Really Simple SSL - Version 4.0.1

Version Description

Fix: fixed a bug where switching between the WP/.htaccess redirect caused a percentage switch
No SSL detected notice is cached after enabling SSL. props @memery2020
Fix: deactivating before SSL was activated on a site which was already SSL would revert to http.

Release Info

Developer	RogierLankhorst
Plugin	Really Simple SSL
Version	4.0.1
Comparing to
See all releases

Code changes from version 4.0.0 to 4.0.1

Files changed (5) hide show

class-admin.php +61 -63
class-multisite.php +3 -2
class-site-health.php +3 -3
readme.txt +8 -4
rlrsssl-really-simple-ssl.php +4 -4

class-admin.php CHANGED Viewed

	@@ -71,7 +71,6 @@ class rsssl_admin extends rsssl_front_end
71	if ($this->ssl_enabled) {
72	add_action('admin_footer', array($this, 'deactivate_popup'), 40);
73	}
74	-
75	}
76
77	static function this()
	@@ -401,14 +400,20 @@ class rsssl_admin extends rsssl_front_end
401
402	public function deactivate_ssl()
403	{
404	- ~~$this->ssl_enabled~~ = ~~false;~~
405	- $this->~~wp_redirect~~ ~~= false;~~
406	- $this->~~htaccess_redirect~~ = false;
407	-
408	- $this->~~remove_ssl_from_siteurl()~~;
409	- $this->~~save_options~~();


410	}
411




412	public function redirect_to_settings_page() {
413	if (isset($_GET['page']) && $_GET['page'] == 'rlrsssl_really_simple_ssl') return;
414	$url = add_query_arg( array(
	@@ -1347,36 +1352,38 @@ class rsssl_admin extends rsssl_front_end
1347
1348	public function deactivate($networkwide)
1349	{
1350	- $this->~~remove_ssl_from_siteurl(~~);
1351	- $this->~~remove_ssl_from_siteurl_in_wpconfig~~();
1352	-
1353	- ~~$this->site_has_ssl = FALSE;~~
1354	- $this->~~hsts~~ = FALSE;
1355	- $this->~~htaccess_warning_shown~~ = FALSE;
1356	- $this->~~review_notice_shown~~ = FALSE;
1357	- $this->~~ssl_success_message_shown~~ = FALSE;
1358	- $this->~~autoreplace_insecure_links~~ = ~~TRUE~~;
1359	- $this->~~do_not_edit_htaccess~~ = ~~FALSE~~;
1360	- $this->~~htaccess_redirect~~ = FALSE;
1361	- $this->~~javascript_redirect~~ = FALSE;
1362	- $this->~~wp_redirect~~ = FALSE;
1363	- $this->~~ssl_enabled~~ = FALSE;
1364	- $this->~~switch_mixed_content_fixer_hook~~ = FALSE;
1365	- $this->~~dismiss_all_notices~~ = FALSE;
1366	- $this->~~dismiss_review_notice~~ = FALSE;
1367	-
1368	-
1369	- ~~$this->save_options();~~
1370	-
1371	- ~~//when on multisite, per site activation, recreate domain list for htaccess and wpconfig rewrite actions~~
1372	- if ~~(is_multisite())~~ {
1373	- ~~RSSSL~~(~~)->rsssl_multisite->deactivate~~();
1374	- ~~if (!~~RSSSL()->rsssl_multisite->~~ssl_enabled_networkwide) $this->build_domain_list~~();
1375	- }
1376	- ~~do_action("rsssl_deactivate");~~

1377
1378	- $this->remove_wpconfig_edit();
1379	- $this->removeHtaccessEdit();

1380	}
1381
1382
	@@ -2622,6 +2629,11 @@ class rsssl_admin extends rsssl_front_end
2622	$args = wp_parse_args($args, $defaults);
2623
2624	$cache_admin_notices = !$this->is_settings_page() && $args['admin_notices'];





