function __construct() {}
|
45 |
|
66 |
self::$instance->rsssl_server = new rsssl_server();
|
67 |
self::$instance->really_simple_ssl = new rsssl_admin();
|
68 |
self::$instance->rsssl_help = new rsssl_help();
|
69 |
+
self::$instance->rsssl_certificate = new rsssl_certificate();
|
70 |
|
71 |
// Backwards compatibility for add-ons
|
72 |
global $rsssl_cache, $rsssl_server, $really_simple_ssl, $rsssl_help;
|
103 |
require_once( rsssl_path . 'class-cache.php' );
|
104 |
require_once( rsssl_path . 'class-server.php' );
|
105 |
require_once( rsssl_path . 'class-help.php' );
|
106 |
+
require_once( rsssl_path . 'class-certificate.php' );
|
107 |
|
108 |
if ( is_multisite() ) {
|
109 |
require_once( rsssl_path . 'class-multisite.php' );
|