2625	if ( $cache_admin_notices) {
2626	$cached_notices = get_transient('rsssl_admin_notices');
2627	if ( $cached_notices ) return $cached_notices;
	@@ -2659,7 +2671,6 @@ class rsssl_admin extends rsssl_front_end
2659	'icon' => 'warning',
2660	'admin_notice' =>true,
2661	'plusone' => true,
2662	-
2663	),
2664	),
2665	),
	@@ -2789,15 +2800,15 @@ class rsssl_admin extends rsssl_front_end
2789	),
2790
2791	'wordpress_redirect' => array(
2792	- 'condition' => array('~~rsssl_wp_redirect_condition~~'),
2793	- 'callback' => '~~rsssl_wordpress_redirect~~',
2794	'score' => 10,
2795	'output' => array(
2796	- '~~301-wp-redirect~~' => array(
2797	- 'msg' => __('301 redirect to https set~~: WordPress redirect~~.', 'really-simple-ssl'),
2798	'icon' => 'success'
2799	),
2800	- '~~no-redirect~~' => array(
2801	'msg' => __('No 301 redirect is set. Enable the WordPress 301 redirect in the settings to get a 301 permanent redirect.', 'really-simple-ssl'),
2802	'icon' => 'open'
2803	),
	@@ -3431,7 +3442,7 @@ class rsssl_admin extends rsssl_front_end
3431	$footer = $this->get_template_part($grid_item, 'footer', $index);
3432	$content = $this->get_template_part($grid_item, 'content', $index);
3433	$header = $this->get_template_part($grid_item, 'header', $index);
3434	- $instructions = $grid_item['instructions'] ? '<a href="'.esc_url($grid_item['instructions']).'" target="_blank">'.__("Instructions manual").'</a>' : '';
3435	// Add form if type is settings
3436	$block = str_replace(array('{class}', '{title}', '{header}', '{content}', '{footer}', '{instructions}'), array($grid_item['class'], $grid_item['title'], $header, $content, $footer, $instructions), $element);
3437	$output .= $block;
	@@ -3894,6 +3905,9 @@ class rsssl_admin extends rsssl_front_end
3894
3895	public function deactivate_popup()
3896	{



3897
3898	?>
3899	<?php add_thickbox();?>
	@@ -4329,6 +4343,10 @@ if (!function_exists('rsssl_ssl_enabled')) {
4329	if (!function_exists('rsssl_ssl_detected')) {
4330	function rsssl_ssl_detected() {
4331




4332	if ( ! RSSSL()->really_simple_ssl->wpconfig_ok() ) {
4333	return apply_filters('rsssl_ssl_detected', 'fail');
4334	}
	@@ -4408,23 +4426,3 @@ if (!function_exists('rsssl_ssl_activation_time_no_longer_then_3_days_ago')) {
4408	}
4409	}
4410	}
4411	-
4412	- if (!function_exists('rsssl_wp_redirect_condition')) {
4413	- function rsssl_wp_redirect_condition() {
4414	- if ( RSSSL()->really_simple_ssl->has_301_redirect() && RSSSL()->really_simple_ssl->wp_redirect && ! RSSSL()->really_simple_ssl->htaccess_redirect ) {
4415	- return true;
4416	- } else {
4417	- return false;
4418	- }
4419	- }
4420	- }
4421	-
4422	- if (!function_exists('rsssl_wordpress_redirect')) {
4423	- function rsssl_wordpress_redirect() {
4424	- if ( RSSSL()->really_simple_ssl->has_301_redirect() && RSSSL()->really_simple_ssl->wp_redirect ) {
4425	- return '301-wp-redirect';
4426	- } else {
4427	- return 'no-redirect';
4428	- }
4429	- }
4430	- }


71	if ($this->ssl_enabled) {
72	add_action('admin_footer', array($this, 'deactivate_popup'), 40);
73	}

74	}
75
76	static function this()

400
401	public function deactivate_ssl()
402	{
403	+ //only revert if SSL was enabled first.
404	+ if ($this->ssl_enabled) {
405	+ $this->ssl_enabled = false;
406	+ $this->wp_redirect = false;
407	+ $this->htaccess_redirect = false;
408	+ $this->remove_ssl_from_siteurl();
409	+ $this->save_options();
410	+ }
411	}
412
413	+ /**
414	+ * redirect to settings page
415	+ */
416	+
417	public function redirect_to_settings_page() {
418	if (isset($_GET['page']) && $_GET['page'] == 'rlrsssl_really_simple_ssl') return;
419	$url = add_query_arg( array(

1352
1353	public function deactivate($networkwide)
1354	{
1355	+ if ( $this->ssl_enabled ) {
1356	+ $this->remove_ssl_from_siteurl();
1357	+ $this->remove_ssl_from_siteurl_in_wpconfig();
1358	+
1359	+ $this->site_has_ssl = FALSE;
1360	+ $this->hsts = FALSE;
1361	+ $this->htaccess_warning_shown = FALSE;
1362	+ $this->review_notice_shown = FALSE;
1363	+ $this->ssl_success_message_shown = FALSE;
1364	+ $this->autoreplace_insecure_links = TRUE;
1365	+ $this->do_not_edit_htaccess = FALSE;
1366	+ $this->htaccess_redirect = FALSE;
1367	+ $this->javascript_redirect = FALSE;
1368	+ $this->wp_redirect = FALSE;
1369	+ $this->ssl_enabled = FALSE;
1370	+ $this->switch_mixed_content_fixer_hook = FALSE;
1371	+ $this->dismiss_all_notices = FALSE;
1372	+ $this->dismiss_review_notice = FALSE;
1373	+
1374	+
1375	+ $this->save_options();
1376	+
1377	+ //when on multisite, per site activation, recreate domain list for htaccess and wpconfig rewrite actions
1378	+ if (is_multisite()) {
1379	+ RSSSL()->rsssl_multisite->deactivate();
1380	+ if (!RSSSL()->rsssl_multisite->ssl_enabled_networkwide) $this->build_domain_list();
1381	+ }
1382	+ do_action("rsssl_deactivate");
1383
1384	+ $this->remove_wpconfig_edit();
1385	+ $this->removeHtaccessEdit();
1386	+ }
1387	}
1388
1389

2629	$args = wp_parse_args($args, $defaults);
2630
2631	$cache_admin_notices = !$this->is_settings_page() && $args['admin_notices'];
2632	+
2633	+ //if we're on the settings page, we need to clear the admin notices transient, because this list never gets requested on the settings page, and won'd get cleared otherwise
2634	+ if ($this->is_settings_page()) {
2635	+ delete_transient('rsssl_admin_notices');
2636	+ }
2637	if ( $cache_admin_notices) {
2638	$cached_notices = get_transient('rsssl_admin_notices');
2639	if ( $cached_notices ) return $cached_notices;

2671	'icon' => 'warning',
2672	'admin_notice' =>true,
2673	'plusone' => true,

2674	),
2675	),
2676	),

2800	),
2801
2802	'wordpress_redirect' => array(
2803	+ 'condition' => array('rsssl_ssl_enabled'),
2804	+ 'callback' => 'RSSSL()->really_simple_ssl->has_301_redirect',
2805	'score' => 10,
2806	'output' => array(
2807	+ 'true' => array(
2808	+ 'msg' => __('301 redirect to https set.', 'really-simple-ssl'),
2809	'icon' => 'success'
2810	),
2811	+ 'false' => array(
2812	'msg' => __('No 301 redirect is set. Enable the WordPress 301 redirect in the settings to get a 301 permanent redirect.', 'really-simple-ssl'),
2813	'icon' => 'open'
2814	),

3442	$footer = $this->get_template_part($grid_item, 'footer', $index);
3443	$content = $this->get_template_part($grid_item, 'content', $index);
3444	$header = $this->get_template_part($grid_item, 'header', $index);
3445	+ $instructions = $grid_item['instructions'] ? '<a href="'.esc_url($grid_item['instructions']).'" target="_blank">'.__("Instructions manual", "really-simple-ssl").'</a>' : '';
3446	// Add form if type is settings
3447	$block = str_replace(array('{class}', '{title}', '{header}', '{content}', '{footer}', '{instructions}'), array($grid_item['class'], $grid_item['title'], $header, $content, $footer, $instructions), $element);
3448	$output .= $block;

3905
3906	public function deactivate_popup()
3907	{
3908	+ //only on plugins page
3909	+ $screen = get_current_screen();
3910	+ if (!$screen \|\| $screen->base !=='plugins' ) return;
3911
3912	?>
3913	<?php add_thickbox();?>

4343	if (!function_exists('rsssl_ssl_detected')) {
4344	function rsssl_ssl_detected() {
4345
4346	+ if ( RSSSL()->really_simple_ssl->ssl_enabled ) {
4347	+ return apply_filters('rsssl_ssl_detected', 'ssl-detected');
4348	+ }
4349	+
4350	if ( ! RSSSL()->really_simple_ssl->wpconfig_ok() ) {
4351	return apply_filters('rsssl_ssl_detected', 'fail');
4352	}

4426	}
4427	}
4428	}

class-multisite.php CHANGED Viewed

	@@ -232,7 +232,7 @@ if (!class_exists('rsssl_multisite')) {
232	array_unshift($links, $support);
233
234	if ( ! defined( 'rsssl_pro_version' ) ) {
235	- $upgrade_link = '<a style="color:#f8be2e;font-weight:bold" target="_blank" href="https://really-simple-ssl.com/pro/#multisite">'
236	. __( 'Upgrade to premium', 'really-simple-ssl' ) . '</a>';
237	array_unshift( $links, $upgrade_link );
238	}
	@@ -636,6 +636,8 @@ if (!class_exists('rsssl_multisite')) {
636
637	public function save_options()
638	{


639	$options = get_site_option("rlrsssl_network_options");
640	if (!is_array($options)) $options = array();
641
	@@ -781,7 +783,6 @@ if (!class_exists('rsssl_multisite')) {
781
782	/**
783	The new get_sites function returns an object.
784	-
785	*/
786
787	public function switch_to_blog_bw_compatible($site)


232	array_unshift($links, $support);
233
234	if ( ! defined( 'rsssl_pro_version' ) ) {
235	+ $upgrade_link = '<a style="color:#f8be2e;font-weight:bold" target="_blank" href="https://really-simple-ssl.com/pro#multisite">'
236	. __( 'Upgrade to premium', 'really-simple-ssl' ) . '</a>';
237	array_unshift( $links, $upgrade_link );
238	}

636
637	public function save_options()
638	{
639	+ if ( ! current_user_can( 'manage_options' ) ) return;
640	+
641	$options = get_site_option("rlrsssl_network_options");
642	if (!is_array($options)) $options = array();
643

783
784	/**
785	The new get_sites function returns an object.

786	*/
787
788	public function switch_to_blog_bw_compatible($site)

class-site-health.php CHANGED Viewed

	@@ -65,7 +65,7 @@ if (!class_exists("rsssl_site_health")) {
65	} else {
66	if (!RSSSL()->really_simple_ssl->has_301_redirect()) {
67	$result['status'] = 'recommended';
68	- $result['label'] = __( 'No 301 redirect to SSL ~~not~~ enabled.' , 'really-simple-ssl' );
69	$result['description'] = sprintf(
70	'<p>%s</p>',
71	__( 'To ensure all traffic passes through SSL, please enable a 301 redirect.', 'really-simple-ssl' )
	@@ -112,8 +112,8 @@ if (!class_exists("rsssl_site_health")) {
112	);
113	$result['actions'] .= sprintf(
114	'<p><a href="%s" target="_blank">%s</a></p>',
115	- 'https://really-simple-ssl.com/~~everything~~-~~you~~-~~need~~-~~to-know-about-~~security-headers/',
116	- __( '~~Lear~~ more about security headers', 'really-simple-ssl' )
117	);
118	}
119	}


65	} else {
66	if (!RSSSL()->really_simple_ssl->has_301_redirect()) {
67	$result['status'] = 'recommended';
68	+ $result['label'] = __( 'No 301 redirect to SSL enabled.' , 'really-simple-ssl' );
69	$result['description'] = sprintf(
70	'<p>%s</p>',
71	__( 'To ensure all traffic passes through SSL, please enable a 301 redirect.', 'really-simple-ssl' )

112	);
113	$result['actions'] .= sprintf(
114	'<p><a href="%s" target="_blank">%s</a></p>',
115	+ 'https://really-simple-ssl.com/site-health-recommended-security-headers/',
116	+ __( 'Learn more about security headers', 'really-simple-ssl' )
117	);
118	}
119	}

readme.txt CHANGED Viewed

	@@ -6,7 +6,7 @@ Requires at least: 4.6
6	License: GPL2
7	Tested up to: 5.6
8	Requires PHP: 5.4
9	- Stable tag: 4.0.0
10
11	No setup required! You only need an SSL certificate, and this plugin will do the rest.
12
	@@ -82,6 +82,11 @@ If you are experiencing redirect loops on your site, try these [instructions](ht
82	Yes. There is a dedicated network settings page where you can switch between network activated SSL and per page SSL. In the dedicated pro for multisite plugin, you can override all site settings for SSL on the network level, and can activate and deactivate SSL in the network menu for each site.
83
84	== Changelog ==





85	= 4.0.0 =
86	* New user interface
87	* Fix: transient stored with 'WEEK_IN_SECONDS' as string instead of constant
	@@ -599,6 +604,5 @@ On settings page load, the .htaccess file is no rewritten. If you have made .hta
599	Always back up before any upgrade. Especially .htaccess, wp-config.php and the plugin folder. This way you can easily roll back.
600
601	== Screenshots ==
602	- 1. ~~After~~ ~~activation,~~ if ~~SSL~~ ~~was~~ ~~detected,~~ ~~you~~ ~~can~~ ~~enable SSL.~~
603	- 2. ~~View~~ ~~your~~ ~~configuration~~ on ~~the~~ ~~settings~~ ~~page~~.
604	- 3. Mixed content scan.


6	License: GPL2
7	Tested up to: 5.6
8	Requires PHP: 5.4
9	+ Stable tag: 4.0.1
10
11	No setup required! You only need an SSL certificate, and this plugin will do the rest.
12

82	Yes. There is a dedicated network settings page where you can switch between network activated SSL and per page SSL. In the dedicated pro for multisite plugin, you can override all site settings for SSL on the network level, and can activate and deactivate SSL in the network menu for each site.
83
84	== Changelog ==
85	+ = 4.0.1 =
86	+ * Fix: fixed a bug where switching between the WP/.htaccess redirect caused a percentage switch
87	+ * No SSL detected notice is cached after enabling SSL. props @memery2020
88	+ * Fix: deactivating before SSL was activated on a site which was already SSL would revert to http.
89	+
90	= 4.0.0 =
91	* New user interface
92	* Fix: transient stored with 'WEEK_IN_SECONDS' as string instead of constant

604	Always back up before any upgrade. Especially .htaccess, wp-config.php and the plugin folder. This way you can easily roll back.
605
606	== Screenshots ==
607	+ 1. Easily migrate your website to SSL with one click
608	+ 2. Improve security with Really Simple SSL. Fully guided and documented.

rlrsssl-really-simple-ssl.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Plugin Name: Really Simple SSL
4	* Plugin URI: https://really-simple-ssl.com
5	* Description: Lightweight plugin without any setup to make your site SSL proof
6	- * Version: 4.0.0
7	* Author: Really Simple Plugins
8	* Author URI: https://really-simple-plugins.com
9	* License: GPL2
	@@ -96,9 +96,9 @@ class REALLY_SIMPLE_SSL
96	define('rsssl_template_path', trailingslashit(plugin_dir_path(__FILE__)).'grid/templates/');
97	define('rsssl_plugin', plugin_basename(__FILE__));
98	require_once(ABSPATH . 'wp-admin/includes/plugin.php');
99	- $debug = ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) ? time() : '';
100	$plugin_data = get_plugin_data(__FILE__);
101	- ~~define~~('~~rsssl_version~~', ~~$plugin_data['Version']~~ . ~~$debug~~);

102	}
103
104	private function includes()
	@@ -156,7 +156,7 @@ class REALLY_SIMPLE_SSL
156	?>
157	<div id="message" class="error notice really-simple-plugins">
158	<h1><?php echo __("Plugin dependency error","really-simple-ssl-pro");?></h1>
159	- <p><?php echo __("You have a premium add with a version that is not compatible with the >4.0 release of Really Simple SSL.","really-simple-ssl");?></p>
160	<p><?php echo __("Please upgrade to the latest version to be able use the full functionality of the plugin.","really-simple-ssl");?></p>
161	</div>
162	<?php


3	* Plugin Name: Really Simple SSL
4	* Plugin URI: https://really-simple-ssl.com
5	* Description: Lightweight plugin without any setup to make your site SSL proof
6	+ * Version: 4.0.1
7	* Author: Really Simple Plugins
8	* Author URI: https://really-simple-plugins.com
9	* License: GPL2

96	define('rsssl_template_path', trailingslashit(plugin_dir_path(__FILE__)).'grid/templates/');
97	define('rsssl_plugin', plugin_basename(__FILE__));
98	require_once(ABSPATH . 'wp-admin/includes/plugin.php');

99	$plugin_data = get_plugin_data(__FILE__);
100	+ $debug = defined('RSSSL_DEBUG') && RSSSL_DEBUG ? time() : '';
101	+ define('rsssl_version', $plugin_data['Version'].$debug);
102	}
103
104	private function includes()

156	?>
157	<div id="message" class="error notice really-simple-plugins">
158	<h1><?php echo __("Plugin dependency error","really-simple-ssl-pro");?></h1>
159	+ <p><?php echo __("You have a premium add-on with a version that is not compatible with the >4.0 release of Really Simple SSL.","really-simple-ssl");?></p>
160	<p><?php echo __("Please upgrade to the latest version to be able use the full functionality of the plugin.","really-simple-ssl");?></p>
161	</div>
162	<?php